cancel
Showing results for 
Search instead for 
Did you mean: 
slsmith
Level 7
Report Inappropriate Content
Message 1 of 20

McAfee DLP: Agent up - no policy

After going through numerous questions and KB articles I am still having an issue with DLP Endpoint console not showing on the client.

Recently completed a DLP course and configured the policies I need based off of the way the course showed me how to but we cannot get the policy to enforce. Also does not appear in Managed Features on the client even though the box is checked in ePO to show the console.

Versions:

DLPe: 10.0.350

MA: 5.0.5

ePO: 5.3.2

Any recommendations is greatly appreciated.

19 Replies

Re: McAfee DLP: Agent up - no policy

We have the same issue with the newer DLP 11 patch 3 and McAfee Agent 5.5

Support has been unable to assist with their only suggestion being reinstall everything.

I reinstalled just the Agent and that appears to fix it until the device reboots then the Agent up - no policy comes back

Have you had any luck. Did you try updating to a newer DLP version?

slsmith
Level 7
Report Inappropriate Content
Message 3 of 20

Re: McAfee DLP: Agent up - no policy

Unfortunately we are using the only version that a higher up organization of ours has provided to us at this time. We did get it somewhat fixed when we realized that it is a certain model (has a different image that our sys admins tweaked) vs another model that it is working on. We are just putting it on hold since all of our computers need to be replaced anyways. We are just leaving it on the working machines until the other non working machines are replaced.

McAfee Employee dlp-roger
McAfee Employee
Report Inappropriate Content
Message 4 of 20

Re: McAfee DLP: Agent up - no policy

https://kc.mcafee.com/corporate/index?page=content&id=KB68147 Supported platforms, environments, and operating systems for Data Loss Prevention Endpoint

Does your ePO server have hotfix 1144868?

Is McAfee agent running as "system" or a service account?

 

slsmith
Level 7
Report Inappropriate Content
Message 5 of 20

Re: McAfee DLP: Agent up - no policy

Yes I have installed that hotfix after I found the compatibility chart and I just verified that McAfee Agent is running as System.

Highlighted
hater
Level 7
Report Inappropriate Content
Message 6 of 20

Re: McAfee DLP: Agent up - no policy

The 5.5.1 is not quite compatible with 11.0.400 dlpe version

So I installed 5.0.6 over 5.5.1 and everything is ok. Policy received and all good.

McAfee Employee Mike_D
McAfee Employee
Report Inappropriate Content
Message 7 of 20

Re: McAfee DLP: Agent up - no policy

While I will agree with the 11.0.400 and McAfee Agent 5.5.1 policy issue ( work around in downgrading to 5.0.6 and resolved in recent release of 551) - also no telling if its McAfee Agent or DLP - McAfee Agent Development is kicking out the fix though. - **NOTE** That would not apply to this ^ config.
Agent 5.0.5 and 10.0.350 should have no issues with Policy application.
I would encourage you to jump to 11. There are several tools included in 11 that would help with this.

For now, (I am assuming you have this issue with EVERY SINGLE test machine)
1. check the system tree in EPO - make sure "McAfee Default" is not the assigned policy. The way to check is - Action > Directory Management > View Assigned Policies. This will tell you what EXACTLY is assigned the machines.
2. In the windows client configuration, make sure the User Interface Components have all the ticks enabled.
Client User Interface
Show DLP Console

Show 'Request DLP bypass' task in DLP Endpoint console

Show 'Request DLP bypass' button in end-user notification popup

Show discovery tab

Show request justification dialog

Enable end-user notification popup

Show end-user notification when multiple events are available in the DLP console.

3. if all is well here - check the c:\programdata\mcafee\dlp folder on the endpoint machine. Under agent - there will be opg files. These are your policy sets.


That should be a good enough start... let me know
-Mike

hater
Level 7
Report Inappropriate Content
Message 8 of 20

Re: McAfee DLP: Agent up - no policy

Thank you for you're quick reply. Will wait fot the further fix.

Re: McAfee DLP: Agent up - no policy

Is there any update to this issue? I'm working through the problem right now. I followed the steps Mike_D provdided an didn't find any .opg files in c:\programdata\mcafee\dlp\agent.

Re: McAfee DLP: Agent up - no policy

I do have an .opg file on the ePO server. The policy is only being pushed to that VM. I tried to copy that file onto an endpoint but for obvious security reasons, it didn't let me.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator