cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bph
Level 7
Report Inappropriate Content
Message 1 of 11
‎04-17-2015 03:29 AM

DLP Policies not applying to agents

Jump to solution

We are currently trying to implement some DLP policies but having issues getting them to be picked up by the DLP agent. 

I have DLP for Endpoint 9.3.200.23 installed on my local PC; under the DLP Endpoint Console Policy and Endpoint Configuration are both showing as last modification as July 1st 2014 (I believe this was when it was initially setup).  The Computer Assignment Group is blank.  Under Discovery, both Email Storage and Local File System are showing as not configured.

My local agent can communicate ok with the ePO server and under DLP User sessions, the server is acknowledging that Policy is currently enforced and the Agent is running.

I have setup and applied the DLP Policy (blocking IM Applications) - this is confirmed under DLP Operational Events.

The Policy Catalog for DLP is set to Default Agent Config and Default Computers Assignment (both covering the Global Root - we are only a small company so this isn't a huge amount)

I have restarted my PC/reinstalled the client and manually Checked for New Policies in the Agent Monitor (states "No package received from ePO server").  The policy still does not seem to update on my local DLP agent.

Am I missing something basic?  I downloaded the User Guide for DLP and have followed the steps as far as I can tell.  I've checked on other PCs and have the same issue.

Happy to provide any further information.

ePO Build: ePolicy Orchestrator 5.0.0 (Build: 1160)

Reply
1 Solution

Accepted Solutions
jhall2
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 11
‎04-17-2015 01:50 PM

Re: DLP Policies not applying to agents

Jump to solution

The best way to troubleshoot policy enforcement issues is with the DLP Diag Tool. This will show you what modules are enabled and what policies are being applied.

Note: ePO 5.0.0 has gone End of Life. I highly recommend upgrading ePO to a supported version.

McAfee Product and Technology Support Lifecycle - Software & Utilities | McAfee Support

View solution in original post

Reply
10 Replies
palex
Level 11
Report Inappropriate Content
Message 2 of 11
‎04-17-2015 03:48 AM

Re: DLP Policies not applying to agents

Jump to solution

Hi, bph!

1. Make DLP Policy (into epo go to Menu-Data Protection-DLP Policy).

2. You can do User Groups into DLP Policy and choose this groups into Protection Rule in the last step everybody rule

3. or you can make you Computers Assignment Group into Menu-Policy-Policy Catalog:

Chooce Product : Data Loss Prevention... and Duplicate "McAfee Default Computers Assignment Group".

Go to System Tree Assigned Policies Tab product Data Loss Prevention - Computers Assignment Group end in Actions click Edit Assignment.

Chose You Computers Assignment Group - in the Assigned Policies Tab in Policy Computers Assignment Group will be changed.

Click to the name of you Computers Assignment Group and check Logged in User or/and Local User. Save.

4. And update you policy.

Regards.

0 Kudos
Reply
bph
Level 7
Report Inappropriate Content
Message 3 of 11
‎04-17-2015 08:14 AM

Re: DLP Policies not applying to agents

Jump to solution

Thanks for the quick response!  Unfortunately I still cannot get it to work.

I have created a brand new policy and have applied it to everybody (I have also tried applying it just to myself) - still this is not being picked up.

I then duplicated the Default Computer Assignment Group, edited the Assignment and selected both Logged In and Local Users.  This has been saved and policies have been reapplied - still not passing on.

To update the policy on my local machine, I'm just going to the Agent Monitor and selecting "Check New Policies".  I've also reinstalled the DLP agent  and updated the Management Tools in ePO.

It's likely something very simple I'm missing but I cannot see what I'm doing wrong. 

0 Kudos
Reply
dumitru-alexeev
Level 7
Report Inappropriate Content
Message 4 of 11
‎04-17-2015 08:26 AM

Re: DLP Policies not applying to agents

Jump to solution

Hi,

You assigned the policy to some user (local user or from Active Directory)  ?

0 Kudos
Reply
bph
Level 7
Report Inappropriate Content
Message 5 of 11
‎04-17-2015 08:32 AM

Re: DLP Policies not applying to agents

Jump to solution

I have assigned it to myself and then in another test, to our all user group - both through Active Directory.

0 Kudos
Reply
dumitru-alexeev
Level 7
Report Inappropriate Content
Message 6 of 11
‎04-17-2015 08:40 AM

Re: DLP Policies not applying to agents

Jump to solution

See in DLP Policy | Agent Configuration | Miscellaneus, if all modules is Enable.

0 Kudos
Reply
bph
Level 7
Report Inappropriate Content
Message 7 of 11
‎04-17-2015 08:44 AM

Re: DLP Policies not applying to agents

Jump to solution

All modules are ticked and enabled in the Agent Configuration.

0 Kudos
Reply
dumitru-alexeev
Level 7
Report Inappropriate Content
Message 8 of 11
‎04-17-2015 08:58 AM

Re: DLP Policies not applying to agents

Jump to solution

You have to download McAfee Agent DLPe DiagTool, and take a snapshot.

0 Kudos
Reply
sathish.l
Level 11
Report Inappropriate Content
Message 9 of 11
‎04-17-2015 10:30 AM

Re: DLP Policies not applying to agents

Jump to solution

Do you have any other point product installed on the client ?

Is it happening only for DLP ?

Can you check with below KB ?

McAfee KnowledgeBase - ePO 5.0 servers installed with valid license key stop sending policies and ta...

0 Kudos
Reply
jhall2
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 11
‎04-17-2015 01:50 PM

Re: DLP Policies not applying to agents

Jump to solution

The best way to troubleshoot policy enforcement issues is with the DLP Diag Tool. This will show you what modules are enabled and what policies are being applied.

Note: ePO 5.0.0 has gone End of Life. I highly recommend upgrading ePO to a supported version.

McAfee Product and Technology Support Lifecycle - Software & Utilities | McAfee Support

View solution in original post

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC