Symptoms:
Cause:
By reviewing the activities of DLP by running Process Monitor (procmon) and verified in edpa_ext0.log that while copying data to IronKey encrypted HDD there was a process which was being intercepted by the Endpoint Agent process multiple times. The process name is "IKMalwareScanner.exe"
Ironkey uses an Anti-Malware Scanner which will slow down the connectivity to the device as the Endpoint Agent will monitoring it also which adds an time delay.
Two options to workaround the issue are:
1. Disable IronKey Malware Scanner that runs automatically when you unlock your IronKey (please refer to Ironkey Manufacturer guidelines)
OR
2. Whitelist the scanner process "IKMalwareScanner.exe" in the Endpoint Application Monitoring in the Enforce UI. After whilelisting the process the transfer speed was reduced to 2MB/sec.