How to block USB reverse internet tethering with Data Loss Prevention Endpoint

Artigos técnicos ID: KB92987
Última modificação: 12/22/2021

Ambiente

McAfee Data Loss Prevention (DLP) Endpoint - all supported versions

For details of DLP Endpoint supported environments, see KB68147.

Resumo

You can enable USB reverse internet tethering through the ADB (Android Debug Bridge) interface to allow Android smartphones to access internet and data from the system. This article provides the procedure to block USB reverse internet tethering with DLP Endpoint.

Create a Device Class for the ADB interface:

Log on to the ePO console.
Click Menu, DLP Policy Manager, Definitions.
Click Device Class, Actions, New Item.
On the New Device Class Details page, specify values for the following to create a definition:
1. Name: Enter ADB Interface Device Class.
2. Status: Select Unmanaged.
3. Filter Type: Select Upper Filter.
4. GUID: Enter 3f966bd9-fa04-4ec5-991c-d326973b5128 in the textbox.
5. Click Add and Save the definition

Manage the ADB Interface Device Class:

Log on to the ePO console.
Click Menu, Policy, Policy Catalog.
Select Data Loss Prevention from the Products drop-down list.
Click Edit next to the DLP Policy used on the endpoint PCs.
Click Settings, Device Classes. Perform the following actions:
1. Select ADB Interface Device Class under Device Class Name.
2. Select Managed under Status.
3. Select Upper Filter under Filter Type.
4. Click Add.
Click Apply Policy to save the changes.

Block or monitor USB reverse internet tethering:

Log on to the ePO console.
Click Menu, DLP Policy Manager.
Click the Definitions tab, expand Device Control, and click Device Templates.
Click Action, New Item, Plug and Play Device Template.
On the New Plug and Play Devices page, specify values for the following:
1. Name: Enter ADB Plug and Play Device Definition.
2. Bus Type: Set Comparison to Equals and Value to USB.
3. Device Class: Set Comparison to Equals and Value to ADB Interface Device Class (Unmanaged).
Click Save.
On the DLP Policy Manager page, click Rule Sets and select an applicable rule set.
Click Device Control tab, Actions, New Rule, Plug and Play Device Rule.
On the Plug and Play Device Rule page, specify values for the following:
1. Rule name: Enter PnP Rule to block reverse Tethering.
2. State: Select Enabled.
3. End-User: Select Is any User (ALL).
4. Plug and Play: Select Is one of (OR) ADB Plug and Play Device Definition.
5. Click the Reaction tab and specify values for the following:
  1. Action: Select No Action.
  2. User Notification: Click the three dots and choose Default device management user notification [built-in].
  3. Report Incident: Select the checkbox.
Click Save. Apply the policy to a DLP client system and test the rule.
Based on the test results, set the Action (in step 9) to Block reverse tethering.

Produtos afetados

Configuration
Data Loss Prevention Endpoint 11.4.x (EOL)

Idiomas:

Este artigo está disponível nos seguintes idiomas:

English United States
Spanish Spain
French
Italian
Portuguese Brasileiro

Glossário de termos técnicos

Realçar termos do glossário

Reserve alguns momentos para navegar por nosso Glossário de termos técnicos.

Knowledge Center

How to block USB reverse internet tethering with Data Loss Prevention Endpoint

Ambiente

Resumo

Produtos afetados

Idiomas:

Glossário de termos técnicos

Title

Title

Knowledge Center

How to block USB reverse internet tethering with Data Loss Prevention Endpoint

Ambiente

Resumo

Produtos afetados

Idiomas:

Glossário de termos técnicos

Escolha a sua região

Title

Title