McAfee Data Loss Prevention 9.2.2 Product Guide

Integrating McAfee DLP EndpointControlling devices 56 From the Endpoint menu, select Apply Tag Label, click ?, and select the appropriate tag from the pop‐up.7 Click Apply.8 From the Endpoint menu, select Tags ‐ Location Path, click ?, and use Find to select the protected share.9 Click Apply, then Save.Controlling devicesMcAfee DLP Endpoint can control any number of devices attached to enterprise managed computersby using device rules to detect, then react to significant events on devices used at network endpoints.Devices attached to enterprise managed computers — such as smartphones, removable storagedevices, Bluetooth devices, MP3 players, or Plug and Play devices — can be monitored or blockedusing device rules, allowing you to control their use in the distribution of sensitive information. Forexample, a global company might use networked McAfee DLP Endpoint to protect sensitive data onUSB drives issued by branch offices in other countries — even if the user of that device is on the road.Device rules monitor and potentially block the system from loading physical devices such asremovable storage devices, Bluetooth, Wi‐Fi, and other Plug and Play devices. They consist of one ormore device definitions that can be pre‐programmed to affect specific users or a user assignmentgroup. The rule can be used to block, monitor, or send notification when the defined devices are usedon‐ or off‐site.Device rules monitor and potentially block the system from loading physical devices such asremovable storage devices, Bluetooth, Wi‐Fi, and other Plug and Play devices. Device classes anddevice definitions are used to define device rules.Role‐based device rules can be created for the enterprise workforce. For example, while the majorityof workers might not be allowed to run executables from flash drives, IT and sales force might needthat privilege to bypass operating systems so they can reformat hard drives.By using role‐based access control with device rules, a variety of users can be monitored or excludedfrom supervision, securing sensitive data without creating roadblocks to their productivity.Device classesDevice classes are used to control groups of related devices. Each class of devices is identified by aname, an optional description, and one or more Globally Unique Identifiers (GUIDs). The McAfee DLPclient uses the device classes on the Managed list to identify devices being used at endpoints.The device classes on the Managed Device Class list are used by the McAfee DLP client to monitortheir usage at endpoints.If you are using McAfee DLP Endpoint with McAfee DLP Manager, you can find built‐in device classeslisted on the Device Management page. The devices are categorized by status:• Managed — Specific Plug and Play or removable storage devices, defined by device class, that canbe managed by McAfee DLP Endpoint, but whose status can be changed to Unmanaged.• Unmanaged — Device classes not managed by McAfee DLP Endpoint, but whose status can bechanged to Managed.• Unmanageable — Device classes not managed by McAfee DLP Endpoint because attempts tomanage them might affect the managed computer, system health, or efficiency. New classes ofdevices cannot be added to this list.McAfee Data Loss Prevention 9.2.2 Product Guide 159