cancel
Showing results for 
Search instead for 
Did you mean: 

Question on DLP using ePO 4.0

Hi,

I'm very new to McAfee products in general and especially in ePO/DLP. I installed a test environment for the evaluation of the McAfee DLP solution, and - of course wink - ran into some problems.

I installed ePO v4.0 in combination with DLP agent 2.2 on W2k3 Server and SQL Server 2005 (latest updates in every case).

From my actual understanding, I have to install a dlp agent on every system that should be monitored. Additionally, I have to define a dlp policy for the system. I wanted to do this via the ePO interface, but I could only install the "ePO Agent"

, even if the DLP package is listed in "software":

It is also not possible, to define a DLP policy:



Can someone give me a hint, if I did/understand something basically wrong?

Thanks & Regards,
uchimata
9 Replies
ulyses31
Level 16
Report Inappropriate Content
Message 2 of 10

RE: Question on DLP using ePO 4.0

You first have to check-in de DLP client package under in your ePO repository (after having installed an ePO agent) and it will let you ONLY deploy the DLP agents.

For managing DLP policies you will have to use te DLP console (not supported by ePO console)

RE: Question on DLP using ePO 4.0

Hi,

thx for your in-time reply.



Ok, I installed the "DLP management tools" which contains the DLP managenent console - which - according to the help files - can be started via "ePO 4.0" => "systems" => "DLP policies"

I get the feeling that my install is missing any files, packages, etc?

Do you need any further information?

RE: Question on DLP using ePO 4.0

Is it possible install DLP 2.2 on the same server of ePO 4.0?
My ePO 4.0 doesn't have local DB but has an instance on a external SQL Server.
If I install DLP with SQL_EXPR_ADV locally on ePO 4.0 server, this could be a problem?

Thanks a lot

RE: Question on DLP using ePO 4.0



Hi,

just to clear my problem: What do you mean by DLP 2.2? The DLP-Client?
And SQL_EXPR_ADV?

As i remember, the DLP-Client does not run on W2k3 Server, which is needed by ePO?

Thx & Regards,
uchi_mata

RE: Question on DLP using ePO 4.0

Hi,

I kept working on my issue, and saw, that in the log of the "McAfee Agent" on the client system shows up a message: "policy for DATALOSS2000 enforced".

So the only thing i miss: How can I edit the DLP policies? I read on an DLP-Snapin for ePO 4.0 and the ManagementConsole, I didn't found anything on them.

Any further help would be great....

Thanks! & Regards,
uchi_mata

RE: Question on DLP using ePO 4.0

... also a simple rtfm, including specifying the manual, would help me....
Highlighted

RE: Question on DLP using ePO 4.0



You must install DLP extension (when you download DLP packet, you´ve got help_for_epo.zip). This DLP extension for EPO, gives you the functionality to create and manage dlp policies, and publish this policies in EPO to assign to machine/user.
You needs install:
- DLP TOOLS
- Eventparser service
- ReportManager (needs Sql server
- Management console (windows tool)
- Dataloss.zip (Extension for epo4 that need IIS Web Server, .net framework...). If the extension is installed correctly, a new tab appears in Systems(EPO4) name DLP Policy.

Sorry for my bad english

Good luck
abakali
Level 9
Report Inappropriate Content
Message 9 of 10

DLP senario

recently i have tested DLP in various enviroment on VM and DLP in cluster mode

RE: DLP senario

the solution of 8# is The Best Practices!
good luck!
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator