ビデオヘルプ

block the usb

作成: 27 Dec 2013 • 更新: 11 Jun 2014 | コメント数: 4
この問題は解決されました。 ソリューションを参照してください。

What is the step to create a policy to block the usb from DLP and how it can generate the incidents?

タグでディスカッションを検索:

コメント コメント数: 4最新のコメントを表示

Brɨan の写真

I believe you can use SEP for this, not DLP

How to block USB Devices, Excluding the Mouse and Keyboard, in the SEP Manager

http://www.symantec.com/docs/TECH161779

You want to block USB Storage Devices using an Application policy

http://www.symantec.com/docs/TECH92447

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

rs_cert の写真

Yes i have already blocked with SEPM but i have heard from one of my engineer that we can able to create a policy which can block the usb and when anyone can tried to connect the usb, it's create the incident report.

pete_4u2002 の写真

for incident to be created the policy needs to be violated and DLP will monitor the content.

Lion Shaikh の写真

Hi,

Configuring the Endpoint Prevent: Block action
The Endpoint Prevent: Block response rule action blocks the movement of confidential data on the endpoint computer and optionally displays an on-screen notification to the endpoint user.

This response rule action is specific to Endpoint Prevent incidents. This response rule is not applicable to two-tiered detection methods requiring a Data Profile.

If you combine multiple endpoint response rules in a single policy, make sure that you understand the order of precedence for such rules.

Note:

 The block action is not triggered for a copy of sensitive data to a local drive.
 

To configure the Endpoint Prevent: Block response rule action

1] Configure a response rule at the Configure Response Rule screen.

You configure response rules at the Manage > Policies > Response Rules > Configure Response Rule screen.

2] Add the Endpoint Prevent: Block action type from the Actions list.

You must configure at least one action for the response rule to be valid. You can configure multiple response rule actions. Each action is evaluated independently.

To define a response rule action

Configure a response rule at the Configure Response Rule screen.

Choose an action type from the Actions list and click Add Action.
For example, add the All: Add Note action to the response rule. This action lets the remediator annotate the incident.

Configure the action type by specifying the expected parameters for the chosen action type.

Repeat these steps for each action you want to add.

ソリューション