Views:
The USB Allowed List will only work if DLP is enabled. Make sure the Data Loss Prevention (DLP) module is installed and running on the Endpoint.
  1. Confirm if the "dc_dev_exception.csv" file exists in the following locations:
    • If the Apex Central Server was upgraded from Control Manager: \Trend Micro\Control Manager\WebUI\WebApp\widget\repository\widgetPool\product\OSCE\
    • If the Apex Central Server is a fresh install: \Trend Micro\Apex Central\WebUI\WebApp\widget\repository\widgetPool\product\OSCE\

    Exception List

    Click the image to enlarge.

  2. If the file is missing, create a new "dc_dev_exception.csv" file in the specified location. In the file, add the USB device's Vendor, Model and Serial ID.
  3. Redeploy the DLP policy to the Endpoint, and check if the USB storage device is still blocked.
  1. Navigate to the the Apex One Server’s installation directory, and edit ..\PCCSRV\Ofcscan.ini and add the following line:
    [Global Setting]
    Enable_Global_DLP_Dev_Exception=1
    

    GlobalSettings

    Click the image to enlarge.

     
    If "Enable_Global_DLP_Dev_Exception" already exists, make sure the the value is set to 1.
     
  2. Save the changes and close the file.
  3. Open the Apex One server web console and click Agents > Global Agent Settings on the main menu to access the Global Agent Settings page.
  4. Click Save to deploy the setting to agents.
  5. After the Global Settings are deployed, check the Apex One client’s registry and make sure the following keys exist:
    • For 32-bit: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\DlpLite\EnableDlpGlobalDevException=1
    • For 64-bit: HKLM\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\DlpLite\EnableDlpGlobalDevException=1

    GlobalDevException Registry

    Click the image to enlarge.

  6. Wait for at least 5 minutes, then manually update the endpoint's agent by clicking Update Now. After updating, check if the USB device is still getting blocked.

If the issue is still the same, please collect the following information: