Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Dell Encryption External Media Allowlisting Guide

Summary: Allowlisting Guide for Dell Encryption External Media (formerly Dell Data Protection | External Media Edition).

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content


Symptoms

Affected Products:

  • Dell Encryption External Media
  • Dell Data Protection | External Media Edition

Affected Operating Systems:

  • Windows 7
  • Windows 8.1
  • Windows 10
  • Mac

Allowlisting for Removable Devices allows you to manage what devices are excluded from EMS protection.

Note: PNP IDs are case-sensitive when entering in policy. All upper case is required for the policy to properly invoke.
Example:
USBSTOR\DISK&VEN_GENERIC&PROD_GENERIC_USB

Cause

Not Applicable

Resolution

The PNPDeviceID is how we allowlist removable devices in the Windows Environment. The steps below shows you how to find the PNPDeviceID:

EMS device's PNPDeviceID from the Dell Encryption External Media log file

To find the PNPDeviceID for removable storage from the Dell Encryption External Media Log file:

  1. Insert your removable storage device in to the Dell Data Protection encrypted computer.
  2. Open up the EMSService.log found at the locations: C:\Programdata\Dell\Dell Data Protection\Encryption\EMS
  3. Look for the log entry which shows the PNPDeviceID=

For example, the log entry:

    14.03.18 18:50:06.834 [I] [Volume "F:\"] PnPDeviceID =
    USBSTOR\DISK&VEN_SEAGATE&PROD_USB&REV_0409\2HC015KJ&0   
  • Section 1 / Green - Excludes the Vendor
  • Section 2 / Blue - Excludes all Seagate’s USB drives
  • Section 3 / Purple - Excludes the specific model being used
  • Section 4 / Orange - Excludes this device

PnPDeviceID
Figure 1: (English Only) PnPDeviceID

EMS device's PNPDeviceID in the Microsoft Windows Operating System

To find the PNPDeviceID for removable storage on Windows 7 or later

  1. Insert the removable storage device.
  2. Open the Control Panel and go to Administrative Tools > Computer Management.
  3. Go to Storage > Disk Management.

Disk Management
Figure 2: (English Only) Disk Management

  1. Right Click on Removable Disk (F: In the image), and select properties.

Properties of Removable Disk
Figure 3: (English Only) Properties of Removable Disk

  1. Select Details Tab and then select Device Instance Path in the Property drop-down menu.

The PNPDeviceID is displayed in the Value field.

Select Device Instance Path for PNPDeviceID
Figure 4: (English Only) Select Device Instance Path for PNPDeviceID

Once you have the PNPDeviceID, you can add it to the EME Allowlist group inside the Removable storage policies on the Dell Encryption Personal (formerly Dell Data Protection | Personal Edition) Local Management Console or your Dell Data Protection | Enterprise Edition Server\Dell Security Management Server Remote Management Console.

In the Remote Management Console (RMC), go to Populations > Enterprise > Removable Media Encryption. Under Windows Media Encryption, select Show Advanced Settings and then scroll down to EMS Device Allowlist. Place the PNPID or up to the point that you want in the EMS Device Allowlist field.

EMS Device Allowlist
Figure 5: (English Only) EMS Device Allowlist

In the Remote Management Console (RMC), go to Populations > Enterprise > Removable Media Encryption. Under Windows Media Encryption, select Show Advanced Settings and then scroll down to EMS Device Whitelist. Place the PNPID or up to the point that you want in the EMS Device Whitelist field.

EMS Device Whitelist
Figure 6: (English Only) EMS Device Whitelist

You can add the PNPDeviceID information to the EMS whitelist group inside the Removable storage policies on your Dell Security Management Server (formerly Dell Data Protection | Enterprise Edition Server).

In the console, go to Enterprise -> Security Policies -> Override (in the upper right for Dell Security Management Server, this is not present in Dell Security Management Server Virtual (formerly Dell Data Protection | Virtual Edition) -> change the Policy Category drop-down to Windows encryption -> Expand Removable Storage -> place the PNPID or up to the point you want in the EMS Device Whitelist field.

EMS Device Whitelist
Figure 7: (English Only) EMS Device Whitelist

The Volume UUID is how we allowlist removable devices in the Mac Environment. The steps below shows you how to find the Volume UUID:

  1. Connect the removable device to the computer.
  2. Click the Apple Icon in the top-left corner.
  3. Select About This Mac.

Select About This Mac
Figure 8: (English Only) Select About This Mac

  1. Under the Overview tab, select System Report.

Select System Report
Figure 9: (English Only) Select System Report

  1. Under the System Report
    1. Expand Hardware.
    2. Select either USB or Thunderbolt.
    3. Volume UUID is listed under Volumes.

Volume UUID
Figure 10: (English Only) Volume UUID


To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

 

Article Properties


Affected Product

Dell Encryption

Last Published Date

03 Oct 2023

Version

10

Article Type

Solution