1 2 3 Previous Next 20 Replies Latest reply on May 4, 2010 4:32 PM by SCtbe

    EEPC v6.0.1: Endpoint Encryption is Inactive

    babatola

      I am currently having challenges encrypting systems.

       

      I have followed the user guide throughly  and I have also used the unofficial guide on this community and nothing seems to be working.

       

      Funny enough, when i started out this project, we had actually encrypted with EEPC 6.0 but we had issues where systems were crashing. the project was halted and we were able to manually recover the systems with the help of folks here.

       

      So we are resuming the project ( we never get tired of trying out encryption, lol) and we are operating with the EEPCv6Patch1....however, it just shows the system state has inactive.

       

      EEPC is integrated on a VM (Virtual ePO). We later migrated to a physical box and the issue persist!!!!!    please who has got any ideas????

       

      A disturbing fact, however, is that a Mcafee Support Engineer claims encryption would not start without enabling preboot authentication.

       

      I have encrypted with eepc6.0, without preboot authentication and it encrypted.....so I really do not believe that encryption would not work without preboot authentication.

        • 1. Re: EEPC v6.0.1: Endpoint Encryption is Inactive

          There are many reasons that EEPC v6 can show inactive. Many possible situations were covered in recent posts. Please review installation walk through as it had been well documented by Dan Larson:

          http://community.mcafee.com/blogs/danlarson/2009/11/30/unofficial-quickstart-gui de-for-mcafee-eepc-v6

           

          What is your client OS?

           

           

          Message was edited by: peter_eepc on 5/4/10 9:35:26 AM EDT
          • 2. Re: EEPC v6.0.1: Endpoint Encryption is Inactive
            babatola

            Thanks EEPC. I have gone through the unofficial guide and it is still not active.


            the client OS  varies from Windows XP to Windows Vista and Windows7. I had encrypted earlier with the eepc v6 without the patch, but not i cannot with the 6.0.1.


            i have also tried 6.0 again but it just shows that the encryption state is inactive

            • 3. Re: EEPC v6.0.1: Endpoint Encryption is Inactive

              Did you enable EE Plugin log, and checked that log?

              Is proper domain user assigned to your system?

              Is that user with admin rights logged in to PC?

              EE policy enforced?

              Windows XP or 7 (without recovery partition)?

              EE policy with encryption enabled on all disks?

              EE policy changed recently and ASCI performed?

              Windows Server registered and LDAP authenticated with "domain\admin" account?

              ....just to name a few.

              • 4. Re: EEPC v6.0.1: Endpoint Encryption is Inactive
                babatola

                Based on your questions, here are the steps/precautions we took:


                Did you enable EE Plugin log, and checked that log?    I enabled the log, from registry and set the logging level to 4.

                Is proper domain user assigned to your system?           Yes, domain user(active) where assigned to the systems. I tested both at the system level and at the group level.

                Is that user with admin rights logged in to PC?               Yes a user with admin right is logged into the machine

                EE policy enforced?                                                      I cannot tell if the policy enforces as I have not seen any change. Though agent log displays: enforcing policy

                Windows XP or 7 (without recovery partition)?                 Both. Test deployment cover both operating systems

                EE policy with encryption enabled on all disks?              Yes, all disk  was enabled

                EE policy changed recently and ASCI performed?           Dont understand the question

                Windows Server registered and LDAP authenticated with "domain\admin" account?   Yes a domain admin account was used to register the ldap, and subsequent integration



                However, can you please clarify this: Do I necessary have to enable pre-boot authentication before encryption can take place?

                • 5. Re: EEPC v6.0.1: Endpoint Encryption is Inactive

                  encryption will take place regardless of the status of autoboot mode.

                  • 6. Re: EEPC v6.0.1: Endpoint Encryption is Inactive
                    babatola

                    Thank you SafeBoot. I have always known that, but I had to re-confirm this because a McAfee support engineer told us that encryption would not work without preboot authenication.


                    I am quite that you have been helpful in the past as regards EEPC failing on systems, when we initially deployed 6.0 and preboot was not enabled.


                    Now, what baffles me is that going through the same process again, I cannot seem to be able to encrypt the systems anymore............ I dont know if there is an update with the EEPC patch1 preventing encryption.


                    However this issues is rampant and I suggest mcafee should recall/investigate the eepc patch1.


                    Thanks

                    • 7. Re: EEPC v6.0.1: Endpoint Encryption is Inactive

                      The problem is, that EEPC patch one seems to work for most customers, certainly it works for more people than the previous version.

                       

                      I suggest you grab a full logfile from your client and open a support ticket (or post it here for inspection). Most of the time with clients which would not activate, it's because of EPO data channel problems (network issues, or you have an epo4.0 server listed in the connection strategy, or incompatible situations (like the client is detecting another crypto product and is aborting because of it).

                       

                       

                      Message was edited by: SafeBoot (typo) on 5/4/10 1:06:09 PM EDT
                      • 8. Re: EEPC v6.0.1: Endpoint Encryption is Inactive
                        babatola

                        OK. I would get a log file and post it here. However i currently do not have access to a client machine now.


                        I hope tomorrow would not be too late.


                        In  the mean time, can you just give me a brief or guide on troubleshooting EEPC v6. This product is interesting but its features seem limited.


                        No appropriate logs

                        • 9. Re: EEPC v6.0.1: Endpoint Encryption is Inactive

                          what features were you looking for?

                           

                          You need to turn the logging on, then the log is a mile long - there's a tool (EEPC Log Viewer) available to help make sense of it (retabluating it in a nice way etc).

                          1 2 3 Previous Next