Community Help Hub

ron.sokol · ‎03-26-2015

We need to be able to validate the application of a host DLP policy without using the console for the remote client. Is there any way to do this? It appears that the policy files are encrypted on the node. We only have file share and command line access to certain nodes. Thank you!

jhall2 · ‎03-26-2015

You can utilize the DLP DiagTool on the client machine which can be download from the McAfee download site. However, you will need to generate a DLP release code using ePO console but this does not need to be done from the client machine itself.

palex · ‎03-26-2015

Hi, ron.sokol!

For me, the easiest way is:

1. Go to System Tree - System (tab) - check systems (what you whant to check) and click "Wake Up Agents" button. Do not forgen check "Force policy update".

2. See Menu - Automation - Server Task Log make sure that the Status of you task is Completed.

The first two points are needed to update the information in epo.

3. On System Tree click on you system (what you whant to check), go to Products tab, check Data Loss Prevention, see section DLP Policy-Policy Revision.

Regards.

ahamm · ‎03-27-2015

I did it using a Query in EPO:

1. Go to Queries & Reports -> New

2. Check for resulting Type and choose Others, there you select DLP Computer Properties -> next

3. Sort by Computer Name -> Next again

4. Here you select the columns, the default give you all so you need to filter the ones you need. The ones below are what I did choose.

Computer Name

Computer Deployment Group Name

DLP Endpoint Status

DLP Plug-in Version

Policy Receive Time

Last ePO Communication

DLP Operation Mode

5. Set filters to the policy's you need to check. In my case it was Computer Deployment Group Name and the selection menu gave me the ones I needed.

this was telling me if the policy was applied and also if there is a pending reboot.

Regards

odedb · ‎03-30-2015

On the managed endpoint (client for that matter), click on the McAfee icon in the system tray, select "Manage Features" then "DLP Endpoint Console".

Depends on your DLPe version, but in 9.3 Patch 3 a popup window will appear, select "About".

This will show the version of the DLPe running as well as the revisions ID for the Policy and Endpoint Configuration applied to the client (example below)

These should match the revisions ID on the DLPe console on ePO or else your system's configuration is out of date.

ron.sokol · ‎05-28-2015

Thanks, you all, great info! -R

Is there a way to validate the DLP policy applied on the host without console access?

Re: Is there a way to validate the DLP policy applied on the host without console access?

Re: Is there a way to validate the DLP policy applied on the host without console access?

Re: Is there a way to validate the DLP policy applied on the host without console access?

Re: Is there a way to validate the DLP policy applied on the host without console access?

Re: Is there a way to validate the DLP policy applied on the host without console access?

Community Help Hub

Join the Community