cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Re: McAfee DLP: Agent up - no policy

UPDATE: I did a manual install of the DLP agent and the policy was applied. A workaround, but not a fix. It's not reasonable to deploy all of these manually.

Tags (1)

Re: McAfee DLP: Agent up - no policy

Mike_D,

Sorry for the delayed response as I am just now seeing this. 

So we were finally able to get successful deployments but we now have 8 machines that still have this issue. All the others have successfully worked for a few months with the exact same configuration. 


We did notice that the machines that are not working c:\programdata\mcafee\dlp folder there is just a Configuration.ogp and NOT the Global Policy.ogp that our working machines have. Also some of the logs have errors saying they could not find the .ogp. I tried to manually copy this over but that did not seem to change anything. 

 

I have also uninstalled DLP and manually installed it from the client since others said this helped in their situation but did not appear to work for me. Any other ideas would be greatly appreciated. 

Re: McAfee DLP: Agent up - no policy

Have you tried the new 11.1 version that was recently released?

Re: McAfee DLP: Agent up - no policy

Unfortuantely this is not an option for me yet as I have to get everything from a higher up group in the organization. Once it is an option it will defintely be the next thing I test.

kblowe
Level 8
Report Inappropriate Content
Message 15 of 20

Re: McAfee DLP: Agent up - no policy

I experienced a similar issue has well. Trying to upgrade DLP 10 to DLP 11.0.600 with Agent 551.388 installed on WIN10 1703's. The DLP deployment/upgrade via ePO bascially froze the computers. I had to manually shut them down because the sytesm was hosed, once up it shows DLP in the McTray, Agent wakeup and DLP is rollbacked.. Which it doesn't actually rollback, because DLP10 was removed during the install.

To make the long story short, installing the DLP Agent locally without ePO actually works to a certian extent. The systems still hose up but if you wait 15mins after it installs and reboot the computer, DLP 11 installs and you can open the DLP console and under installed programs & features DLP shows installed. I tried this with 11.0.600 and the latest 11.1 and it worked. Also DLP installs locally with 551.388 or 506.220. I'm going to monitor the 3 systems I have and see if DLP disappears/rollbacks from the machines before I continue to upgrade 5 more WIN10 1703's and 50 servers. The problem is this may only work locally. Meaning I will have to use a 3rd party tool to install DLP. For background HIPS & VSE 8.0.0 P11, Solidcore 8.0.0.855 are also installed, but in disabled or observe mode during the DLP install deployment via ePO or DLP local installation.

I hope this doesn't happen on Windows server 2008R2 or 2012's with Agent 5.0.6.220. Unacceptable for a product to cause unnecessary troubleshooting to the point of you need to uninstall all McAfee products. or go through installing it locally via 3rd party.

If you ahve any insight or expeirenced this probleme please respond.

McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 16 of 20

Re: McAfee DLP: Agent up - no policy

I would recommend logging a SR# with both McAfee Agent and Host DLP Team along with complete WebMER details for further investigation. The issue may not be related to local installation Or installation using ePO. Thanks.

kblowe
Level 8
Report Inappropriate Content
Message 17 of 20

Re: McAfee DLP: Agent up - no policy

The logs will be coming from a sensitive environment where I'm unable to gather logs and send over to Tech Support. Are there any steps are in place for an environment of this status?

McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 18 of 20

Re: McAfee DLP: Agent up - no policy

I would like to share some suggestions.

1. Recommended configuration of MA is MA 5.6 latest HF and DLP v.11.2 

2. Very rare chances that VSE Or any other point product is the cause. However ensure that you have exceptions inplace for DLP processes under VSE\ENS.

Endpoint Security and VirusScan Enterprise exclusions for Data Loss Prevention Endpoint to improve performance
Technical Articles ID:   KB68520
 
3.If the issue is still there, you can execute DLP Diagnostic Tool to check for more details. 
4. As the environment is restricted, then please run MER with Sanitize option and engage your McAfee Account Manager to liason with Support teams. Make sure logs are collected after enabling MA debugging and DLP Debugging.
 
How to enable debug logging for McAfee Agent to troubleshoot Windows
Technical Articles ID:   KB82170
 
How to enable Debug logging for Data Loss Prevention Endpoint
Technical Articles ID:   KB77803
 

 

kblowe
Level 8
Report Inappropriate Content
Message 19 of 20

Re: McAfee DLP: Agent up - no policy

Is there an update to this issue? I have seen this occur if you Upgrade your Agent from 506.220 to 55.447 or 55.1.388 before you upgrade DLP 10 to DLP 11.1.0232. If you upgrade DLP first & reboot, then upgrade the Agent this issue with DLP reporting Agent up - no policy did not occur for me on Server 2008R2 & 2012R2. Or if you hav a new system & you install 5.5.1.388 on it and try to install DLP this occurs. What is McAfee doing to address this issue? I have not seen one mention of it under known DLP known issues.

I have two servers with this issue because I did not upgrade DLP 1st before upgrading my Agent to 551.338. Now I have to uninstall AGENT and/or DLP to try to get the DLP console to show up under Manage Features.

So far I was able to go to Agent 55.0.447 and the DLP console is displaying. Since this Agent version meets our requirements, I'm going to leave the Agent at that version due to the fact upgrading to 551.288 may put me back where I started. Spending a great amount of time on this & McAfee should provide KB article or at least aknowledge this is an issue.

hater
Level 7
Report Inappropriate Content
Message 20 of 20

Re: McAfee DLP: Agent up - no policy

I have installed last agent version with last DLP policy version in ePo 5.10 and everything seems to be working fine.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator