Home » McAfee Manuals » Networking » McAfee DTP-1650-MGRA » Manual Viewer

McAfee DTP-1650-MGRA Installation Guide - Page 58

Create and define permission sets, DLP permission set options, User Management, Permission Sets

View all McAfee DTP-1650-MGRA manuals

Add to My Manuals
Save this manual to your list of manuals

Page 58 highlights

5 Installing McAfee DLP Endpoint User and permission sets 3 Type a user name and specify logon status, authentication type, and permission sets. We recommend creating user groups related to the role, for example DLP Quarantine Administrator. The order of creating users and permission sets is not critical. If you create users first, user names appear in the permission set form and you can attach them to the set. If you create permission sets first, the permission set names appear in the user form and you can attach the user to them. 4 Click Save. Create and define permission sets Permission sets are useful for defining different administrative roles in McAfee DLP Endpoint software. Task For option definitions, click ? in the interface. 1 In McAfee ePolicy Orchestrator, select Menu | User Management | Permission Sets. 2 Click New Permission Set. 3 Type a name for the set and select users. The order of creating users and permission sets is not critical. If you create users first, user names appear in the permission set form and you can attach them to the set. If you create permission sets first, the permission set names appear in the user form and you can attach the user to them. 4 Click Save. 5 In the Data Loss Prevention field for the new permission set, click Edit. 6 Select the required permissions and click Save. Figure 5-4 Editing a permission set for McAfee DLP Endpoint To turn off the sensitive data redaction feature, select User can view DLP Monitor in the monitor section. DLP permission set options Permission set options are designed to give granular control over administrator roles. Table 5-4 Option definitions Option Definition User cannot view policies. User is not a policy administrator. User can only generate Agent Override, Agent User administrator role is limited to override, Uninstall, and Agent Quarantine Release keys. uninstall, and release keys. User can only view policies. User can review but not edit policies. User can view and save policies. User has full policy administrator permissions. 58 McAfee Data Loss Prevention 9.2.1 Installation Guide

Section	Page
Contents	3
Preface	5
About this guide	5
Audience	5
Conventions	5
Find product documentation	6
1 Setting up the hardware	7
Adding devices and servers	7
Check the shipment	7
Plan your installation	8
Rack mount the appliances	8
Connect a management console	9
Configure McAfee DLP Manager	10
Select an integration mode for McAfee DLP Monitor	11
SPAN port configuration	11
Integrate the appliance using a SPAN port	12
Network tap configuration	13
Network tap types	13
Integrate the appliance using a network tap	14
Complete the setup	14
2 Installing or upgrading the software on 4400 appliances	15
Download the 4400 archive	15
Boot options	16
Set up the next boot option	17
Install a fresh image on 4400 appliances	17
Upgrade the products on 4400 appliances	18
Apply a hotfix	20
Convert an installation to another McAfee DLP product	20
Restoring the drives	21
3 Installing or upgrading software on 1650 and 3650 appliances	23
Download the 1650 or 3650 archive	23
Install a fresh image on 1650 or 3650 appliances	24
Upgrade the products on 1650 or 3650 appliances	25
Apply a hotfix	26
4 Configuring McAfee DLP appliances and adding servers	29
Configure McAfee DLP appliances using Setup Wizard	29
Configure McAfee DLP appliances after installation	35
Add McAfee DLP products to McAfee DLP Manager	35
Configuring McAfee DLP Prevent	36
MTA requirements for McAfee DLP Prevent	37
Configure McAfee DLP Prevent	38
Add LDAP servers to McAfee DLP Manager	39
Add McAfee Logon Collector to McAfee DLP Manager	41
Add syslog servers to McAfee DLP systems	42
Resynchronize McAfee DLP systems with an NTP server	42
Testing the system	43
5 Installing McAfee DLP Endpoint	45
Verify system requirements	46
Configure the server	47
Install McAfee ePolicy Orchestrator	48
Installing McAfee DLP WCF service	49
Install the McAfee DLP WCF service	50
Add a user in Microsoft SQL Server	50
Run the McAfee DLP WCF installer	53
Troubleshoot the McAfee DLP WCF service	54
Repository folders	55
Creating and configuring repository folders	55
Configure folders on Windows Server 2003	55
Configure folders on Windows Server 2008	56
User and permission sets	57
Create and define McAfee DLP administrators	57
Create and define permission sets	58
DLP permission set options	58
Install the McAfee Data Loss Prevention Endpoint extension	59
Initialize the McAfee DLP Endpoint Policy console	60
Upgrade the license	62
Check in the McAfee DLP Endpoint package to ePolicy Orchestrator	63
Deploy McAfee DLP Endpoint	63
Define a default rule	63
Deploy McAfee DLP Endpoint with ePolicy Orchestrator 4.6	64
Verify the installation	65
Uninstall McAfee DLP Endpoint	66
6 Integrating McAfee DLP Endpoint into a unified policy system	67
Setting up Unified DLP on ePolicy Orchestrator	68
Install the network extension	68
Install the UDLP (host) extension	68
Configure McAfee Agent on ePolicy Orchestrator	69
Add an evidence folder on ePolicy Orchestrator	69
Connecting McAfee DLP Manager and the ePolicy Orchestrator server	70
Gather ePolicy Orchestrator registration information	70
Add an ePolicy Orchestrator database user	70
Register McAfee DLP Manager on ePolicy Orchestrator server	71
Register ePolicy Orchestrator on McAfee DLP Manager	71
Checking the connection	72
Configuring McAfee DLP Endpoint on McAfee DLP Manager	72
Generate a global policy for McAfee DLP Endpoint	73
Maintaining compatibility with installed McAfee clients	73
Add an Agent Override Password	74
Set the manual tagging option	74
Installation and configuration complete	75
Index	77
A	77
B	77
C	77
D	77
E	77
H	77
L	77
M	77
P	77
R	77
S	77
T	77
U	77
V	77

Match case Limit results 1 per page

Type a user name and specify logon status, authentication type, and permission sets.

We recommend creating user groups related to the role, for example

DLP Quarantine

Administrator

The order of creating users and permission sets is not critical. If you create users first, user names

appear in the permission set form and you can attach them to the set. If you create permission sets

first, the permission set names appear in the user form and you can attach the user to them.

Click

Save

Create and define permission sets

Permission sets are useful for defining different administrative roles in McAfee DLP Endpoint software.

Task

For option definitions, click

in the interface.

In McAfee ePolicy Orchestrator, select

User Management

Permission Sets

Click

New Permission Set

Type a name for the set and select users.

The order of creating users and permission sets is not critical. If you create users first, user names

appear in the permission set form and you can attach them to the set. If you create permission sets

first, the permission set names appear in the user form and you can attach the user to them.

Click

Save

In the

Data Loss Prevention

field for the new permission set, click

Edit

Select the required permissions and click

Save

Figure 5-4

Editing a permission set for McAfee DLP Endpoint

To turn off the sensitive data redaction feature, select

User can view DLP Monitor

in the monitor section.

DLP permission set options

Permission set options are designed to give granular control over administrator roles.

Table 5-4

Option definitions

Option

Definition

User cannot view policies.

User is not a policy administrator.

User can only generate Agent Override, Agent

Uninstall, and Agent Quarantine Release keys.

User administrator role is limited to override,

uninstall, and release keys.

User can only view policies.

User can review but not edit policies.

User can view and save policies.

User has full policy administrator permissions.

Installing McAfee DLP Endpoint

User and permission sets

McAfee Data Loss Prevention 9.2.1

Installation Guide