McAfee DTP-165C-DPVG Installation Guide - Page 40
Add McAfee Logon Collector to McAfee DLP Manager
View all McAfee DTP-165C-DPVG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 40 highlights
5 Configuring McAfee DLP appliances and adding servers Add McAfee Logon Collector to McAfee DLP Manager 10 Identify the local domain components in the Base DN field (for example, dc=mydomain,dc=com). Use an administrative account whose password does not expire to maintain the connection, but a non-administrative account name is acceptable when using an authorization server. 11 Enter the number of records you want to retrieve at one time in the Server Results limit field. Before entering a value higher than 10, consult the administrator of the Active Directory server to find out how many records can be served per request. 12 Select the SSL checkbox to encrypt the connection and enable LDAPS (LDAP over SSL). A secure connection is not required, but is strongly recommended. Accept any available certificate, or select one by uploading it. If you upload, you must find the FQDN name of the authorization server in the encrypted file by logging on to the back end of the McAfee DLP appliance and running the following. # openssl x509 -noout -in .cer -subject The FQDN will be returned in reverse order: subject= /DC=net/DC=reconnex/CN=tyche Read from left to right to get the name of the authorization server: tyche.reconnex.net Enter the name into the Authorization Server field. 13 Select a Scope to set the directory depth to be accessed on the server. 14 Click Apply. Add McAfee Logon Collector to McAfee DLP Manager Connect McAfee Logon Collector to McAfee DLP Manager by using certificates to authenticate them to each other. When the process is concluded, an SSL connection is established between the servers. Task 1 Open a web browser, type the IP address of the McAfee Logon Collector into the address bar, and log on. 2 Go to Menu | Configuration | Server Settings | Identity Replication Certificate. 3 Select and copy all text in the Base 64 field and paste it into a text editor. 4 Add the following beginning and ending lines to the document, then paste in the Base 64 text. -----BEGIN CERTIFICATE---- -----END CERTIFICATE----- 5 Highlight and copy the entire text, including the BEGIN and END CERTIFICATE lines. 6 Open a web browser and log on to the Network McAfee DLP Manager. 7 In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Directory Services. 8 On your Linux-based appliance, select System | System Administration | Directory Services. 40 McAfee Data Loss Prevention 9.2.0 Installation Guide