McAfee DTP-165C-DPVG Installation Guide - Page 67

Con McAfee Agent on ePolicy Orchestrator, Add an evidence folder on McAfee DLP Manager

Get McAfee DTP-165C-DPVG - Network DLP Prevent 1650 Appliance PDF manuals and user guides View all McAfee DTP-165C-DPVG manuals
Add to My Manuals
Save this manual to your list of manuals

Page 67 highlights

Integrating McAfee DLP Endpoint into a unified policy system Setting up Unified DLP on ePolicy Orchestrator 7 Configure McAfee Agent on ePolicy Orchestrator You must add an evidence folder on ePolicy Orchestrator to collect the events forwarded by the McAfee Agent client, then configure essential features to enable McAfee DLP Endpoint functionality through McAfee DLP Manager. Task 1 In the ePolicy Orchestrator header, select Menu | Policy | Policy Catalog. 2 From the Product menu, select Data Loss Prevention 9.2: Policies. 3 From the McAfee Default Client Configuration. After you name the duplicate and select it, the Settings page appears. 4 In the Evidence tab, type the UNC Path of the evidence folder share and folder name. \\server name\evidence The same server will also be entered on the McAfee DLP Manager Add New Evidence Server page. 5 Select Copy evidence using NETWORK SERVICE or logged on user. 6 In the Evidence Replication section, select the Evidence and Hit Highlighting checkboxes. Show abbreviated hits appears in the associated field. Enabling this option allows users to easily see matching text in the events reported to the McAfee DLP Manager Data-in-Use dashboards. 7 In the Security tab, type in a list of authorized users and groups to enable manual tagging of files on agent machines. For example, type in Everyone to give Manual Tagging Authorization to all users. This sets up the agent to support manual tagging through McAfee DLP Manager. Selecting the Allow Manual Tagging checkbox when creating tags on the Endpoint Configuration page makes the tags visible to trusted users, who can use them to classify documents on their desktops. 8 Click Save. Add an evidence folder on McAfee DLP Manager An existing evidence folder must be registered to McAfee DLP Manager to transmit the events collected by the McAfee Agent client. Before you begin McAfee DLP Manager and ePolicy Orchestrator must be authenticated to each other, and the network and UDLP (host) extensions must be installed, and the McAfee Agent DLP client must be installed. The folder is normally on the ePolicy Orchestrator, but might be located on another computer. Task 1 In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Devices. 2 On your Linux-based appliance, select System | System Administration | Devices. 3 From the Actions menu, select New Evidence Server. 4 In the Add New Evidence Server window, enter the required information in the following format. McAfee Data Loss Prevention 9.2.0 Installation Guide 67

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
Configure McAfee Agent on ePolicy Orchestrator
You must add an evidence folder on ePolicy Orchestrator to collect the events forwarded by the McAfee
Agent client, then configure essential features to enable McAfee DLP Endpoint functionality through
McAfee DLP Manager.
Task
1
In the ePolicy Orchestrator header, select
Menu
|
Policy
|
Policy Catalog
.
2
From the
Product
menu, select
Data Loss Prevention 9.2: Policies
.
3
From the
McAfee Default Client Configuration
.
After you name the duplicate and select it, the
Settings
page appears.
4
In the Evidence tab, type the UNC Path of the evidence folder share and folder name.
\\server name\evidence
The same server will also be entered on the McAfee DLP Manager
Add New Evidence Server
page.
5
Select
Copy evidence using NETWORK SERVICE or logged on user
.
6
In the
Evidence Replication
section, select the
Evidence
and
Hit Highlighting
checkboxes.
Show abbreviated hits
appears in the associated field.
Enabling this option allows users to easily see matching text in the events reported to the McAfee
DLP Manager
Data-in-Use
dashboards.
7
In the Security tab, type in a list of authorized users and groups to enable manual tagging of files
on agent machines.
For example, type in
Everyone
to give
Manual Tagging Authorization
to all users.
This sets up the agent to support manual tagging through McAfee DLP Manager. Selecting the
Allow
Manual Tagging
checkbox when creating tags on the
Endpoint Configuration
page makes the tags visible to
trusted users, who can use them to classify documents on their desktops.
8
Click
Save
.
Add an evidence folder on McAfee DLP Manager
An existing evidence folder must be registered to McAfee DLP Manager to transmit the events
collected by the McAfee Agent client.
Before you begin
McAfee DLP Manager and ePolicy Orchestrator must be authenticated to each other, and the
network and UDLP (host) extensions must be installed, and the McAfee Agent DLP client
must be installed.
The folder is normally on the ePolicy Orchestrator, but might be located on another computer.
Task
1
In ePolicy Orchestrator, select
Menu
|
Data Loss Prevention
|
DLP Sys Config
|
System Administration
|
Devices
.
2
On your Linux-based appliance, select
System
|
System Administration
|
Devices
.
3
From the
Actions
menu, select
New Evidence Server
.
4
In the
Add New Evidence Server
window, enter the required information in the following format.
Integrating McAfee DLP Endpoint into a unified policy system
Setting up Unified DLP on ePolicy Orchestrator
7
McAfee Data Loss Prevention 9.2.0
Installation Guide
67