Home » McAfee Manuals » Networking » McAfee DTP-1650-MGRA » Manual Viewer

McAfee DTP-1650-MGRA Installation Guide - Page 11

Select an integration mode for McAfee DLP Monitor, SPAN port configuration, Policy Activation

View all McAfee DTP-1650-MGRA manuals

Add to My Manuals
Save this manual to your list of manuals

Page 11 highlights

Setting up the hardware Select an integration mode for McAfee DLP Monitor 1 3 On the Policy Activation page, select the checkboxes of the policies that will generate incidents that are relevant to your protection strategy. If you are in a region that is not listed, you will be able to activate policies that are directly relevant to your location after the system is installed. 4 On the Administrator Setup page, enter the email address of the primary administrator and change the password from the default. 5 On the Email and Email Server Setting page, enter the IP address or host name of the email server. 6 On the Review page, verify your settings, click Cancel, or click Previous to change them. 7 When you have confirmed your settings, click Submit, then Exit Wizard. At this point, the McAfee DLP Manager setup is almost complete. After all other products are integrated into the network, sync McAfee DLP Manager to the network by completing the final step in this document. Select an integration mode for McAfee DLP Monitor McAfee DLP Monitor must be physically integrated into the network so it can capture traffic. There are two integration modes: use of a mirror (SPAN) port on a LAN switch, or placement of a network tap between the network and the appliance. SPAN port configuration A SPAN (Switched Port Analyzer) port configuration enables monitoring by transparently copying traffic from source ports to the destination port to which McAfee DLP Monitor is connected. If two capture ports are used, two traffic sources (for example, different subnets) must be used. Certain switch models permit the use of a "remote SPAN", or "RSPAN" capability, which allows ports from multiple switches to be mirrored to the port to which McAfee DLP Monitor is connected. If you want to mirror multiple ports on multiple switches to your DLP appliance, contact the switch vendor for details on configuring RSPAN. Figure 1-4 Span port configuration 1 Capture ports 2 WAN router traffic mirrored to McAfee DLP Monitor port 3 LAN 4 LAN switch 5 WAN McAfee Data Loss Prevention 9.2.1 Installation Guide 11

Section	Page
Contents	3
Preface	5
About this guide	5
Audience	5
Conventions	5
Find product documentation	6
1 Setting up the hardware	7
Adding devices and servers	7
Check the shipment	7
Plan your installation	8
Rack mount the appliances	8
Connect a management console	9
Configure McAfee DLP Manager	10
Select an integration mode for McAfee DLP Monitor	11
SPAN port configuration	11
Integrate the appliance using a SPAN port	12
Network tap configuration	13
Network tap types	13
Integrate the appliance using a network tap	14
Complete the setup	14
2 Installing or upgrading the software on 4400 appliances	15
Download the 4400 archive	15
Boot options	16
Set up the next boot option	17
Install a fresh image on 4400 appliances	17
Upgrade the products on 4400 appliances	18
Apply a hotfix	20
Convert an installation to another McAfee DLP product	20
Restoring the drives	21
3 Installing or upgrading software on 1650 and 3650 appliances	23
Download the 1650 or 3650 archive	23
Install a fresh image on 1650 or 3650 appliances	24
Upgrade the products on 1650 or 3650 appliances	25
Apply a hotfix	26
4 Configuring McAfee DLP appliances and adding servers	29
Configure McAfee DLP appliances using Setup Wizard	29
Configure McAfee DLP appliances after installation	35
Add McAfee DLP products to McAfee DLP Manager	35
Configuring McAfee DLP Prevent	36
MTA requirements for McAfee DLP Prevent	37
Configure McAfee DLP Prevent	38
Add LDAP servers to McAfee DLP Manager	39
Add McAfee Logon Collector to McAfee DLP Manager	41
Add syslog servers to McAfee DLP systems	42
Resynchronize McAfee DLP systems with an NTP server	42
Testing the system	43
5 Installing McAfee DLP Endpoint	45
Verify system requirements	46
Configure the server	47
Install McAfee ePolicy Orchestrator	48
Installing McAfee DLP WCF service	49
Install the McAfee DLP WCF service	50
Add a user in Microsoft SQL Server	50
Run the McAfee DLP WCF installer	53
Troubleshoot the McAfee DLP WCF service	54
Repository folders	55
Creating and configuring repository folders	55
Configure folders on Windows Server 2003	55
Configure folders on Windows Server 2008	56
User and permission sets	57
Create and define McAfee DLP administrators	57
Create and define permission sets	58
DLP permission set options	58
Install the McAfee Data Loss Prevention Endpoint extension	59
Initialize the McAfee DLP Endpoint Policy console	60
Upgrade the license	62
Check in the McAfee DLP Endpoint package to ePolicy Orchestrator	63
Deploy McAfee DLP Endpoint	63
Define a default rule	63
Deploy McAfee DLP Endpoint with ePolicy Orchestrator 4.6	64
Verify the installation	65
Uninstall McAfee DLP Endpoint	66
6 Integrating McAfee DLP Endpoint into a unified policy system	67
Setting up Unified DLP on ePolicy Orchestrator	68
Install the network extension	68
Install the UDLP (host) extension	68
Configure McAfee Agent on ePolicy Orchestrator	69
Add an evidence folder on ePolicy Orchestrator	69
Connecting McAfee DLP Manager and the ePolicy Orchestrator server	70
Gather ePolicy Orchestrator registration information	70
Add an ePolicy Orchestrator database user	70
Register McAfee DLP Manager on ePolicy Orchestrator server	71
Register ePolicy Orchestrator on McAfee DLP Manager	71
Checking the connection	72
Configuring McAfee DLP Endpoint on McAfee DLP Manager	72
Generate a global policy for McAfee DLP Endpoint	73
Maintaining compatibility with installed McAfee clients	73
Add an Agent Override Password	74
Set the manual tagging option	74
Installation and configuration complete	75
Index	77
A	77
B	77
C	77
D	77
E	77
H	77
L	77
M	77
P	77
R	77
S	77
T	77
U	77
V	77

Match case Limit results 1 per page

On the

Policy Activation

page, select the checkboxes of the policies that will generate incidents that

are relevant to your protection strategy.

If you are in a region that is not listed, you will be able to activate policies that are directly relevant

to your location after the system is installed.

On the

Administrator Setup

page, enter the email address of the primary administrator and change the

password from the default.

On the

Email and Email Server Setting

page, enter the IP address or host name of the email server.

On the

Review

page, verify your settings, click

Cancel

, or click

to change them.

When you have confirmed your settings, click

Submit

, then

Exit Wizard

At this point, the McAfee DLP Manager setup is almost complete. After all other products are

integrated into the network, sync McAfee DLP Manager to the network by completing the final step

in this document.

Select an integration mode for McAfee DLP Monitor

McAfee DLP Monitor must be physically integrated into the network so it can capture traffic. There are

two integration modes: use of a mirror (SPAN) port on a LAN switch, or placement of a network tap

between the network and the appliance.

SPAN port configuration

A SPAN (Switched Port Analyzer) port configuration enables monitoring by transparently copying traffic

from source ports to the destination port to which McAfee DLP Monitor is connected.

If two capture ports are used, two traffic sources (for example, different subnets) must be used.

Certain switch models permit the use of a “remote SPAN”, or “RSPAN” capability, which allows ports

from multiple switches to be mirrored to the port to which McAfee DLP Monitor is connected. If you

want to mirror multiple ports on multiple switches to your DLP appliance, contact the switch vendor for

details on configuring RSPAN.

Figure 1-4

Span port configuration

Capture ports

WAN router traffic mirrored to McAfee DLP Monitor port

LAN

LAN switch

WAN

Setting up the hardware

Select an integration mode for McAfee DLP Monitor

McAfee Data Loss Prevention 9.2.1

Installation Guide