McAfee DTP-1650-MGRA Installation Guide - Page 36
Configuring McAfee DLP Prevent, Incident Copy Only
View all McAfee DTP-1650-MGRA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 36 highlights
4 Configuring McAfee DLP appliances and adding servers Configuring McAfee DLP Prevent The Add Device page is also used to add an ePolicy Orchestrator server (ePolicy Orchestrator GUI IP Address) and database (ePolicy Orchestrator Database IP or hostname). If the ePolicy Orchestrator device checkbox is selected, the options change. If Incident Copy Only is selected from the Type menu, there is no integration with unified policy, and you must use the McAfee DLP Endpoint Policy Manager to update the policy. Task 1 Open the Devices page in one of two ways: • In ePolicy Orchestrator, select Menu | Data Loss Prevention | DLP Sys Config | System Administration | Devices. 2 Select Actions | New Device. 3 Enter the Device IP or hostname and Password. Use the root user account for association. McAfee recommends that you change the root password on the appliance before adding it to McAfee DLP Manager. If you change the IP address, the network service needs to be restarted. Stingray automatically restarts the appliance to register the change. 4 Click Add. 5 Click OK to confirm or Cancel the registration. 6 Wait for the Status icon in the device list to turn green. The CPU usage display indicates that the registration tasks being performed. McAfee DLP Manager does not display any CPU activity, because it serves only as a collection point for the data. Other machines are capturing and indexing data and the processor indicates the CPU utilization. It should not go over 70-80%. If registration seems to be taking a long time, try refreshing the page. When devices are added successfully, their status icons will turn green. Configuring McAfee DLP Prevent If McAfee DLP Prevent is being configured for email, you must identify a smart host and an email address for testing the connection. If it is configured for webmail, a proxy server can be used, but only the ALLOW and BLOCK actions will be available. When configured with an email gateway, McAfee DLP Prevent monitors transmissions and applies preventive actions to sensitive data found in network communications. When configured with a web proxy server, McAfee DLP Prevent monitors transmissions and identifies data in wikis, portals, blogs and other collaborative sites using HTTP and HTTPS protocols. Both MTA and proxy servers can be handled by one McAfee DLP Prevent system, but contact a McAfee Customer Service representative to assure proper performance. If you need more information about how McAfee DLP Prevent works with SMTP and ICAP traffic, consult the McAfee Total Protection for Data Loss Prevention 9.2.0 Product Guide. 36 McAfee Data Loss Prevention 9.2.1 Installation Guide