cancel
Showing results for 
Search instead for 
Did you mean: 
d.naraine
Level 7

List of issues - any help would be appreciated

We are currently deploying 9.2 patch 2 in our environment and we are seeing lots of issues. Below is a list of them:

IssueDescription
Hardware  basedMachine  was too slow to run DLPE and if it ran DLPE, CPU would spike to above 50% and  stay there for 10 minutes or longer; the machines did meet minimum system  requirements. The  machines that were production units need to be quick and cannot handle a 50% spike  from another process because these stands may be used to take measurements  for a part and the machine being off by seconds may result in a failed test.  If the part fails the test, then we cannot ship the product.
High CPU  UsageSome  machines experience high CPU usage where the CPU utilization will be at or  above 25%. (This may occur in Bypass mode.) Scanning of applications helps  these machines for a little while, but the problem will come back later in  the day; could be after 4 hours of work or later in the day. Visual Studio  and concurrent new software installs may create this issue. Visual Studio  issue occurred a month after the initial DLPE deployment.
Latency on  file OpenOpening  a ".pl" file locally and over a network share takes a long time.  Put machine in bypass mode, but didn’t help. Reduced rules to USB only and  machine got better. PL files have been added to tagging rules as an  exclusion, but this didn’t help. I also disabled tagging rules altogether and  this still didn’t help the machine. I tried disabling Printer and Application  Add-ins and when I did this the first open of the ".pl" file  was slow, but subsequent opens were fast. When the member killed explorer.exe  and redid everything it was slow on the first open and fast on the next few.  Disabling network drivers in the modules menu under agent configuration  produced the same results. The machine also operates fine under "Device  control and content aware removable storage protection (Without tag  support)".
IE crashingInternet  Explorer keeps crashing, the machine freezes. DLPE was removed from the  system and the machine's IE did not crash anymore. DLPE debug logging was  turned off to make the machine not dump any data when IE crashed as it was  believed that IE would crash due to DLPE dumping a log in the background for  various OTHER crashes; this did not help the system. (fcag.exe would never  spike) Other applications would work fine. This would happen later in the day  and next day in the morning; this issue occurs on systems that have IE 8  installed. Uninstalling and reinstall solved this issue, but other machines still see it.
0 Kudos
8 Replies
vimalnavis
Level 13

Re: List of issues - any help would be appreciated

Hardware based:

Ensure that your hardware meets minimum requirements as defined in the Install Guide. From my experience I can say that machines used by developers / programmers need to be significantly better than what the rest of the population uses.

High CPU Usage:

Same comments as above. Also ensure that all development activity is done using Desktops. Laptops never make for good development scale machines.

Ensure that the you have reviewed and understand how Application Definitions work and are using Trusted strategy correctly and effectively.

Latency on file open:

There were some known issue with network latency. Work with support and confirm whether 9.3 resolves the issue. If it does, deploy 9.3 instead.

IE crashing:

Disable the HTTP handler if you are not using Web Post Protection rules. If you are using that rule, work with support for a fix.

0 Kudos
d.naraine
Level 7

Re: List of issues - any help would be appreciated

According to the guide:

     Managed workstations:

     • CPU:

          • Pentium III 1 GHz or higher

     • RAM:

          • 256 MB minimum for McAfee Device Control software (1 GB recommended)

           • 512MB minimum for full McAfee DLP Endpoint software (1 GB recommended)

     • Hard Disk:

          • 200 MB minimum free disk space

All of our systems meet these requirements.

Latency on file open:

We have had the user pull the file to their local machine, but this doesnt help them with latency issues.

0 Kudos
vimalnavis
Level 13

Re: List of issues - any help would be appreciated

How many content bases rules are in effect? Are you running discovery scans as well?

Fine tuning the RegExes (if they are being used) and the rules should help. Discovery scans will result in performance impact (depending on a lot of factors) just like anti-malware scans.

0 Kudos
d.naraine
Level 7

Re: List of issues - any help would be appreciated

We have 18 protection rules and 8 content class rules. We do not have ANY discovery rules. Discovery scans should not be running.

Fine tuning RegExes?

0 Kudos
vimalnavis
Level 13

Re: List of issues - any help would be appreciated

I am guessing you are using Text Patterns for your protection / content classification rules. The Text Patterns use Regular Expressions (RegExes)

Or are you using Tagging rules? Tagging rules esp. Application Based Tagging rules configured incorrectly can significantly affect system performance..

0 Kudos
d.naraine
Level 7

Re: List of issues - any help would be appreciated

No tagging rules are enabled. We only use content clsasificatication rules.

0 Kudos
rtrezza
Level 7

Re: List of issues - any help would be appreciated

Do the systems run Mcafee Virus scan or another AV product? Have you added exclusions to the fcag processes so that a malware scanners don't interfere?

0 Kudos
d.naraine
Level 7

Re: List of issues - any help would be appreciated

fcag processes have been added to the exclusion lists, yes.

0 Kudos