McAfee DTP-1650-MGRA Installation Guide

McAfee DTP-1650-MGRA - Network DLP Manager 1650 Appliance Manual

Get McAfee DTP-1650-MGRA - Network DLP Manager 1650 Appliance PDF manuals and user guides View all McAfee DTP-1650-MGRA manuals
Add to My Manuals
Save this manual to your list of manuals

McAfee DTP-1650-MGRA manual content summary:

  • McAfee DTP-1650-MGRA | Installation Guide - Page 1
    Installation Guide Revision C McAfee Data Loss Prevention 9.2.1 For use with ePolicy Orchestrator 4.5.0 and 4.6.0 Software
  • McAfee DTP-1650-MGRA | Installation Guide - Page 2
    INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. 2 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 3
    Contents Preface 5 About this guide 5 Audience 5 Conventions 5 Find product documentation 6 1 Setting up the hardware 7 Adding devices and servers 7 Check the shipment 7 Plan McAfee DLP systems with an NTP server 42 McAfee Data Loss Prevention 9.2.1 Installation Guide 3
  • McAfee DTP-1650-MGRA | Installation Guide - Page 4
    ePolicy Orchestrator 48 Installing McAfee DLP WCF service 49 Install the McAfee DLP WCF service 50 Repository folders 55 Creating and configuring clients 73 Add an Agent Override Password 74 Set the manual tagging option 74 Installation and configuration complete 75 Index 77
  • McAfee DTP-1650-MGRA | Installation Guide - Page 5
    - People who determine sensitive and confidential data, and define the corporate policy that protects the company's intellectual property. Conventions This guide uses these typographical conventions and icons. Book title, term, emphasis Bold User input, code, message Interface text Hypertext blue
  • McAfee DTP-1650-MGRA | Installation Guide - Page 6
    troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase. Task 1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com. 2 Under Self Service version. 6 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 7
    received the following items: • Region‑specific power cords ‑ 2 • CAT5 cables ‑ 3 • Serial cable: RJ‑45 to RS‑232 ‑ Cisco console cable McAfee Data Loss Prevention 9.2.1 Installation Guide 7
  • McAfee DTP-1650-MGRA | Installation Guide - Page 8
    is shipped on an Intel® Server System SR2612UR. For rack mounting instructions, download the Intel® Server System SR2612UR Service Guide from the Intel download site. http://download.intel.com/support/motherboards/server/s5520ur/sb/r2612ur_service_guide_14.pdf For more information, download the
  • McAfee DTP-1650-MGRA | Installation Guide - Page 9
    IP address 192.168.1.2, but a new IP address and other network parameters are required to integrate it into the network. McAfee Data Loss Prevention 9.2.1 Installation Guide 9
  • McAfee DTP-1650-MGRA | Installation Guide - Page 10
    Configuration page of the Setup Wizard. Task 1 On the Time Configuration page, change the time zone. 2 Select Manual to set NTP to local time. On this first configuration, you will not yet be able to set the and integrated into the network. 10 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 11
    RSPAN. Figure 1-4 Span port configuration 1 Capture ports 2 WAN router traffic mirrored to McAfee DLP Monitor port 3 LAN 4 LAN switch 5 WAN McAfee Data Loss Prevention 9.2.1 Installation Guide 11
  • McAfee DTP-1650-MGRA | Installation Guide - Page 12
    GigabitEthernet1/0/1 Switch(config‑if)# end Switch# show port monitor Monitor Port Port being monitored GigabitEthernet1/0/2 GigabitEthernet1/0/1 Switch# write memory 12 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 13
    This method requires physical disconnection and reconnection of network cables, so it disrupts traffic. A service window is required. With this configuration, full traffic capture is done even under heavy load connects to a port on the tap). McAfee Data Loss Prevention 9.2.1 Installation Guide 13
  • McAfee DTP-1650-MGRA | Installation Guide - Page 14
    complete. If you want to integrate the DLP system into McAfee® ePolicy Orchestrator® 4.5 or 4.6, you can do it now. 14 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 15
    4400, download the software from the Service Portal. Before you begin Locate the known as iguard. Task 1 Open the McAfee support page by typing support.mcafee.com into the address bar of a or locate and click the link under the Corporate Support heading. 3 In the Download My Products field, enter
  • McAfee DTP-1650-MGRA | Installation Guide - Page 16
    system. Replaces the existing operating system and product software, but retains the data in the /data and /boot directories. 16 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 17
    the /data/install directory. # tar xvzf ndlp_.tgz ‑C /data/install 5 Go to the /data/install directory. # cd /data/install McAfee Data Loss Prevention 9.2.1 Installation Guide 17
  • McAfee DTP-1650-MGRA | Installation Guide - Page 18
    wrong script, you will write over your existing installation. Task 1 Log on as root to the model 4400 appliance. 18 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 19
    : # cat /data/stingray/etc/version If the Release field contains 9.2.1, installation is complete. 11 Install Hotfix 793756_46026 on all devices. McAfee Data Loss Prevention 9.2.1 Installation Guide 19
  • McAfee DTP-1650-MGRA | Installation Guide - Page 20
    hotfix details. 7 Run the installation script. # ./install_hotfix 8 Restart the Stingray service. # service stingray restart Convert an installation to another McAfee DLP product The 4400 appliance ships with directory. # cd /data/install 20 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 21
    with it. The process that runs from the DVD restores the drives of the appliance to their pre‑installed state. McAfee Data Loss Prevention 9.2.1 Installation Guide 21
  • McAfee DTP-1650-MGRA | Installation Guide - Page 22
    2 Installing or upgrading the software on 4400 appliances Restoring the drives 22 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 23
    the Model 1650 or 3650, download the software from the Service Portal. Before you begin Locate the grant number you received Monitor is also known as "iguard". Task 1 Open the McAfee support page by typing support.mcafee.com into the address bar of a web browser. 2 From 9.2.1 Installation Guide 23
  • McAfee DTP-1650-MGRA | Installation Guide - Page 24
    Run the platform installation script. Type in ./script_name to get help on available options. # ./install_platform ‑P The script completes, then instructs you to reboot. 8 Restart the system. # reboot Restarting the system might take 10-15 minutes. 9 Log on to the appliance again as
  • McAfee DTP-1650-MGRA | Installation Guide - Page 25
    # ./install_stingray ‑P The script completes, then instructs you to reboot. 12 Restart the system. # reboot Restarting If the patch installation fails, do not install it again. Call McAfee support and submit an installation log file. Task 1 Log on as root 9.2.1 Installation Guide 25
  • McAfee DTP-1650-MGRA | Installation Guide - Page 26
    to get help on available options. # ./install_platform ‑U ‑P The script completes, then instructs you to reboot. 8 Restart the system. # reboot Restarting the system might take 10-15 minutes. @: 26 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 27
    /data/hotfix directory. # cd /data/hotfix/xxxxxx 6 (Optional) Open the README file to see the hotfix details. 7 Run the installation script. # ./install_hotfix 8 Restart the Stingray service. # service stingray restart McAfee Data Loss Prevention 9.2.1 Installation Guide 27
  • McAfee DTP-1650-MGRA | Installation Guide - Page 28
    3 Installing or upgrading software on 1650 and 3650 appliances Apply a hotfix 28 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 29
    has a unique protection strategy that requires different settings. Consult the McAfee Total Protection for Data Loss Prevention 9.2.0 Product Guide for more information. Contents Configure McAfee DLP appliances using Setup Wizard Configure McAfee DLP appliances after installation Add McAfee DLP
  • McAfee DTP-1650-MGRA | Installation Guide - Page 30
    DNS servers, then click Next. Figure 4-1 Network configuration You must enter a fully‑qualified domain name into the Hostname field. 30 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 31
    Time Configuration page, set the time zone, select the NTP server, and click Next. Figure 4-2 Time configuration You might want to set the NTP server manually in some cases. McAfee Data Loss Prevention 9.2.1 Installation
  • McAfee DTP-1650-MGRA | Installation Guide - Page 32
    from the Policies page. For example, you might want to use international policies that are available on that page. 32 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 33
    Setup page, type in an email address for the primary administrator and set a password, then click Next. Figure 4-4 Administrator setup McAfee Data Loss Prevention 9.2.1 Installation Guide 33
  • McAfee DTP-1650-MGRA | Installation Guide - Page 34
    8 If you are setting up McAfee DLP Prevent, type in the IP address of a smart host, then click Next. 34 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 35
    can choose a port configuration. The McAfee DLP appliance is a Gigabit network device, so it is possible to bring it down. McAfee Data Loss Prevention 9.2.1 Installation Guide 35
  • McAfee DTP-1650-MGRA | Installation Guide - Page 36
    McAfee DLP Manager. If you change the IP address, the network service needs to be restarted. Stingray automatically restarts the appliance to register one McAfee DLP Prevent system, but contact a McAfee Customer Service representative to assure proper performance. If you need more information about
  • McAfee DTP-1650-MGRA | Installation Guide - Page 37
    Email and Web Gateway products are supported, and it has also been tested MTA (message transfer agent) can support interoperability. Before installing McAfee DLP supported by the MTA. 7 Must be able to inter‑operate with an email encryption appliance (if this capability is needed) and instruct
  • McAfee DTP-1650-MGRA | Installation Guide - Page 38
    type the Smart Host IP address to which the processed email will be routed. (Host names are not supported.) In some cases, the Smart Host, sometimes known as the downstream MTA, might be on the same machine was received, repeat the process. 38 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 39
    DLP Manager You can add Active Directory or OpenLDAP servers to support integration of McAfee DLP with existing user systems. Before you begin Services. 2 Select Actions | Create Directory Server. 3 Enter a label to identify the LDAP server. McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 40
    Attribute. Use samaccountname to retrieve user names from the server. 8 Type in the user name (Login DN) and Password. 40 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 41
    END CERTIFICATE 5 Highlight and copy the entire text, including the BEGIN and END CERTIFICATE lines. 6 Open a web browser and log on to the Directory Services page in one of two ways: • In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Directory
  • McAfee DTP-1650-MGRA | Installation Guide - Page 42
    , and the network, but you only have to identify a time server during the initial installation of the system. Stop and restart the NTP daemon to manually reset the time and resyncronize the system. 42 McAfee Data Loss Prevention 9.2.1 Installation
  • McAfee DTP-1650-MGRA | Installation Guide - Page 43
    the NTP daemon. # service ntpd stop # chkconfig ‑‑level 2345 ntpd off 3 Restart the NTP daemon. # service ntpd start # chkconfig ‑‑level 2345 ntpd on The service command will control the service while the system is All in the Filter by frame. McAfee Data Loss Prevention 9.2.1 Installation Guide 43
  • McAfee DTP-1650-MGRA | Installation Guide - Page 44
    4 Configuring McAfee DLP appliances and adding servers Testing the system 44 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 45
    requirements Configure the server Install McAfee ePolicy Orchestrator Installing McAfee DLP WCF service Repository folders User and permission sets Install the McAfee Data Loss Prevention Endpoint DLP Endpoint Uninstall McAfee DLP Endpoint McAfee Data Loss Prevention 9.2.1 Installation Guide 45
  • McAfee DTP-1650-MGRA | Installation Guide - Page 46
    Windows Server 2008 SP2 32‑bit • Windows Server 2008 R2 64‑bit Servers are supported for McAfee Device Control software only. The user installing McAfee DLP Endpoint software on the servers must be a member of the local administrators group. The following software is required on the server running
  • McAfee DTP-1650-MGRA | Installation Guide - Page 47
    Installer 3.0 (Windows Server 2003) or 4.5 (Windows Server 2008) and restart the system. Install all Microsoft Windows service packs. See the System Requirements for supported Windows systems. 3 Run Windows Update and install all patches and updates. McAfee Data Loss Prevention 9.2.1 Installation
  • McAfee DTP-1650-MGRA | Installation Guide - Page 48
    precautions you should be aware of. Read the McAfee ePolicy Orchestrator Installation Guide and release notes to familiarize yourself with all installation issues. Some of the installation scripts require the NETWORK SERVICE account to have write permission for the C:\Windows\Temp folder. In secure
  • McAfee DTP-1650-MGRA | Installation Guide - Page 49
    service 5 Installing McAfee DLP WCF service The McAfee DLP Windows Communication Foundation (WCF) service installing the McAfee DLP WCF service, you are asked to member of the WAAG before connecting to the database. WCF service (WCF) service: on WCF service installation user is a member of the WAAG,
  • McAfee DTP-1650-MGRA | Installation Guide - Page 50
    service. When the installation is complete, you can troubleshoot the installation to resolve problems. Before you begin Before installing the McAfee DLP WCF service the McAfee DLP WCF service or the ePolicy Orchestrator Foundation (WCF) service is used to McAfee DLP WCF service or the ePolicy
  • McAfee DTP-1650-MGRA | Installation Guide - Page 51
    involved. This is a required task. The default authorized user does not work with the McAfee DLP WCF service. Task 1 Start SQL Server Management Studio (Express) and connect to the EPOSERVER instance. 2 In the you want to use. Click OK. McAfee Data Loss Prevention 9.2.1 Installation Guide 51
  • McAfee DTP-1650-MGRA | Installation Guide - Page 52
    5 Installing McAfee DLP Endpoint Installing McAfee DLP WCF service 4 Select Security | Logins. Right‑click in the Logins page, then select New Login. 5 On the General page of the the new logon user is listed in the User column. Click OK. 52 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 53
    McAfee DLP Endpoint, and the McAfee DLP Monitor. Before you begin Before installing the McAfee DLP WCF service, create a user in Microsoft SQL Server. You must do this even if you are going to plan to use. Log off of ePolicy Orchestrator. McAfee Data Loss Prevention 9.2.1 Installation Guide 53
  • McAfee DTP-1650-MGRA | Installation Guide - Page 54
    Service Settings), do the following: • Use the default WCF Server Port value. If you must change the server port, consult your McAfee representative for instructions policy console, use the troubleshooter to verify the installation. To troubleshoot the McAfee DLP WCF service, use the browser page
  • McAfee DTP-1650-MGRA | Installation Guide - Page 55
    name to evidence$ / whitelist$. Click OK. The $ ensures that the share is hidden. 3 Click the Security tab, then click Advanced. McAfee Data Loss Prevention 9.2.1 Installation Guide 55
  • McAfee DTP-1650-MGRA | Installation Guide - Page 56
    Permissions tab in the Advanced Security Settings window shows all permissions eliminated. 7 Click Add to select an object type. 56 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 57
    . Task For option definitions, click ? in the interface. 1 In McAfee ePolicy Orchestrator, select Menu | User Management | Users. 2 Click New User. McAfee Data Loss Prevention 9.2.1 Installation Guide 57
  • McAfee DTP-1650-MGRA | Installation Guide - Page 58
    . User can review but not edit policies. User can view and save policies. User has full policy administrator permissions. 58 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 59
    the McAfee DLP Endpoint Help extension module. McAfee DLP Endpoint software does not currently support the McAfee ePolicy Orchestrator 4.6 Software Manager feature. Verify that the ePolicy Orchestrator server ePO Help system. 5 Click OK. McAfee Data Loss Prevention 9.2.1 Installation Guide 59
  • McAfee DTP-1650-MGRA | Installation Guide - Page 60
    by selecting the Support discovery delete option. This option is not available until you update to the full McAfee Data Loss Prevention Endpoint software installation. For troubleshooting, when you • McAfee DLP Endpoint Agent 9.0 and later 60 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 61
    DLP Agent 2.2 is no longer supported. Select your directory access protocol: Microsoft creating a role‑based group such as DLP Manual Tagging Users, and using the group when configuring . See the McAfee Data Loss Prevention Endpoint Product Guide for more information on Agent bypass. Click Next.
  • McAfee DTP-1650-MGRA | Installation Guide - Page 62
    and full content protection. 8 Click the Miscellaneous tab. Only the Agent Popup service, Device Blocking, and Reporting Service modules are selected. Select the remaining modules you require to enable them and change to the workstations. 62 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 63
    the managed computers. The rule described is an example of a simple rule that can be used to test the system. McAfee Data Loss Prevention 9.2.1 Installation Guide 63
  • McAfee DTP-1650-MGRA | Installation Guide - Page 64
    deployed. Consult the McAfee ePolicy Orchestrator documentation on how to verify this, and how to install it if necessary. 64 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 65
    the following in the Command line: SERVICE_USER= SERVICE_PASSWORD= The service user should be defined as the Citrix Administrator (in Citrix Access Management in the McAfee ePolicy Orchestrator Product Guide for more information. McAfee Data Loss Prevention 9.2.1 Installation
  • McAfee DTP-1650-MGRA | Installation Guide - Page 66
    for the user. This release code is sent to the user to enter into the request bypass dialog box. 66 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 67
    McAfee DLP Manager and the ePolicy Orchestrator server Configuring McAfee DLP Endpoint on McAfee DLP Manager Installation and configuration complete McAfee Data Loss Prevention 9.2.1 Installation Guide 67
  • McAfee DTP-1650-MGRA | Installation Guide - Page 68
    bar. https:///eponetdlp/netdlp.zip The extension can also be downloaded from the McAfee Support Portal, or copied from the /data directory of the downloaded and expanded McAfee DLP Manager the protection rules will work. 68 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 69
    New Evidence Server page. 5 Select Copy evidence using NETWORK SERVICE or logged on user. 6 In the Evidence Replication section, Manual Tagging Authorization to all users. This sets up the agent to support manual tagging through McAfee DLP Manager. Selecting the Allow Manual Installation Guide 69
  • McAfee DTP-1650-MGRA | Installation Guide - Page 70
    servers are Windows‑based, but McAfee DLP Manager is a Linux server that does not support Windows‑based authentication of users. The ePolicy Orchestrator user account is needed to get around DLP Sys Config | User Administration | DB User. 70 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 71
    page in one of two ways: • In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Devices. McAfee Data Loss Prevention 9.2.1 Installation Guide 71
  • McAfee DTP-1650-MGRA | Installation Guide - Page 72
    printer models that cannot be controlled by McAfee DLP software. • Create tags, then set up optional manual tagging When these operations are complete, you can define unified rules on the Policies page, then view information that is needed. 72 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 73
    These settings support the distribution of one policy supported multiple rules problem, you must deliberately generate a policy to support McAfee DLP Manager supports multiple versions of to be supported, the to the new version, but support for older clients still in DLP) is not supported in McAfee DLP
  • McAfee DTP-1650-MGRA | Installation Guide - Page 74
    Endpoint and its components must be set up on McAfee DLP Manager. After they are created, manual tags are pushed to users at endpoints by the McAfee Agent client. The ability to classify | Endpoint Configuration | Tag Labels. 2 Select a tag. 74 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 75
    system Installation and configuration complete 6 3 Select the Allow Manual Tagging checkbox. 4 Click Save. Installation and configuration complete the ePolicy Orchestrator Data‑in‑Use dashboard. Consult the Product Guide for McAfee Total Protection for Data Loss Prevention 9.2 for more
  • McAfee DTP-1650-MGRA | Installation Guide - Page 76
    6 Integrating McAfee DLP Endpoint into a unified policy system Installation and configuration complete 76 McAfee Data Loss Prevention 9.2.1 Installation Guide
  • McAfee DTP-1650-MGRA | Installation Guide - Page 77
    Policy console, installing 59 documentation audience for this guide 5 product-specific, finding 6 typographical conventions and Support, finding product information 6 U uninstalling DLP Endpoint 66 V verifying the installation 65 W WCF, installation options 49 WCF, installing 53 WCF, troubleshooting
  • McAfee DTP-1650-MGRA | Installation Guide - Page 78
    TP000030C00
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
Installation Guide
Revision C
McAfee Data Loss Prevention 9.2.1
For use with ePolicy Orchestrator 4.5.0 and 4.6.0 Software