3 Replies Latest reply on Nov 10, 2010 3:27 AM by bjackman

    EEFF/EERM issue with "50% encryption of free space" configuration.

      Hi there, apologies if this has been asked before, but I was unable to find a corresponding discussion.

      I am in the process of testing the following EEFF/EERM configuration (snapshot of configuration attached):

       

      - Use McAfee Endpoint Encryption for Removable Media=YES

      - Protected Area = 50% of free space.

      - Exclude Devices larger than is not set.
      - Make unprotected files & folders READ ONLY is not set.

      Version of EEFF being used is 3.2.5.5.

       

      I performed the following test using a 16 gigabyte micro CRUZER USB key:


      - I format the USB key as FAT32.

      - I copy across 6 x 700meg FILLER files (which were originally created with a dummy file creator utility).

         NOTE: I have recreated the issue with various file types.

      - I insert the USB key into a laptop with EEFF installed and the above-mentioned Removable Media configuration applied.

      - A prompt appears to encrypt the USB key and I click YES.
      - In the INITIALIZE REMOVABLE MEDIA window I enter/confirm an AUTHENTICATION password and then click the INITIALZE button.

      - A message appears indicating that the initialization has failed. (No other information is provided and the EVENT logs offer no obvious cause).

      - I delete 1 of the 700meg FILLER files from the USB key and then disconnect/reconnect the USB key to the laptop.

      - A prompt appears for to encrypt the USB key and I click YES.

      - In the INITIALIZE REMOVABLE MEDIA window I enter/confirm an AUTHENTICATION password and then click the INITIALZE button.

      - A message appears indicating that the initialization has completed.

      - Checking the USB key all appears to be in order, e.g. the 5 x 700meg FILLER files are in the UNPROTECTED FILES folder. Files created in the root of the USB key are encrypted. Files created in the UPROTECTED FILES folder are not encrypted.


      I then repeated this test with an 8 gigabyte USB key with the same results. I also ran the test under an administration account to determine if access levels were the cause, but I had the same result.

       

      In my opinion this looks suspsiciously like a FAT32 4gig limitation issue, but that's really only guessing.

       

      Any advice or guidance would be very appreciated.

       

      Regards
      David.

        • 1. Re: EEFF/EERM issue with "50% encryption of free space" configuration.
          rbdudani

          Hi David,

           

          Can you explain what is exact issue. coz by reading this 2-3 times. everything is working as it should.

          • 2. Re: EEFF/EERM issue with "50% encryption of free space" configuration.

            Apologies, I should have been clearer in my post.

             

            The issue I am experiencing is this:

             

              • With the EEFF/EERM configuration I have specified in my original post, I expected to be able to encrypt a removable storage device that contained more than 4 gigabytes of data and had more than 32 megabytes of free space (as my own tests have indicated that with "50% of free space" configuration I needed a minimum of 32 megabytes of free space on a removable storage device for the encryption to proceed).
              • As the average size of removable storage devices is ever on the increase, the amount of data people are storing on these devices will also increase. With this in mind, in today’s business environment, I believe it is not uncommon to find staff with larger capacity removable media devices that already contained more than 4 gigabytes of data prior to encryption being invoked. Or environment is bordering on 8 gigabyte USB keys being the standard.
              • The tests outlined in my original post indicates that "A message appears indicating that the initialization has failed" when I attempted to encrypt a removable storage device containing more than 4 gigabytes of data, but when I reduced the amount of data stored on the device to less than 4 gigabytes, the encryption completed successfully. As I had not been previously informed of this limitation by McAfee, nor finding it specified in the release notes for the version of EEFF we are running, it struck me as a strange result.
              • If the EERM product does not allow the encryption of removable storage devices that contain more than 4 gigabytes of data, then I guess the product is acting as expected, but I just need someone to confirm whether this is in fact the case.
              • My intention was to enable the "50% encryptionof free space" on any attached removable stroage device (USB keys, portable hard disks, SD cards, etc), but if encryption will only work if the device contains less than 4 gigabytes of data, then I am going to have to rethink my strategy. Don't get me wrong, I like what the product does and I want it to work for us, but I need to understand whether this is a limitation or not.

             

            I'm happy to provide more detail if required.

             

            Additonally, has anyone had any experience with running the EERM configuration I proposed at the top of my original post and encrypting an NTFS removable storage device (e.g. a portable hard disk) that contains data prior to being encrypted? Does EERM allow the encryption of an NTFS device?

             

            Regards

            David.

            • 3. Re: EEFF/EERM issue with "50% encryption of free space" configuration.

              If it is of any help I'm trying to encrypt a 1GB USB stick (tried on two PCs without success). It has two text files on it (~1MB total) and I've set the policy to encrypt 90% of free space and make existing files read only. Put the KEY in the slot and asked if I want to encrypt, say "yes", put in the EEFF password, get the "encryption Screen" enter the Authentication password (twice) press OK and get "Initialization Failed!" as you do.

               

              I was surmising it miight be hardware related but perhaps not? Don't think this helps you, but you're not alone!