cancel
Showing results for 
Search instead for 
Did you mean: 
Nick_B
Level 11
Report Inappropriate Content
Message 1 of 4

McAfee Drive Encryption Upgrade to v7.2.9 - Best Practice Advice

Dear McAfee Community Members,

I'm on a client site next week to upgrade them from ePO 5.3.2 to 5.9.1 (or 5.10.0), McAfee Agent to 5.6.1 and McAfee Drive Encryption from 7.2.2 to 7.2.9.

On the scoping call they mentioned they are having issues with Single Sign-on in that when the users change their passwords remotely they are out of sync with their Windows passwords and they are required to bring in their device to the office to connect it to the LAN to sync up. Sound familiar?

They do not have an Agent Handler in the DMZ however, if the users connect in via VPN would that not negate the need for the Agent Handler?

I'd appreciate advice on the best way for the users to successfully change their passwords when they are away from the office and are forced to do so remotely.

They are considering having an Agent Handler deployed in their DMZ to alleviate this issue but in the meantime if there is anything they can do, that would be most helpful.

Thanks in advance!

Labels (2)
3 Replies
McAfee Employee JaganA
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: McAfee Drive Encryption Upgrade to v7.2.9 - Best Practice Advice

@Nick_BThanks for choosing McAfee Community and appreciate your time.

Let me explain how the password change works.

Change the Windows password by pressing CTRL+ALT+DEL, at this point the password is captured by Windows Credential Provider (WCP).

Now, McAfee Credential Provider collects the changed password from WCP.

Sends the user info to DB via Agent Handler.

ePO has to acknowledge back to the client system stating it has received.

Now, the old password will be replaced on the client system.

In order to complete this process, AH in DMZ is not mandatory.

If the end user is able to connect to the ePO server via VPN also sufficient. But, the event processing cycle should complete successfully.

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?
Nick_B
Level 11
Report Inappropriate Content
Message 3 of 4

Re: McAfee Drive Encryption Upgrade to v7.2.9 - Best Practice Advice

Hi @JaganA  many thanks for taking the time to respond. That's really useful info!

So it should not matter in theory then whether the user changes his password in the office or at home, so long as they have an active VPN connection if changing it at home or an Agent Handler in the DMZ?

With regard to the upgrade of the MDE software from 7.2.2 to 7.2.9, I was planning to tag the machines for this, but would it be advisable for the upgrade itself to be performed in the office when on the LAN? They do not have an Agent Handler in the DMZ as yet but may install one at some point. 

I look forward to hearing from you.

Speak soon.

McAfee Employee JaganA
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: McAfee Drive Encryption Upgrade to v7.2.9 - Best Practice Advice

@Nick_B yes, it doesn't matter.

It can be connected over VPN or LAN however, recommended to be over LAN because of the MDE package pushed to the client.

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community