Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 5 subscribers
  • Views 3847 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Drive Exclusion

K_

Hello.

We are currently running Safegaurd V5.6.0.192. With policies set to encrypt all internal/external media found. What I would like to do is Exclude an Esata external drive I have plugged in. Which I use for virtual machines.Previoulsy I had the drive plugged in via firewire and Safeguard detected it as removeable media. So I could set an exlusion folder for my VM's to live in. Now it is plugged into a new laptio via Esata. Safeguard sees the drive as a fixed drive and I have no options to set folder exclusions with volume based encrytpion.

What I would like to do is exlude the drive completely from encryption.  I can see that policies can be set to exlcude drives but all the help says use port monitor to create the whitelist which we dont have. I can also see that you can write your own list and import that. Without knowing the format/layout for the file and what information it is looking for. I cant manually create one and cant see any guides for this.

Has any one got an experience with setting this kind of drive exclusion?

Many thanks

Kev.

:33093


This thread was automatically locked due to age.
Parents
  • 0

    I have experience with this.  You'll need to use the Port Auditor to run an audit in the hardware on your system.  It's included with your SGN sever and client package download.   Scan your system and make sure you detect all the USB/Firewire hardware you need, when it comes up uncheck anything you do NOT want to exclude and save the XML file.

    Next open the SGN Management Console, and create a white list hardware profile and upload the XML file with the information you want to white list in it ans save this policy.

    Set up the policy to apply to the appropriate OU and/Or groups so you avoid giving improper white list exclusions to the wrong people who may have the same or a similar drive with the same USB vendor ID.

    :33373
Reply
  • 0

    I have experience with this.  You'll need to use the Port Auditor to run an audit in the hardware on your system.  It's included with your SGN sever and client package download.   Scan your system and make sure you detect all the USB/Firewire hardware you need, when it comes up uncheck anything you do NOT want to exclude and save the XML file.

    Next open the SGN Management Console, and create a white list hardware profile and upload the XML file with the information you want to white list in it ans save this policy.

    Set up the policy to apply to the appropriate OU and/Or groups so you avoid giving improper white list exclusions to the wrong people who may have the same or a similar drive with the same USB vendor ID.

    :33373
Children
No Data
Unfiltered HTML