2 Replies Latest reply on Apr 14, 2010 9:43 AM by vimalnavis

    DLP 9 - two issues

    mattw2

      We've started to push out DLP 9 on our network.

      The initial batch of PCs went Ok, however there have been a couple of issues with the second batch...

       

      First, some PCs don't appear to be picking up the Policies correctly.

      The only DLP settings we have enabled is monitoring of Removable Storage, which is set to monitor only with no user warnings or any actual blocking taking place.  However, on at least a couple of PCs, the users are getting a pop-up when they send an e-mail reporting that DLP is scanning their e-mail.

      The DLP reports indicate the PCs do have the policy, so i can't see why they are doing this when there are no e-mail or content tracking rules setup/enabled.

       

      The second issue is restricted to our Dell Latitude XT tablet PCs all running XP Tablet edition.

      After the reboot for installing DLP, they won't actually boot into windows. The only solution being to select "Last known good configuration" off the F8 boot menu. They do all have McAfee Endpoint Encryption for PCs installed too, which may (or may not) be a contributory factor.

      I've not seen an afffected system myself, so i'm not sure if they're generating a BSOD and then auto-restarting.

      I have tested, so far, installing DLP to an un-encrypted XT, applying the policy then restarting, but was unable to reproduce, so i then encrypted it, but again, no problem.

      For my next test, i'll encrypt before installing DLP.

       

      Just wondering if anyone has come across either of these issues before and what i might be able to do to overcome them.

       

      thanks in advance.

       

      Matt.

        • 1. Re: DLP 9 - two issues

          In addition to user notification - there is a tab in agent configuration section where you can turn off mail scanning. Give a try!

           

          Thanks.

           

          - AB

          • 2. Re: DLP 9 - two issues

            In order to ensure that all computers pick up policies from ePO, restart the computer after HDLP deployment as soon as possible.

            Disable the "Show progress bar when outgoing emails are processed by the DLP Agent" option under Agent Configuration -> Email probe. I have seen this pop up come up even if HDLP is not the culprit. e.g. Network issues.

            I do not believe XP Tablet Edition as an operating system is supported. Please check with McAfee support.

             

            You would want to spend more time with the Proof of Concept / Test Environment before beginning a Production Deployment.

            Most of the issues can be avoided that way.

             

             

            Message was edited by: vimalnavis on 4/14/10 9:43:00 AM CDT