Issue
- You want to exclude specific USB devices from your Removable Medica Encryption (RME) policy in ESET Endpoint Encryption (EEE)
Details
Click to expand
The exclusion strings consist of the following three components:
- Vendor ID (VID) - Unique value that identifies the manufacturer of the product
- Product ID (PID) - Unique model number given to each unique device range produced by the manufacturer
- Revision (REV) - Unique number assigned to the specific version of hardware in a device
The ESET Endpoint Encryption (EEE) Server exclusion list must contain both Vendor and Product IDs. The exclusions app will only offer the possible valid combinations for a device in the Parent Device ID/s drop-down menu. You can specify more than one exclusion string in the EEE Server by using semi-colons to separate the entries.
The exclusions list setting is stored in the registry of the client workstation as shown in the file path below:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLMFENC under the REG_SZ key RemovableMediaExclusions.
Solution
I. Exclusion app
-
Connect the USB device to your machine.
-
Download and run the ESET Endpoint Encryption RME Exclusion App.
-
Select the Drive in the Removable Drives list, then select the Parent Device ID/s from the drop-down menu, and then click Copy to copy the string to your clipboard. The Parent Device ID/s will automatically update with the suggested settings.
Figure 1-1
II. Policy Update
-
Log in to ESET Endpoint Encryption (EEE) server.
-
Click the workstation name.
-
Click Workstation Policy.
-
Click RME Exclusions list
Figure 2-1 -
Click Change Setting.
-
Select Configured, then paste the copied string from the exclusion app under Setting and then click OK.
Figure 2-2 -
Click Workstations, then click Update Policy to update the policy on active workstations. The new exclusion settings will be applied to any newly installed Workstations with that workstation policy.
Figure 2-3
