zoukankan      html  css  js  c++  java
  • 通过SEP禁用USB

    1      Introduction

    1.1      Scope

       

    This document provides comprehensive information of the reinforcement of removable media control using Symantec Endpoint Protection, Active Directory Group Policy and Websense DLP.

       

    1.2      Problem Statement

    The latest android mobile phones, android tablets etc. are getting connected via Media transfer Protocol (MTP) even though USB ports are blocked and users are able to copy data on such devices. Data Leakage through such devices is a big concern.

       

       

    2      Solution Details

    There are three solutions available in TCS.

    1. Active Directory Group Policy (AD)
    2. Symantec End Point Protection (SEP)
    3. Websense Data Leak Prevention (DLP)

       

    2.1.1      Symantec Endpoint Protection

       

    Application and Device control policy of Symantec Endpoint Protection can block all removable media devices like Pen Drive, Portable Hard disk, Mobile Phones, Tablets etc. SEP Application and Device control can also block Media Transfer Protocol (MTP) mode of smart phones and tablets.

       

    Application Control is an advanced security feature included in Symantec Endpoint Protection. Application Control provides administrators with the ability to monitor and/or control the behaviour of applications. Administrators can grant/deny access to certain registry keys, files, and folders. In addition, administrators can also define which applications are permitted to run, which applications that cannot be terminated through irregular processes, and which applications can call Dynamic Link Libraries.

       

    With Application Control Policy we can block or write protect Mass storage mode of all Smart phones, memory card of all mobile phones, pen drives, portable hard disk etc.

       

       

    Please refer below screen shot for application control policy:

       

    With Device Control Policy we can block Media transfer mode of all smart phones and tablets.

       

    Please refer below screen shot for device control policy:

       

       

       

    2.1.2      Active Directory Group Policy

    Where SEP is not applied, AD group policy will be applied to machines to restrict access to endpoint removable media and mobile phones.

    2.1.3      Websense Data Leakage Prevention

    AD policy is applied based on GUID of mobile devices. New GUIDs needs to be added after testing for new devices. Thus users are going to be monitored through websense DLP where the AD policy is applied.

       

    Apart from this, all excluded users will be monitored through Websense DLP to prevent data leakage from Endpoint removable media as well as mobile phones.

         

    2.2      Exclusion Process

       

    To get USB excess or to get excluded from SEP application and device control policy user needs to raise CR under below category:

       

       

    While implementing this CR Local RE or Administrator should move user asset to USB Enable group in active directory as well as USB Exclude group in SEP console as well.

       

       

    2.3      Exclusion in SEP Console

       

    USB Exclude group will be created for both Desktop and Laptop location wise.

       

    Please refer below screen shot for Exclude group created on SEP Console:

       

    For the Desktops, Right click on Desktop Group and search the client with the host name (Computer Name) for which you wanted to apply USB Exclusion

       

    Please refer below screen shots for excluding a desktops:

       

       

       

       

    Right Click on the Client and click on Move and select the USB Exclude group present under Desktop Group and click OK

       

         

      

    For Laptops, Right click on Laptop Group and search for the intended client host name (Computer name) for which USB Exclusion needs to be done and move it to the USB exclude group present under Laptop Group by following the procedure as mentioned for the Desktops and navigate to USB Exclude group present under Laptop and observe the clients have been moved successfully or not.

  • 相关阅读:
    hdu1003 最大子串和
    cf339d Xenia and Bit Operations
    A + B Problem II
    中国近代史纲要----王洪兵--2016年春季学期----中国海洋大学
    CodeForces 35D Animals
    CodeForces 558D
    Vanya and Brackets
    spfa
    hdu 1217 Arbitrage
    CodeForces 1A Theatre Square
  • 原文地址:https://www.cnblogs.com/IvanChen/p/4493623.html
Copyright © 2011-2022 走看看