McAfee DTP-165C-DPVG Installation Guide

McAfee DTP-165C-DPVG - Network DLP Prevent 1650 Appliance Manual

Get McAfee DTP-165C-DPVG - Network DLP Prevent 1650 Appliance PDF manuals and user guides View all McAfee DTP-165C-DPVG manuals
Add to My Manuals
Save this manual to your list of manuals

McAfee DTP-165C-DPVG manual content summary:

  • McAfee DTP-165C-DPVG | Installation Guide - Page 1
    Installation Guide Revision A McAfee Data Loss Prevention 9.2.0
  • McAfee DTP-165C-DPVG | Installation Guide - Page 2
    INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. 2 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 3
    Contents Preface 5 About this guide 5 Audience 5 Conventions 5 Find product documentation 6 1 Introduction to McAfee Total Protection for DLP 9.2.0 7 McAfee Unified DLP deployment 7 McAfee DLP products to McAfee DLP Manager 35 McAfee Data Loss Prevention 9.2.0 Installation Guide 3
  • McAfee DTP-165C-DPVG | Installation Guide - Page 4
    ePolicy Orchestrator 46 Installing McAfee DLP WCF service 47 Install the McAfee DLP WCF service 48 Repository folders 53 Creating and configuring McAfee clients 71 Set an Agent Override password 72 Set the manual tagging option 72 Installation and configuration complete 73 Index 75
  • McAfee DTP-165C-DPVG | Installation Guide - Page 5
    - People who determine sensitive and confidential data, and define the corporate policy that protects the company's intellectual property. Conventions This guide uses the following typographical conventions and icons. Book title or Emphasis Title of a book, chapter, or topic; introduction of a new
  • McAfee DTP-165C-DPVG | Installation Guide - Page 6
    troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase. Task 1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com. 2 Under Self Service version. 6 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 7
    and on endpoints. Actions can also be added to any rule to handle any problem as soon as it is detected. Contents McAfee Unified DLP deployment Management options Installation all email and webmail and applies actions to resolve any problems. McAfee Data Loss Prevention 9.2.0 Installation Guide 7
  • McAfee DTP-165C-DPVG | Installation Guide - Page 8
    server IP:8443>. Mozilla Firefox 3.0.x and Microsoft Internet Explorer 7 browsers are supported. • If McAfee DLP is run as a virtual appliance, use the are beyond the scope of this guide. See the McAfee Data Loss Prevention 9.2 Virtual Appliance Installation Guide for more information. 8 McAfee
  • McAfee DTP-165C-DPVG | Installation Guide - Page 9
    have tabbed sections that are separate extensions in ePolicy Orchestrator. Figure 1-2 McAfee DLP Manager Figure 1-3 McAfee DLP in ePolicy Orchestrator McAfee Data Loss Prevention 9.2.0 Installation Guide 9
  • McAfee DTP-165C-DPVG | Installation Guide - Page 10
    Virtual appliance installation is documented in McAfee Data Loss Prevention 9.2 Virtual Appliance Installation Guide. Linux operating systems These appliance models running the Linux operating system support McAfee DLP 9.2 software: • Model 4400 • Model 1650 • Model 3650 McAfee DLP Discover, McAfee
  • McAfee DTP-165C-DPVG | Installation Guide - Page 11
    received the following items: • Region-specific power cords - 2 • CAT5 cables - 3 • Serial cable: RJ-45 to RS-232 - Cisco console cable McAfee Data Loss Prevention 9.2.0 Installation Guide 11
  • McAfee DTP-165C-DPVG | Installation Guide - Page 12
    is shipped on an Intel® Server System SR2612UR. For rack mounting instructions, download the Intel® Server System SR2612UR Service Guide from the Intel download site. http://download.intel.com/support/motherboards/server/s5520ur/sb/r2612ur_service_guide_14.pdf For more information, download the
  • McAfee DTP-165C-DPVG | Installation Guide - Page 13
    IP address 192.168.1.2, but a new IP address and other network parameters are required to integrate it into the network. McAfee Data Loss Prevention 9.2.0 Installation Guide 13
  • McAfee DTP-165C-DPVG | Installation Guide - Page 14
    you begin You must have completed the network settings required on the Network Configuration page of the Setup Wizard. 14 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 15
    Configure McAfee DLP Manager 2 Task 1 On the Time Configuration page, change the time zone. 2 Select Manual to set NTP to local time. On this first configuration, you will not yet be able to by completing the final step in this document. McAfee Data Loss Prevention 9.2.0 Installation Guide 15
  • McAfee DTP-165C-DPVG | Installation Guide - Page 16
    appliance to the LAN switch, and the port used by the WAN router. 2 Apply the appropriate SPAN port configuration. 16 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 17
    switch and the first device. Figure 2-5 Network tap configuration 1 Capture ports 2 Analyzer ports 3 Network tap 4 LAN 5 LAN switch 6 Router 7 WAN McAfee Data Loss Prevention 9.2.0 Installation Guide 17
  • McAfee DTP-165C-DPVG | Installation Guide - Page 18
    This method requires physical disconnection and reconnection of network cables, so it disrupts traffic. A service window is required. With this configuration, full traffic capture is done even under heavy load 4.5 or 4.6, you can do it now. 18 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 19
    installation, download the software from the Service Portal and copy it to the as "iguard". Task 1 Open the McAfee Service Portal by typing support.mcafee.com into the address bar of , or locate and click the link under the Corporate Support heading. 3 In the Download My Products field, enter
  • McAfee DTP-165C-DPVG | Installation Guide - Page 20
    /data directory and the kernel/boot loader information in the boot directory are copied over to the new installation. 20 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 21
    1 Log on to the appliance as root. 2 Go to the product installation directory under the /data directory. # cd /data/ McAfee Data Loss Prevention 9.2.0 Installation Guide 21
  • McAfee DTP-165C-DPVG | Installation Guide - Page 22
    on to the appliance as root. 2 Go to the product installation directory under the /data directory. # cd /data/ 22 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 23
    be released. If this occurs, installation of the release image automatically updates the boot loader for the corresponding kernel version. McAfee Data Loss Prevention 9.2.0 Installation Guide 23
  • McAfee DTP-165C-DPVG | Installation Guide - Page 24
    process that runs from the DVD restores the drives of the model 4400 appliance to their pre-installed state. 24 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 25
    , download the software from the Service Portal and copy it to the as "iguard". Task 1 Open the McAfee Service Portal by typing support.mcafee.com into the address bar of a Downloads, or locate and click the link under the Corporate Support heading. 3 In the Download My Products field, enter
  • McAfee DTP-165C-DPVG | Installation Guide - Page 26
    minutes. 5 Install the application. Enter ./install_platform to display the current platform type, along with other options. # ./install_stingray -P 26 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 27
    completely stopped before proceeding. If the patch installation fails, do not install it again. Call McAfee support and submit an installation log file. Task 1 Log on to the appliance as root. 2 Check until the upgrade to 9.2.0 is complete. McAfee Data Loss Prevention 9.2.0 Installation Guide 27
  • McAfee DTP-165C-DPVG | Installation Guide - Page 28
    to 9.2.0 on legacy appliances 7 Go to the hotfix directory, run the hotfix installation script, and reboot. # cd /data/hotfix # ./install_hotfix # reboot 8 Start the network DLP service. # service stingray restart 28 McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 29
    has a unique protection strategy that requires different settings. Consult the McAfee Total Protection for Data Loss Prevention 9.2.0 Product Guide for more information. Contents Configure McAfee DLP appliances using Setup Wizard Configure McAfee DLP appliances after installation Add McAfee DLP
  • McAfee DTP-165C-DPVG | Installation Guide - Page 30
    DNS servers, then click Next. Figure 5-1 Network configuration You must enter a fully-qualified domain name into the Hostname field. 30 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 31
    Time Configuration page, set the time zone, select the NTP server, and click Next. Figure 5-2 Time configuration You might want to set the NTP server manually in some cases. McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 32
    from the Policies page. For example, you might want to use international policies that are available on that page. 32 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 33
    Setup page, type in an email address for the primary administrator and set a password, then click Next. Figure 5-4 Administrator setup McAfee Data Loss Prevention 9.2.0 Installation Guide 33
  • McAfee DTP-165C-DPVG | Installation Guide - Page 34
    8 If you are setting up McAfee DLP Prevent, type in the IP address of a smart host, then click Next. 34 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 35
    can choose a port configuration. The McAfee DLP appliance is a Gigabit network device, so it is possible to bring it down. McAfee Data Loss Prevention 9.2.0 Installation Guide 35
  • McAfee DTP-165C-DPVG | Installation Guide - Page 36
    McAfee DLP Manager. If you change the IP address, the network service needs to be restarted. Stingray automatically restarts the appliance to register one McAfee DLP Prevent system, but contact a McAfee Customer Service representative to assure proper performance. If you need more information about
  • McAfee DTP-165C-DPVG | Installation Guide - Page 37
    created must be limited to those supported by the MTA. 7 Must be able to inter-operate with an email encryption appliance (if this capability is needed) and instruct the encryption appliance to encrypt DLP Manager before it is configured. McAfee Data Loss Prevention 9.2.0 Installation Guide 37
  • McAfee DTP-165C-DPVG | Installation Guide - Page 38
    supported. A smart host is configured only if SMTP email is being processed, and configuring more than one is not supported Directory or OpenLDAP servers to support integration of McAfee DLP with Services. 2 On your Linux-based appliance, select System | System Administration | Directory Services
  • McAfee DTP-165C-DPVG | Installation Guide - Page 39
    Loginid Attribute. Use samaccountname to retrieve user names from the server. 9 Type in the user name (Login DN) and Password. McAfee Data Loss Prevention 9.2.0 Installation Guide 39
  • McAfee DTP-165C-DPVG | Installation Guide - Page 40
    a web browser and log on to the Network McAfee DLP Manager. 7 In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Directory Services. 8 On your Linux-based appliance, select System | System Administration | Directory
  • McAfee DTP-165C-DPVG | Installation Guide - Page 41
    , and the network, but you only have to identify a time server during the initial installation of the system. Stop and restart the NTP daemon to manually reset the time and resyncronize the system. McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 42
    the NTP daemon. # service ntpd stop # chkconfig --level 2345 ntpd off 3 Restart the NTP daemon. # service ntpd start # chkconfig --level 2345 ntpd on The service command will control the service while the system is All in the Filter by frame. 42 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 43
    Install McAfee ePolicy Orchestrator Install McAfee ePolicy Orchestrator Installing McAfee DLP WCF service Repository folders User and permission sets Install the McAfee Data Loss Prevention serving all workstations and the McAfee ePO server McAfee Data Loss Prevention 9.2.0 Installation Guide 43
  • McAfee DTP-165C-DPVG | Installation Guide - Page 44
    -bit • Windows 7 32- or 64-bit • Windows 2008 Server R2 64-bit Servers are supported for McAfee Device Control software only. The user installing McAfee DLP Endpoint software on the servers must be installed through ePolicy Orchestrator) 44 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 45
    supported Windows systems. 2 Install Windows Installer 3.0 (Windows 2003) or 4.5 (Windows 2008) and restart the system. Install all Microsoft Windows Service Guide and release notes to familiarize yourself with all installation issues. Some of the installation scripts require the NETWORK SERVICE
  • McAfee DTP-165C-DPVG | Installation Guide - Page 46
    precautions you should be aware of. Read the McAfee ePolicy Orchestrator Installation Guide and release notes to familiarize yourself with all installation issues. Some of the installation scripts require the NETWORK SERVICE account to have write permission for the C:\Windows\Temp folder. In secure
  • McAfee DTP-165C-DPVG | Installation Guide - Page 47
    service service The McAfee DLP Windows Communication Foundation (WCF) service installing the McAfee DLP WCF service, you are asked to specify service installation options There are two basic options for installing the Windows Communication Foundation (WCF) service the WCF service installation wizard.
  • McAfee DTP-165C-DPVG | Installation Guide - Page 48
    complete, you can troubleshoot the installation to resolve problems. Before you begin Before installing the McAfee DLP WCF service, create a user in Microsoft SQL server. You must do this even if you are going to use Windows authentication. 48 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 49
    user does not work with the McAfee DLP WCF service. In McAfee DLP Manager product suite, Windows authentication is not supported because communication is between the ePolicy Orchestrator database (Microsoft Manager to ePolicy Orchestrator. McAfee Data Loss Prevention 9.2.0 Installation Guide 49
  • McAfee DTP-165C-DPVG | Installation Guide - Page 50
    6 Installing McAfee DLP Endpoint Installing McAfee DLP WCF service Task 1 Open SQL Server Management Studio (Express) and connect to the EPOSERVER instance. 2 In the Object Logins. Right-click in the Logins page, then select New Login. 50 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 51
    Installing McAfee DLP Endpoint Installing McAfee DLP WCF service 6 5 On the General page of the Login Properties window, select SQL Server authentication and type the Select Objects window, click Object Types and select Databases. Click OK. McAfee Data Loss Prevention 9.2.0 Installation Guide 51
  • McAfee DTP-165C-DPVG | Installation Guide - Page 52
    14 Click OK. Troubleshoot the McAfee DLP WCF service After installation of the McAfee DLP WCF service and installation of , use the troubleshooter to verify the installation. To troubleshoot the McAfee DLP WCF service, use the service testing page 52 McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 53
    the installation wizard (WCF Service Settings), do the following: a Use the default WCF Server Port value. If you must change the server port, consult your McAfee representative for instructions. b We recommend for your environment. McAfee Data Loss Prevention 9.2.0 Installation Guide 53
  • McAfee DTP-165C-DPVG | Installation Guide - Page 54
    , but can be added as a security precaution. Alternately, you can add permissions only for those administrators who deploy policies. 54 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 55
    Data for the whitelist folder. Verify that the Apply onto option says This folder, subfolders and files, then click OK. McAfee Data Loss Prevention 9.2.0 Installation Guide 55
  • McAfee DTP-165C-DPVG | Installation Guide - Page 56
    , the permission set names appear in the user form and you can attach the user to them. 3 Click Save. 56 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 57
    cannot view DLP Monitor User is not a monitor administrator User can view DLP Monitor User has full policy administrator permissions. McAfee Data Loss Prevention 9.2.0 Installation Guide 57
  • McAfee DTP-165C-DPVG | Installation Guide - Page 58
    . appears, click OK. 4 When the McAfee DLP Endpoint policy console First Time Initialization wizard appears, complete the following steps: 58 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 59
    Support discovery delete option. This option is not available until you update to the full McAfee Data Loss Prevention Endpoint software installation. For troubleshooting a role-based group such as DLP Manual Tagging Users, and using the group when Guide for more information on Agent
  • McAfee DTP-165C-DPVG | Installation Guide - Page 60
    , select Edit Global Agent Configuration. 7 Go to the File Tracking tab and select Device Control and full content protection. 60 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 61
    to ePolicy Orchestrator 6 8 Go to the Miscellaneous tab. Only the Agent Popup service, Device Blocking, and Reporting Service modules are selected. Select the remaining modules you require to enable them and be used to test the system. McAfee Data Loss Prevention 9.2.0 Installation Guide 61
  • McAfee DTP-165C-DPVG | Installation Guide - Page 62
    Organization, the right-hand pane displays the available workstations. You can also deploy McAfee DLP Endpoint to individual workstations. 62 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 63
    key for the user. This Release Code is sent to the user to enter into the request bypass dialog box. McAfee Data Loss Prevention 9.2.0 Installation Guide 63
  • McAfee DTP-165C-DPVG | Installation Guide - Page 64
    6 Installing McAfee DLP Endpoint Uninstalling McAfee DLP Endpoint 64 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 65
    McAfee DLP Manager and the ePolicy Orchestrator server Configuring McAfee DLP Endpoint on McAfee DLP Manager Installation and configuration complete McAfee Data Loss Prevention 9.2.0 Installation Guide 65
  • McAfee DTP-165C-DPVG | Installation Guide - Page 66
    bar. https:///eponetdlp/netdlp.zip The extension can also be downloaded from the McAfee Support Portal, or copied from the /data directory of the downloaded and expanded McAfee DLP Manager the protection rules will work. 66 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 67
    Add New Evidence Server page. 5 Select Copy evidence using NETWORK SERVICE or logged on user. 6 In the Evidence Replication section, Manual Tagging Authorization to all users. This sets up the agent to support manual tagging through McAfee DLP Manager. Selecting the Allow Manual Installation Guide 67
  • McAfee DTP-165C-DPVG | Installation Guide - Page 68
    -based, but a McAfee DLP Manager is a Linux server that does not support Windows-based authentication of users. Database user accounts are used to make the the ePolicy Orchestrator server, which is required to support McAfee DLP Endpoint features. 68 McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 69
    installed at this point. You must have ePolicy Orchestrator registration information ready for entry on the Add New Device page. McAfee Data Loss Prevention 9.2.0 Installation Guide 69
  • McAfee DTP-165C-DPVG | Installation Guide - Page 70
    decrypt evidence and override default reactions. • Add a list of printer models that cannot be controlled by McAfee DLP software. • Create tags, then set up optional manual tagging 70 McAfee Data Loss Prevention 9.2.0 Installation
  • McAfee DTP-165C-DPVG | Installation Guide - Page 71
    overwrite the events on the evidence server. Because of this potential problem, you must deliberately generate a policy to support installation of the updated endpoint product. You must also set an on the system Manage Endpoints page. McAfee Data Loss Prevention 9.2.0 Installation Guide 71
  • McAfee DTP-165C-DPVG | Installation Guide - Page 72
    . A group of clients might be updated to the new version, but support for older clients still in use might still be needed. The need for must be set up on McAfee DLP Manager. After they are created, manual tags are pushed to users at endpoints by the McAfee Agent client. The 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 73
    | Tag Labels. 3 Select a tag. 4 Select the Allow Manual Tagging checkbox. 5 Click Save. Installation and configuration complete Installation and ePolicy Orchestrator Data-in-Use dashboard. Consult the Product Guide for McAfee Total Protection for Data Loss Prevention 9.2 for
  • McAfee DTP-165C-DPVG | Installation Guide - Page 74
    7 Integrating McAfee DLP Endpoint into a unified policy system Installation and configuration complete 74 McAfee Data Loss Prevention 9.2.0 Installation Guide
  • McAfee DTP-165C-DPVG | Installation Guide - Page 75
    Policy console, installing 58 documentation audience for this guide 5 product-specific, finding 6 typographical conventions and Support, finding product information 6 U uninstalling DLP Endpoint 63 V verifying the installation 63 W WCF, installation options 47 WCF, installing 53 WCF, troubleshooting
  • McAfee DTP-165C-DPVG | Installation Guide - Page 76
    700-3811A00
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
Installation Guide
Revision A
McAfee Data Loss Prevention 9.2.0