Use the following steps to block wireless communication devices that use the DLP Endpoint, but leave plug-and-play devices such as keyboards and mice unaffected.
IMPORTANT: Take a backup of your policies before you make any changes. To back up the DLP policy, do the following:
- Log on to the ePO server.
- Select Menu, DLP Settings, Backup and Restore.
- Click Backup to file and save the backup file Dlpconfig.backup.
Create a Plug-and-Play device definition:
- Log on to the ePO server and select Menu, Data Protection, DLP Policy Manager, Definitions.
- In the left pane, select Device Control, Device Definitions.
- Select Actions, New and then select Plug and play device definition.
- Enter a unique Name and optional Description. For example: Wireless device definition
- In the left pane, select Device Class by clicking > under Available Properties.
- Browse and select the Network Adapters device class from the drop-down list.
- Repeat step 5 to add the Device Name, change the Comparison drop-down list to Contains, and add the following values:
- Type Wireless and click +.
- Type WLAN and click +.
- Type the value 802.11 and click +.
- Click Save. Make sure that the Comparison column for each of the values is set to contains. Also, make sure the device name values are added as logical OR by default.
Create a Plug-and-Play device rule and add the new wireless device definition:
- In the ePO console, select Menu, Data Protection, DLP Policy Manager, Rule Sets.
- Select Actions and click New Rule Set or edit an existing rule set.
- Click the rule set name to open the rule set for editing.
- Click the Device Control tab.
- Select Actions, New Rule, Plug-and-Play Device Rule.
- Enter a unique Rule Name. For example: Block Wireless communication.
Optional: Change the Status and select a Severity.
- On the Condition pane, add the End-User and select the Plug-and-Play Wireless device definition.
NOTE: Device definitions can define devices that are included (is one of) or excluded (is none of). You must include at least one definition.
- On the Reaction pane, set the Prevent Action to Block.
Optional:
- Add a User Notification and Report Incident. If the Report Incident is not selected, the incidents are not recorded in the DLP Incident Manager.
- Select a different Prevent Action when the user is working outside the corporate network or is connected by VPN.
- Click Save and close the DLP rule set page.
- Navigate to Policy Catalog, Data Loss Prevention, DLP Policy, Settings, and the Device Classes page.
- Select Network adapters as the device class name.
- Change the status to Managed, set the Filter type to Upper Filter, and click Add.
- Click Apply policy.
When you apply this rule, it blocks wireless communication on client systems.
NOTE: You can add plug-and-play devices to the managed computer without configuration or manual installation of dlls and drivers. Use Plug-and-play device rules to prevent endpoint systems from loading these devices.