EEFF v4.2 FAQs : UI changes for Removable Media and CD/DVD policy categories

Version 4

    NOTE : EEFF will henceforth be referred to as "File & Removable Media Protection".

    The necessary changes for the new product name will be incorporated in the next release v4.3.


     

    For which policy categories have the changes to the UI been implemented?

    CD/DVD and Removable Media Policy categories

     

     

    What is the rationale behind the UI policy changes in v4.2?

    The changes were made in order to deliver the following benefits:

    • Provide more commonality between the CD/DVD and Removable USB Media Protection policy categories
    • Simplify the Admin experience in evaluation/selection of policies
    • Focus on behaviour rather than underlying technicality
    • Improve the configuration workflow

     

     

    What is the basis on which the new policy pages for CD/DVD and Removable Media categories have been organized?

    The original policy pages for both CD/DVD and Removable Media referred to the “encryption options” and “encryption method” respectively, they now both focus on the “Protection Level”.

    On selecting the“Protection Level”, the associated “Protection Options” are available to be configured

     

    Specifically, the principal difference in behavior between the file based encryption technology and the container based encryption technology (formerly EERM) is that the former constrains the device usage to systems with EEFF installed (onsite access only) while the latter allows for access on systems without McAfee Encryption software installed via the offsite browser (with offsite access).

    This behavioural change is the main theme of the new UI for both policy categories


     

    Have there been any changes in the functionality offered for CD/DVD and Removable Media in terms of protection options?

    No, the changes are limited to the UI used to configure the above policies

     

     

    What are the“Protection Level” options available for CD/DVDs?

    • Allow Unprotected Access
    • Allow Encryption (with offsite access)
    • Enforce Encryption (with offsite access)
    • Enforce Encryption (onsite access only)
    • Block Write Operations

     

     

     

    How do the new “Protection Level” options in the new UI map to the old policy options for CD/DVDs?

     

    New “CD/DVD” policy referencing the “Protection Levels”

    1.jpg

     

    Existing (Pre 4.2) “CD/DVD” policy referencing the “Encryption Options”

    2.jpg

     

    Note: Option (c) which provides the ability to read encrypted CD/DVD/ISOs on systems without having to install any McAfee Encryption technology software is available starting EEFF v4.1 Patch 1. This option has a sub-option to disable writing of media (d) if option (c) is NOT used

     

    Mapping from Legacy (existing) to New UI

     

    • Protection level 1 maps to Encryption option a – Selecting “No Encryption” corresponds to “Unprotected Access”
    • Protection level 2 maps to Encryption option c without option d – “Using McAfee Encryption for CD/DVD/ISO” corresponds to “Allow Encryption (with offsite access)”
    • Protection level 3 maps to Encryption option c with option d – “Using McAfee Encryption for CD/DVD/ISO” corresponds to “Enforce Encryption (with offsite access)”
    • Protection level 4 maps to Encryption option b –“Enforce file encryption” corresponds to “Enforce Encryption (onsite access only)
    • Protection level 5 maps to Encryption option e – “Disable write operations” corresponds to “Block write operations”

     

     

     

    What are the “Protection Level” options available for Removable Media?

    Removable Media Policy has been organized into two tabs:

    • USB Media
    • Floppy Disk Media

     

    Options available for USB Media:

    • Allow Unprotected Access
    • Allow Encryption (with offsite access)
    • Enforce Encryption (with offsite access)
    • Enforce Encryption (onsite access only)

     

    Options available for Floppy Disk Media:

    • Allow Unprotected Access
    • Block Write Operations

     

     

     

     

     

     

    How do the new “Protection Level” options in the new UI map to the old policy options for Removable Media?


     

    New “Removable Media” policy for USB Media referencing the “Protection Levels”

    3.jpg

     

    Existing (Pre 4.2) “Removable Media” policy referencing the “Encryption Options”

    4.jpg

     

    Mapping from Legacy (existing) to New UI

     

    • Protection level 1 maps to Encryption option a – Selecting “No Encryption” corresponds to “Unprotected Access”
    • Protection level 2 maps to Encryption option c without option d – “Using McAfee EndpointEncryption for Removable Media (EERM)” corresponds to “Allow Encryption (with offsite access)”
    • Protection level 3 maps to Encryption option c with option d “Using McAfee Endpoint Encryption for Removable Media (EERM)” corresponds to “Enforce Encryption (with offsite access)”
    • Protection level 4 maps to Encryption option b –“Use Regular Encryption” corresponds to “Enforce Encryption (onsite access only)

     

     

     

    What is the default “Protection Level” option for CD/DVD, Removable USB Media and Floppy Disk Media?

    CD/DVD – “Allow Unprotected Access”

    Removable USB Media – “Enforce Encryption (with offsite access)”

    Floppy Disk Media – “Block Write Operations”