cancel
Showing results for 
Search instead for 
Did you mean: 

DLP Diagnostics

Hi everyone,

I'm trying to figure out why one of my test WinXP pc won't download or apply my DLP policies.

It installs the DLP agent but it doesn't actually block any USB flash drives

.

I have tested these policies on a different pair of machines both in WinXP and Win7 and they work.

I'm using DLP 9.3 and my diagnostic tool is of the same version.

in light of this issue i downloaded the DLP diagnostic tool.

When i run the tool on my test Pc i have to generate a validation code but this fails on my EPO server.

see screenshot.

DLP bypass client key.JPG

Do you guys have any suggestions on how i can check what policies are downloaded to my test pc or how i can fix the bypass client key validation code.

or how i can figure out why the policies have not downloaded to my test pc.

Thanks

Sohail

18 Replies

Re: DLP Diagnostics

Hi Sohailgustasab,

2 diferent things

For the error generating the key, normally the key is longer than that, can you please verify that the user key that ip pop up on the screen when running the diagnòstic tool is correct?

For the policy issue, have you restarted the Machine after HDP has been installed?

Best regards,

Jose Maria

Re: DLP Diagnostics

Hi again Jose,

I've restarted the PC many times since installing the DLP agent.

Here's the ID code from the diagnostic tool.

DLP bypass client key 01.JPG

Regards

Sohail

Re: DLP Diagnostics

Which McAfee Agent do you have in the Machine? What's happens if you modify a policy for VSE? Does the Machine get the change for VSE?

Best regards,

Jose Maria

Highlighted

Re: DLP Diagnostics

McAfee agent 4.8.0.887

DLP Endpoint 9.3.300.31

not tried modifying VSE

Re: DLP Diagnostics

It would be nice to test a change for a diferent product to make sure is only HDLP or something else...

Best regards,

Jose Maria

Re: DLP Diagnostics

Okay.

any suggestions on what to change.

If you don't then i will try to figure out a change and post back results.

Re: DLP Diagnostics


hi Jose,

i created a new access protection rule which blocks and reports if a file called sohail-test-file is created.

DLP bypass client key 02.JPG

I then did a check new policies and also a collect and send props from the PC.

it downloaded the policy and when i test it by creating the file with that name it blocked it.

If i change the filename to anything else it allowed me to create the file.

access protection log also states that file was blocked

11/12/2014 2:50:36 PM Blocked by Access Protection rule  UR4804W001\Administrator C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Desktop\sohail-test-file User-defined Rules:New file being creates - Sohail Action blocked : Create

11/12/2014 3:05:26 PM Blocked by Access Protection rule  UR4804W001\Administrator C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Desktop\sohail-test-file User-defined Rules:New file being creates - Sohail Action blocked : Create

so this proves that VSE policy changes are taking effect on my test PC.

Re: DLP Diagnostics

Jose,

i just noticed something which i'm wondering might be the issue.

if i go to th policy catalogue

and pick product : DLP  and category : computer assignment group........there are no rules assigned.

DLP bypass client key 03.JPG

If i click on assignments then it shows my test machine .

DLP bypass client key 04.JPG

So....how do i assign policies to it..

Re: DLP Diagnostics


I also noticed that policy inheritence was brocken so i've reset that

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community