9 Replies Latest reply on Jun 11, 2012 7:58 AM by SafeBoot

    Announcing Endpoint Encryption GO 1.0 Tool (EEGO)

      Announcing the availability of

      McAfee Endpoint Encryption GO 1.0 Tool

       

      Team,

       

      Available now, McAfee announces the release of McAfee Endpoint Encryption GO 1.0 Tool (EEGO).

       

      What is McAfee Endpoint Encryption Go?

      McAfee's Endpoint Encryption GO (EEGO) tool provides an Administrator with a deployment assessment of the readiness of Windows PCs for full disk encryption. The goal is to enable an Administrator to make an informed decision as to how, when and where McAfee full disk encryption can be successfully deployed. This is not a just single snapshot, but can be a continuous monitoring and reporting process providing Administrators information they can act upon.

       

      EEGO is a standalone tool available for McAfee Endpoint Encryption for PC version 6.x (EEPC), and is designed to complement an EEPC deployment. It is not however, a mandatory step in the deployment process.

       

      How does it work?

      EEGO is a standalone software package deployed via McAfee(R) ePolicy Orchestrator(R) (McAfee ePO TM) to the endpoint via a deployment task. Once installed, EEGO will report periodically to the McAfee ePO server with the current status of the machine. The information sent back to McAfee ePO is purely for reporting purposes, as EEGO takes no actions nor does it encrypt the machine. It can be deployed throughout an organization to have an initial glance at what steps an Administrator may need to address when EEPC is deployed, before actually deploying EEPC.

       

      A dashboard view

      An Administrator can view a single dashboard summary of the organization showing which machines are ready for encryption, and which machines are not ready. In the event of a competitive displacement, an Administrator can view the number of machines with a competitive product installed decrease as it is uninstalled, and marked as ready for encryption with EEPC.

       

      What information does EEGO report?

      EEGO will report the following information back to McAfee ePO:

      • If a competitive product is installed
        • SafeBoot Device Encryption, HP ProtectTools 2009, Bitlocker, PointSec, Truecrypt, GuardianEdge, Symantec Endpoint Encryption, SafeGuardEasy & PGP Whole Disk Encryption
      • Disk information (e.g. Disk firmware version, disk model, serial number, etc)
      • Data Channel statistics
      • The S.M.A.R.T data of the drive(s). This provides an indication to the administrator if the drive is possibly about to fail.
      • Opal Disk information (if an Opal Drive is present on the system)
      • Overall readiness for this machine to commence encryption

       

      While EEGO currently does not cover all of the possible areas of incompatibilities, the functionality of EEGO will be enhanced over time to include other checks and balances to drive towards a more thorough validation of a Windows PC prior to encryption. EEGO is a powerful tool, especially when used in combination with the checks and balances in the EEPC activation process.

       

      Customer benefits

      EEGO provides insights and efficiencies for an Administrator into the readiness and on-going status of full disk encryption on a Windows PCs in their organization. It's part of McAfee's commitment to make encryption easy to use and manage. Using EEGO as a part of an EEPC deployment can reduce the risks associated with the deployment of encryption and thereby reducing the costs.

       

      Availability

      EEGO is in the process of being uploaded to the Download site, which you can access via your Grant Number.

       

      Best regards

       

      Anthony Merry

      Senior Product Manager

      Endpoint Encryption for PC

        • 1. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
          SCtbe

          Hi,

           

          From FAQ and release notes I'm seeing lack of one major feature in EEGO. This would be running and reporting CHKDSK result as running disk scan is one of major requirements for installing EEPC.

          I found this very painful when I participated in fairly large deployment of EEPC.

          Someone may argue need of running CHKDSK especially on new laptops, but from my experience I know that this should be done equally on old and new disk (especially when we bare in mind that many of serviced disk are placed in new laptops).

           

          Regards.

          • 2. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
            jmcleish

            I would tend to agree with the need for incorporating chkdsk in some way

            • 3. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)

              We're capturing the SMART data - it's very unlikely the disk is in a worse state than SMART reports. This kind of makes the CHKDSK irrelevant.

               

              And, the jury is out on how useful CHKDSK is anyway - certainly a file system validation is of no value at all, and most people really don't have the patience to do a bad block scan, especially as SMART should notice the problem well before chkdsk does....

              • 4. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
                moriega

                In our environment we have users that are either dual booting their Macs using Boot Camp or Macs with Parallels. We have set these two applications identified as Incompatible Products in ePO under Server Settings--> Endpoint Encryption --> Manage No Compatible Products.This way EEPC will not go active and encrypt the systems.

                 

                Does EEGO read this incompatibility list or does it have its own integrated list of incompatible products.  If it does have its own list can it be modified as well?

                • 5. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
                  foliveir

                  Hello,

                   

                  The EEGO product has the incompatibility list that is available with EEPC 6.1 Patch 2. Currently it does not feature the ability to add new items to the incompatibility list. I would suggest that you submit a PER to add this functionality to EEGO.

                   

                  With my best regards,

                   

                  Fausto

                  • 6. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
                    moriega

                    That's perfect. I will find a few Macs that are running Boot Camp and Parrallels and verify that it works.

                     

                    However, I don't believe a PER is required to add new items. Actually a KB will probably be the best direction to go.

                     

                    We have already added the Boot Camp and Parrallels items to the incompatiblity list.

                     

                    When we first received EEPC back in the 6.0.0 or 6.0.1 time frame, we had a McAfee Rep visit our company to do assist with deployment of EEPC.

                     

                    Durig this time we saw some issues with ecnrypting Boot Camp Macs (dual boot) and Parrallels systems. He assisted us with locating the default XML file for the incompatibility list and modfiying the XML to add the new items with the configuration information that is required and testing it to ensure that that it works.

                     

                    Please see below on how to add Mac Boot Camp to the list:

                    <?xml version="1.0" encoding="UTF-8"?>

                    <PDProductList xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns1="" xsi:type="ns1:PDProductList">

                       

                        <!-- Define Mac Bootcamp -->

                        <products xsi:type="ns1:PDProduct">

                            <name>Mac Bootcamp</name>

                            <osType>Windows</osType>

                            <rules xsi:type="ns1:PDRule">

                                <fileEntries xsi:type="ns1:PDFileEntry">

                                    <path>[Program Files]\Boot Camp\Bootcamp.exe</path>

                                </fileEntries>

                            </rules>

                        </products>   

                       

                    </PDProductList>

                     

                    This XML file can be imported by going to Server Settings--> Endpoint Encryption --> Manage No Compatible Products

                     

                    If a KB is the best direction, then please contact me and I will be willing to assist.

                    • 7. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
                      foliveir

                      Hello,

                      I meant that EEGO does not have a way to have customized detections added to it, so if you want the EEGO product to be extended to feature this capability then a PER is needed so that the feature is taken into consideration.

                       

                      With my best regards,

                      Fausto

                      • 8. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)
                        mirrorless

                        Nice tools - any recomended/similiar tools for v5?

                        • 9. Re: Announcing Endpoint Encryption GO 1.0 Tool (EEGO)

                          Autodomain / competitive product checker do much the same thing.