cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ron.sokol
Level 10
Report Inappropriate Content
Message 1 of 6
‎03-26-2015 02:20 PM

Is there a way to validate the DLP policy applied on the host without console access?

We need to be able to validate the application of a host DLP policy without using the console for the remote client.  Is there any way to do this?  It appears that the policy files are encrypted on the node.  We only have file share and command line access to certain nodes.  Thank you!

Reply
5 Replies
jhall2
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6
‎03-26-2015 02:48 PM

Re: Is there a way to validate the DLP policy applied on the host without console access?

You can utilize the DLP DiagTool on the client machine which can be download from the McAfee download site. However, you will need to generate a DLP release code using ePO console but this does not need to be done from the client machine itself.

0 Kudos
Reply
palex
Level 11
Report Inappropriate Content
Message 3 of 6
‎03-26-2015 10:19 PM

Re: Is there a way to validate the DLP policy applied on the host without console access?

Hi, ron.sokol!

For me, the easiest way is:

1. Go to System Tree - System (tab) - check systems (what you whant to check) and click "Wake Up Agents" button. Do not forgen check "Force policy update".

2. See Menu - Automation - Server Task Log  make sure that the Status of you task is Completed.

The first two points are needed to update the information in epo.

3. On System Tree click on you system (what you whant to check), go to Products tab, check Data Loss Prevention, see section DLP Policy-Policy Revision.


Regards.

0 Kudos
Reply
ahamm
Level 9
Report Inappropriate Content
Message 4 of 6
‎03-27-2015 03:04 AM

Re: Is there a way to validate the DLP policy applied on the host without console access?

I did it using a Query in EPO:

1. Go to Queries & Reports -> New

2. Check for resulting Type and choose Others, there you select DLP Computer Properties -> next

3. Sort by Computer Name -> Next again

4. Here you select the columns, the default give you all so you need to filter the ones you need. The ones below are what I did choose.

Computer Name

Computer Deployment Group Name

DLP Endpoint Status

DLP Plug-in Version

Policy Receive Time

Last ePO Communication

DLP Operation Mode

5. Set filters to the policy's you need to check. In my case it was Computer Deployment Group Name and the selection menu gave me the ones I needed.


this was telling me if the policy was applied and also if there is a pending reboot.


Regards

Reply
odedb
Level 9
Report Inappropriate Content
Message 5 of 6
‎03-30-2015 05:16 AM

Re: Is there a way to validate the DLP policy applied on the host without console access?

On the managed endpoint (client for that matter), click on the McAfee icon in the system tray, select "Manage Features" then "DLP Endpoint Console".

Depends on your DLPe version, but in 9.3 Patch 3 a popup window will appear, select "About".

This will show the version of the DLPe running as well as the revisions ID for the Policy and Endpoint Configuration applied to the client (example below)DLPe_About.PNG

These should match the revisions ID on the DLPe console on ePO or else your system's configuration is out of date.

0 Kudos
Reply
ron.sokol
Level 10
Report Inappropriate Content
Message 6 of 6
‎05-28-2015 03:16 PM

Re: Is there a way to validate the DLP policy applied on the host without console access?

Thanks, you all, great info! -R

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC