cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
BionicSecurityE
Level 7
Report Inappropriate Content
Message 1 of 5
‎06-10-2010 01:11 PM

EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

I'm trying to make Encrypt on Demand work, which is technically an HDLP function, but I'm posting in EEM because it appears I'm missing the EEM encryption key...

Here's a quote from DLP v9 Product Guide for EPO 4.5 (the red text is the key)

Encrypt on demand

File system protection, removable storage protection, and discovery rules have an option to

encrypt on demand. This means that in addition to the usual actions of Block, Monitor, and so

forth, the option Encrypt is present on the rule wizard actions page. To use this option, McAfee

Endpoint Encryption must also be installed, and you must define an encryption key in McAfee

Host Data Loss Prevention with a name that matches a defined key in McAfee Endpoint

Encryption. If these conditions are not met, the action defaults to Block.

So, how do I determine where this encryption key is for EEM? I'm using EEPC 6.0.1, and there does not appear to be any facility to export or reveal an encryption key name to specify in the HDLP encryption RM and Encryption section.

I did open up an MMC, load up two Certificates Addons (one for computer acct and one for WCF Service Account). I then searched for any cert with keyword McAfee in it, and I found these three keys.

mycerts.gif

Are any of these the keys generated by EEM at the time of installation?

0 Kudos
Reply
4 Replies
BionicSecurityE
Level 7
Report Inappropriate Content
Message 2 of 5
‎06-11-2010 05:24 AM

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

Self-Update - I found this thread and it's confirming my concern... EEPC does not support Encrypt on Demand for HDLP.

http://community.mcafee.com/message/108403#108403

If I'm interpreting this thread correctly, then I won't get encrypt on demand unless I do one of two things...

Downgrade EEPC v6 to EEM for PC v5.2.4 with EEFF v3.2.5

OR

I wait for the EEFF v4 (which incorporates EPO support) to be released, so I can keep all the management interfaces inside of EPO.

I guess it's time to talk to the rep.

0 Kudos
Reply
SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 5
‎06-11-2010 06:52 AM

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

you can run EEPC6 with EEFF 3.x at the same time - you don't have to link the two together (though it saves on a logon if you do so).

0 Kudos
Reply
BionicSecurityE
Level 7
Report Inappropriate Content
Message 4 of 5
‎06-11-2010 07:03 AM

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

I wondered about this, but I read in the EEFF quick start guide (pages 5-6) that the EEM is a requirement.

Sequence of Events
The installation and setup of Endpoint Encryption is order-dependent and must be
done in the following sequence:
1. Install the Endpoint Encryption Manager.
2. Create the Object Database.
3. Create the Endpoint Encryption Communication Server application.
4. Add users to the system.
Introduction
6 |
5. Create encryption keys.
6. Assign users and security administrators to encryption keys.
7. Create encryption policies.
8. Assign policies to users.
9. Create a Endpoint Encryption for Files and Folders installation set.
10. Install Endpoint Encryption for Files and Folders on a client machine.
11. Further Activities – Encrypting Folders and File Types.
12. Removing Endpoint Encryption for Files and Folders and Endpoint Encryption
Manager.

So, how can I install EEFF v3.2.5 without the EEM 5.2.4 (or at least have it to where I'm using EEPC v6.0.1 in EPO 4.5 P2 and EEFF)? I'm assuming a hybrid configuration would require EEM to only manage EEFF and EPO to manage EEPC... thus causing the dual logins, is this correct?

Message was edited by: BionicSecurityEngineer on 6/11/10 9:05:01 AM CDT
0 Kudos
Reply
SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 5
‎06-11-2010 07:05 AM

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

yes - you can use EEM to manage EEFF, EEPC, or both. You don't need EEPC5 to use EEFF3.

You'll end up with EPO for EEPC6 and HDLP, and EEM for EEFF3 though.

Wow! Lots of acronyms!

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC