This article describes how you can block Bluetooth Network Adapters devices in your environment.
NOTE: It is important to know to which Windows 10 version you intend to push the DLP policy. The reason is because DLP configuration might differ for different Windows versions.
Windows 10 (1507–1803)
This section explains how to block Bluetooth Network Adapters devices without blocking your Bluetooth Keyboard, Bluetooth Mouse, Bluetooth Headset / Speakers and all other Bluetooth devices.
- Log on to the ePO console.
- Go to Menu, Data Protection, and select DLP Policy Manager.
- Under Rule Sets, click the Rule Set that needs to be used.
- On the DLP Rule Set page, select the Device Control tab.
- Click the Actions drop-down list and select New Rule, Plug and Play Device Rule.
- On the Plug and Play Device Rule page:
- Enter a Rule Name.
- Set the State to Enabled.
- Set the Severity according to your requirement
- On the Condition tab, click the three dots next to Plug and Play.
- Select New Item.
- On the New Plug and Play Device definition page:
- Enter a name for the device definition.
- Under Available Properties, add the following properties:
| Property |
Comparison type |
Value |
| Bus Type |
Equals |
Bluetooth |
| Device Class |
Equals |
Network Adapters (Unmanaged) |
- Click Save. Select the new device definition checkbox and click OK.
- On the Reaction tab, set the following
- Set the Action to Block.
- Click the three dots next to the User Notification, and select a notification from the list. Click OK.
- Select the Report Incident checkbox.
- Click Save and then Close.
- Apply the policy changes through Policy Assignment.
Now, your Endpoints block the Bluetooth Network Adapters.
Windows 10 version 1809 to Current:
To resolve the issue, perform the following steps:
- Log on to the ePO console.
- Go to Menu, Data Protection, and select DLP Policy Manager.
- Under Rule Sets, click the Rule Set that needs to be used.
- On the DLP Rule Set page, select the Device Control tab.
- Click the Actions drop-down list and select New Rule, Plug and Play Device Rule.
- On the Plug and Play Device Rule page:
- Enter a Rule Name.
- Set the State to Enabled.
- Set the Severity according to your requirement.
- On the Condition tab, click the three dots next to Plug and Play.
- Select New Item.
- On the New Plug and Play Device definition page:
- Enter a name for the device definition.
- Under Available Properties, add the following properties:
| Property |
Comparison type |
Value |
| Bus Type |
Equals |
Bluetooth |
| Device Instance ID (Advanced) |
Contains |
BTH\MS_RFCOMM |
| Device Instance ID (Advanced) |
Contains |
BTHENUM\DEV |
| Device Description |
Contains |
RFCOMM Protocol TDI |
- Click Save. Select the new device definition checkbox and click OK.
- On the Reaction tab, set the following:
- Set the Action to Block.
- Click the three dots next to the User Notification, and select a notification from the list. Click OK.
- Select the Report Incident checkbox.
- Click Save and then Close.
- Apply the rule set to a new policy and assign the same to the endpoints systems. The result of this new rule must block the built-in Windows Send and Receive files through Bluetooth in Windows 10 version 1809.
- Apply the policy changes through the Policy Assignment.
Now, your Endpoints block
ALL Bluetooth devices.
