McAfee DTP-165C-DPVG Installation Guide - Page 68

•

Hostname

— \\<server name>

•

IP Address

— <IP address>

•

Username

— <domain name\user name

•

Password

— ********

5

Click

Add

.

Connecting McAfee DLP Manager and the ePolicy Orchestrator

server

McAfee DLP Manager and the ePolicy Orchestrator server must be authenticated to each other to

initiate the unified policy installation.

Each product requires information from the other before they can be connected. The database name is

needed from ePolicy Orchestrator, and an

epouser

account is needed from the McAfee DLP Manager.

Gather ePolicy Orchestrator registration information

You must log on to the ePolicy Orchestrator server

(https://servername:port/core/config)

and

SQL Server Configuration Manager

to get the information needed to register McAfee DLP Manager on McAfee

ePO.

Table 7-1

Sources for ePolicy Orchestrator data

Field or menu item

Where to find data

ePO database IP address or

hostname

Menu

|

Configuration

|

Registered Servers

(local McAfee ePO server)

ePO database password

The SQL password created in

Microsoft SQL Server Management Studio

ePO database port

SQL Server Configuration Manager

|

TCP/IP Properties

|

IP Addresses

|

TCP Ports

ePO database user

The logon name created in

Microsoft SQL Server Management Studio

Unified policy / Incident copy

If incident copy only is selected, no policy updates will be routed to

endpoints through ePolicy Orchestrator

ePO database

Menu

|

Configuration

|

Registered Servers

|

Actions

|

Edit

|

Next

|

Database instance

ePO database instance

Menu

|

Configuration

|

Registered Servers

|

Actions

|

Edit

|

Next

|

SQL Server

instance

|

instance name

ePO GUI IP address

Address bar of McAfee ePO server

ePO GUI user

User account name used to log on to McAfee ePO server

ePO GUI password

User account password used to log on to McAfee ePO server

ePO GUI port

Address bar of McAfee ePO server

Add a McAfee ePO database user for McAfee DLP Manager

Create ePolicy Orchestrator database users to authenticate connections from McAfee DLP Manager to

ePolicy Orchestrator servers. ePolicy Orchestrator servers are Windows-based, but a McAfee DLP

Manager is a Linux server that does not support Windows-based authentication of users. Database

user accounts are used to make the connection.

Creating an ePolicy Orchestrator database user is only one aspect of establishing a connection to the

ePolicy Orchestrator server, which is required to support McAfee DLP Endpoint features.

7

Integrating McAfee DLP Endpoint into a unified policy system

Connecting McAfee DLP Manager and the ePolicy Orchestrator server

68

McAfee Data Loss Prevention 9.2.0

Installation Guide

Section	Page
Contents	3
Preface	5
About this guide	5
Audience	5
Conventions	5
Find product documentation	6
1 Introduction to McAfee Total Protection for DLP 9.2.0	7
McAfee Unified DLP deployment	7
Management options	8
McAfee Unified DLP dashboards	9
Installation scenarios	10
2 Setting up the hardware	11
Adding devices and servers	11
Check the shipment	11
Plan your installation	12
Rack mount the appliances	12
Connect a management console	13
Configure McAfee DLP Manager	14
Select an integration mode for McAfee DLP Monitor	16
SPAN port configuration	16
Integrate the appliance using a SPAN port	16
Network tap configuration	17
Network tap types	18
Integrate the appliance using a network tap	18
Complete the setup	18
3 Installing or upgrading the software on Model 4400	19
Download and expand the archive	19
Boot options	20
Load the primary image	21
Load the secondary image	21
Install a fresh image	22
Set up the next boot option	22
Upgrade the products	23
Apply a hotfix	23
Convert an installation to another DLP product	24
Restoring the drives	24
4 Installing or upgrading software on model 1650 and 3650 appliances	25
Download and expand the legacy archive	25
Install the products on legacy servers	26
Upgrade to 9.2.0 on legacy appliances	27
5 Configuring McAfee DLP appliances and adding servers	29
Configure McAfee DLP appliances using Setup Wizard	29
Configure McAfee DLP appliances after installation	35
Add McAfee DLP products to McAfee DLP Manager	35
Configuring McAfee DLP Prevent	36
MTA requirements for McAfee DLP Prevent	37
Configure McAfee DLP Prevent	37
Add LDAP servers to McAfee DLP Manager	38
Add McAfee Logon Collector to McAfee DLP Manager	40
Add syslog servers to McAfee DLP systems	41
Resynchronize McAfee DLP systems with an NTP server	41
Testing the system	42
6 Installing McAfee DLP Endpoint	43
Verify system requirements	43
Configure the server	45
Install McAfee ePolicy Orchestrator	45
Install McAfee ePolicy Orchestrator	46
Installing McAfee DLP WCF service	47
Install the McAfee DLP WCF service	48
Add a user in Microsoft SQL Server	49
Troubleshoot the McAfee DLP WCF service	52
Run the McAfee DLP WCF installer	53
Repository folders	53
Creating and configuring repository folders	54
Configure folders on Windows 2003 Server	54
Configure folders on Windows 2008 Server	55
User and permission sets	56
Create and define McAfee DLP administrators	56
Create and define permission sets	57
DLP permission set options	57
Install the McAfee Data Loss Prevention Endpoint extension	58
Initialize the DLP Policy console	58
Upgrade the license	60
Check in the McAfee DLP Endpoint package to ePolicy Orchestrator	61
Deploying McAfee DLP Endpoint	61
Define a default rule	61
Deploy McAfee DLP Endpoint with ePolicy Orchestrator	62
Verify the installation	63
Uninstalling McAfee DLP Endpoint	63
7 Integrating McAfee DLP Endpoint into a unified policy system	65
Setting up Unified DLP on ePolicy Orchestrator	66
Install the network extension	66
Install the UDLP (host) extension	66
Configure McAfee Agent on ePolicy Orchestrator	67
Add an evidence folder on McAfee DLP Manager	67
Connecting McAfee DLP Manager and the ePolicy Orchestrator server	68
Gather ePolicy Orchestrator registration information	68
Add a McAfee ePO database user for McAfee DLP Manager	68
Register McAfee DLP Manager on ePolicy Orchestrator server	69
Register ePolicy Orchestrator on McAfee DLP Manager	69
Checking the connection	70
Configuring McAfee DLP Endpoint on McAfee DLP Manager	70
Generate a global policy for McAfee DLP Endpoint	71
Maintaining compatibility with installed McAfee clients	71
Set an Agent Override password	72
Set the manual tagging option	72
Installation and configuration complete	73
Index	75
A	75
B	75
C	75
D	75
E	75
H	75
I	75
L	75
M	75
P	75
R	75
S	75
T	75
U	75
V	75

McAfee DTP-165C-DPVG Installation Guide - Page 68

Connecting McAfee DLP Manager and the ePolicy Orchestrator server

Page 68 highlights