Cannot map a network drive with DLP Endpoint Agent installed and running

book

Article ID: 210041

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

New install and setup, but the user can not map a network drive.

Detailed description:

WIth DLP installed, if PC is rebooted, followed by login to PC, connection to VPN, mapped drives can't be connected.

BUT if the user can stop the Agent service (via Enforce Admin Endpoint Task), the user is able to again map network drives.

If the Agent is restarted at this point, it continues to have access the mapped share.

Agent File Path for "Ignore Copy to share" - contains relevant UNC paths but this isn't helping.

Cause

In the Agent Configuraiton, there is an option to block access for users that are not on the corporate network:

Enable Device Control > "Off the Corporate Network > Network Share: Block Access." 

Environment

Release : 15.7

Component :

Resolution

It is possible to disable this feature which is blocking access to the network share.

Enable Device Control > "Off the Corporate Network" ==> [remove option for] "Network Share: Block Access"

Additional Information

It should be noted that the above workaround is not best practice - as it decreases the security of corporate data.

In fact, it's quite likely that the method that is set for the Agent to Determine its network location is probably needing to be tuned:

"System > Agents > Endpoint Location"

If you review the Online Help topic for this feature, you may find additional configuration is better at allowing endpoints to resolve their Corporate Endpoint Location.