cancel
Showing results for 
Search instead for 
Did you mean: 

EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

I'm trying to make Encrypt on Demand work, which is technically an HDLP function, but I'm posting in EEM because it appears I'm missing the EEM encryption key...

Here's a quote from DLP v9 Product Guide for EPO 4.5 (the red text is the key)

Encrypt on demand

File system protection, removable storage protection, and discovery rules have an option to

encrypt on demand. This means that in addition to the usual actions of Block, Monitor, and so

forth, the option Encrypt is present on the rule wizard actions page. To use this option, McAfee

Endpoint Encryption must also be installed, and you must define an encryption key in McAfee

Host Data Loss Prevention with a name that matches a defined key in McAfee Endpoint

Encryption. If these conditions are not met, the action defaults to Block.

So, how do I determine where this encryption key is for EEM? I'm using EEPC 6.0.1, and there does not appear to be any facility to export or reveal an encryption key name to specify in the HDLP encryption RM and Encryption section.

I did open up an MMC, load up two Certificates Addons (one for computer acct and one for WCF Service Account). I then searched for any cert with keyword McAfee in it, and I found these three keys.

mycerts.gif

Are any of these the keys generated by EEM at the time of installation?

4 Replies

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

Self-Update - I found this thread and it's confirming my concern... EEPC does not support Encrypt on Demand for HDLP.

http://community.mcafee.com/message/108403#108403

If I'm interpreting this thread correctly, then I won't get encrypt on demand unless I do one of two things...

Downgrade EEPC v6 to EEM for PC v5.2.4 with EEFF v3.2.5

OR

I wait for the EEFF v4 (which incorporates EPO support) to be released, so I can keep all the management interfaces inside of EPO.

I guess it's time to talk to the rep.

Reliable Contributor SafeBoot
Reliable Contributor
Report Inappropriate Content
Message 3 of 5

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

you can run EEPC6 with EEFF 3.x at the same time - you don't have to link the two together (though it saves on a logon if you do so).

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

I wondered about this, but I read in the EEFF quick start guide (pages 5-6) that the EEM is a requirement.

Sequence of Events
The installation and setup of Endpoint Encryption is order-dependent and must be
done in the following sequence:
1. Install the Endpoint Encryption Manager.
2. Create the Object Database.
3. Create the Endpoint Encryption Communication Server application.
4. Add users to the system.
Introduction
6 |
5. Create encryption keys.
6. Assign users and security administrators to encryption keys.
7. Create encryption policies.
8. Assign policies to users.
9. Create a Endpoint Encryption for Files and Folders installation set.
10. Install Endpoint Encryption for Files and Folders on a client machine.
11. Further Activities – Encrypting Folders and File Types.
12. Removing Endpoint Encryption for Files and Folders and Endpoint Encryption
Manager.

So, how can I install EEFF v3.2.5 without the EEM 5.2.4 (or at least have it to where I'm using EEPC v6.0.1 in EPO 4.5 P2 and EEFF)? I'm assuming a hybrid configuration would require EEM to only manage EEFF and EPO to manage EEPC... thus causing the dual logins, is this correct?

Message was edited by: BionicSecurityEngineer on 6/11/10 9:05:01 AM CDT
Reliable Contributor SafeBoot
Reliable Contributor
Report Inappropriate Content
Message 5 of 5

Re: EEPC & HDLP's encrypt on demand?? Where's the EEM cert?

yes - you can use EEM to manage EEFF, EEPC, or both. You don't need EEPC5 to use EEFF3.

You'll end up with EPO for EEPC6 and HDLP, and EEM for EEFF3 though.

Wow! Lots of acronyms!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community