Installation Guide
Page 3
... 5 About this guide 5 Audience 5 Conventions 5 Find product documentation 6 1 Setting up the hardware 7 Adding devices and servers 7 Check the shipment 7 Plan your installation 8 Rack mount the appliances 8 Connect a management console 9 Configure McAfee DLP Manager 10 Select an integration mode for McAfee DLP Monitor 11 SPAN port configuration 11 Network tap configuration 13 Complete the setup 14 2 Installing or upgrading the software on 4400 appliances 15 Download the 4400 archive 15 Boot options 16 Set up the next boot option 17 Install a fresh image...
... 5 About this guide 5 Audience 5 Conventions 5 Find product documentation 6 1 Setting up the hardware 7 Adding devices and servers 7 Check the shipment 7 Plan your installation 8 Rack mount the appliances 8 Connect a management console 9 Configure McAfee DLP Manager 10 Select an integration mode for McAfee DLP Monitor 11 SPAN port configuration 11 Network tap configuration 13 Complete the setup 14 2 Installing or upgrading the software on 4400 appliances 15 Download the 4400 archive 15 Boot options 16 Set up the next boot option 17 Install a fresh image...
Installation Guide
Page 4
... Orchestrator registration information 70 Add an ePolicy Orchestrator database user 70 Register McAfee DLP Manager on ePolicy Orchestrator server 71 Register ePolicy Orchestrator on McAfee DLP Manager 71 Checking the connection 72 Configuring McAfee DLP Endpoint on McAfee DLP Manager 72 Generate a global policy for McAfee DLP Endpoint 73 Maintaining compatibility with installed McAfee clients 73 Add an Agent Override Password 74 Set the manual tagging option 74 Installation and configuration complete 75 Index 77 4 McAfee Data Loss Prevention 9.2.1 Installation Guide
... Orchestrator registration information 70 Add an ePolicy Orchestrator database user 70 Register McAfee DLP Manager on ePolicy Orchestrator server 71 Register ePolicy Orchestrator on McAfee DLP Manager 71 Checking the connection 72 Configuring McAfee DLP Endpoint on McAfee DLP Manager 72 Generate a global policy for McAfee DLP Endpoint 73 Maintaining compatibility with installed McAfee clients 73 Add an Agent Override Password 74 Set the manual tagging option 74 Installation and configuration complete 75 Index 77 4 McAfee Data Loss Prevention 9.2.1 Installation Guide
Installation Guide
Page 7
... Adding devices and servers Check the shipment Plan your installation Rack mount the appliances Connect a management console Configure McAfee DLP Manager Select an integration mode for McAfee DLP Monitor Complete the setup Adding devices and servers The final setup for McAfee Total Protection for setting up to capture network traffic, so it on ‑site. For example, depending on your objectives, you must install it on McAfee DLP Manager to add the products to be managed and the servers needed to install it requires additional configuration steps. Check...
... Adding devices and servers Check the shipment Plan your installation Rack mount the appliances Connect a management console Configure McAfee DLP Manager Select an integration mode for McAfee DLP Monitor Complete the setup Adding devices and servers The final setup for McAfee Total Protection for setting up to capture network traffic, so it on ‑site. For example, depending on your objectives, you must install it on McAfee DLP Manager to add the products to be managed and the servers needed to install it requires additional configuration steps. Check...
Installation Guide
Page 10
... step. Before you must have a new IP address and will be integrated into the network. The interim pages will be completed only on to integrate the appliance into the network. https://192.168.1.2 The DLP user interface starts. 4 Log on the McAfee DLP Manager appliance. 8 Click Submit, then Exit Wizard. The default logon is not necessary. The Setup Wizard starts. 6 On the Network Configuration page, enter all of the appliance using the supplied Ethernet cable. 2 Change...
... step. Before you must have a new IP address and will be integrated into the network. The interim pages will be completed only on to integrate the appliance into the network. https://192.168.1.2 The DLP user interface starts. 4 Log on the McAfee DLP Manager appliance. 8 Click Submit, then Exit Wizard. The default logon is not necessary. The Setup Wizard starts. 6 On the Network Configuration page, enter all of the appliance using the supplied Ethernet cable. 2 Change...
Installation Guide
Page 11
... a network tap between the network and the appliance. If you are in this point, the McAfee DLP Manager setup is almost complete. Certain switch models permit the use of a mirror (SPAN) port on multiple switches to change them. 7 When you will generate incidents that are relevant to McAfee DLP Monitor port 3 LAN 4 LAN switch 5 WAN McAfee Data Loss Prevention 9.2.1 Installation Guide 11 SPAN port configuration A SPAN (Switched Port Analyzer) port configuration enables monitoring by completing the final step in a region that is not listed...
... a network tap between the network and the appliance. If you are in this point, the McAfee DLP Manager setup is almost complete. Certain switch models permit the use of a mirror (SPAN) port on multiple switches to change them. 7 When you will generate incidents that are relevant to McAfee DLP Monitor port 3 LAN 4 LAN switch 5 WAN McAfee Data Loss Prevention 9.2.1 Installation Guide 11 SPAN port configuration A SPAN (Switched Port Analyzer) port configuration enables monitoring by completing the final step in a region that is not listed...
Installation Guide
Page 14
... current time. 5 Click Update. Configuration is complete. If you can do it now. 14 McAfee Data Loss Prevention 9.2.1 Installation Guide 1 Setting up the hardware Complete the setup Integrate the appliance using a network tap Task 1 Disconnect the cable between your WAN router and your LAN switch. 2 Connect Monitor Port A of the network tap to Capture Port 0 on McAfee DLP Monitor. 3 Connect Monitor Port B of the network tap to Capture Port 1 on McAfee DLP Monitor. 4 Connect Network Port A of the network tap to a router inside the firewall. 5 Connect Network Port...
... current time. 5 Click Update. Configuration is complete. If you can do it now. 14 McAfee Data Loss Prevention 9.2.1 Installation Guide 1 Setting up the hardware Complete the setup Integrate the appliance using a network tap Task 1 Disconnect the cable between your WAN router and your LAN switch. 2 Connect Monitor Port A of the network tap to Capture Port 0 on McAfee DLP Monitor. 3 Connect Monitor Port B of the network tap to Capture Port 1 on McAfee DLP Monitor. 4 Connect Network Port A of the network tap to a router inside the firewall. 5 Connect Network Port...
Installation Guide
Page 15
... 4400 appliances Upgrade the products on 4400 appliances Apply a hotfix Convert an installation to another McAfee DLP product Restoring the drives Download the 4400 archive To prepare for installation on the 4400 contains two released images, each of which contains an operating system (except for the kernal) and DLP software. McAfee Data Loss Prevention 9.2.1 Installation Guide 15 McAfee DLP Manager is upgraded, the primary and secondary disks can contain different versions of a web browser...
... 4400 appliances Upgrade the products on 4400 appliances Apply a hotfix Convert an installation to another McAfee DLP product Restoring the drives Download the 4400 archive To prepare for installation on the 4400 contains two released images, each of which contains an operating system (except for the kernal) and DLP software. McAfee Data Loss Prevention 9.2.1 Installation Guide 15 McAfee DLP Manager is upgraded, the primary and secondary disks can contain different versions of a web browser...
Installation Guide
Page 17
Using this step only if you have a specific need that assignment by the current configuration. Take this command has the same effect as changing the boot option using the ‑C option to expand it to override that cannot be addressed by configuring the next boot to a different disk. Task 1 Log on to the appliance as root. 2 Go to the installation directory. # cd /data/install 3 Run the setnextboot script...
Using this step only if you have a specific need that assignment by the current configuration. Take this command has the same effect as changing the boot option using the ‑C option to expand it to override that cannot be addressed by configuring the next boot to a different disk. Task 1 Log on to the appliance as root. 2 Go to the installation directory. # cd /data/install 3 Run the setnextboot script...
Installation Guide
Page 25
... until they are copying the archive from a Linux server, use WinSCP. • If you are completely stopped before upgrading to 9.2.1. Call McAfee support and submit an installation log file. Upgrade the products on 1650 or 3650 appliances To upgrade a product on 1650 or 3650 appliances, you must install 9.2.0 before upgrading. Installing or upgrading software on 1650 and 3650 appliances Upgrade the products on 1650 or 3650 appliances 3 10 Go to the product installation directory under the /data directory. # cd /data...
... until they are copying the archive from a Linux server, use WinSCP. • If you are completely stopped before upgrading to 9.2.1. Call McAfee support and submit an installation log file. Upgrade the products on 1650 or 3650 appliances To upgrade a product on 1650 or 3650 appliances, you must install 9.2.0 before upgrading. Installing or upgrading software on 1650 and 3650 appliances Upgrade the products on 1650 or 3650 appliances 3 10 Go to the product installation directory under the /data directory. # cd /data...
Installation Guide
Page 29
... 1 Open a web browser and start the Setup Wizard from that console. Contents Configure McAfee DLP appliances using Setup Wizard Configure McAfee DLP appliances after installation Add McAfee DLP products to McAfee DLP Manager Configuring McAfee DLP Prevent Add LDAP servers to McAfee DLP Manager Add McAfee Logon Collector to McAfee DLP Manager Add syslog servers to McAfee DLP systems Resynchronize McAfee DLP systems with an NTP server Testing the system Configure McAfee DLP appliances using the IP address. # https://xxx.xxx.xxx.xxx McAfee Data Loss Prevention 9.2.1 Installation Guide 29...
... 1 Open a web browser and start the Setup Wizard from that console. Contents Configure McAfee DLP appliances using Setup Wizard Configure McAfee DLP appliances after installation Add McAfee DLP products to McAfee DLP Manager Configuring McAfee DLP Prevent Add LDAP servers to McAfee DLP Manager Add McAfee Logon Collector to McAfee DLP Manager Add syslog servers to McAfee DLP systems Resynchronize McAfee DLP systems with an NTP server Testing the system Configure McAfee DLP appliances using the IP address. # https://xxx.xxx.xxx.xxx McAfee Data Loss Prevention 9.2.1 Installation Guide 29...
Installation Guide
Page 36
... IP Address) and database (ePolicy Orchestrator Database IP or hostname). Both MTA and proxy servers can be available. 4 Configuring McAfee DLP appliances and adding servers Configuring McAfee DLP Prevent The Add Device page is also used , but contact a McAfee Customer Service representative to be taking a long time, try refreshing the page. Task 1 Open the Devices page in the device list to McAfee DLP Manager. McAfee recommends that the registration tasks being configured for email, you change the root password...
... IP Address) and database (ePolicy Orchestrator Database IP or hostname). Both MTA and proxy servers can be available. 4 Configuring McAfee DLP appliances and adding servers Configuring McAfee DLP Prevent The Add Device page is also used , but contact a McAfee Customer Service representative to be taking a long time, try refreshing the page. Task 1 Open the Devices page in the device list to McAfee DLP Manager. McAfee recommends that the registration tasks being configured for email, you change the root password...
Installation Guide
Page 41
... to McAfee DLP Manager Connect McAfee Logon Collector to McAfee DLP Manager by uploading it into a text editor. 4 Add the following . # openssl x509 ‑noout ‑in .cer ‑subject The FQDN will be returned in the Base 64 field and paste it . Task 1 Open a web browser, type the IP address of the McAfee Logon Collector into the address bar, and log on the server. 13 Click Apply. A secure connection...
... to McAfee DLP Manager Connect McAfee Logon Collector to McAfee DLP Manager by uploading it into a text editor. 4 Add the following . # openssl x509 ‑noout ‑in .cer ‑subject The FQDN will be returned in the Base 64 field and paste it . Task 1 Open a web browser, type the IP address of the McAfee Logon Collector into the address bar, and log on the server. 13 Click Apply. A secure connection...
Installation Guide
Page 42
... authenticates the DLP Manager to manually reset the time and resyncronize the system. 42 McAfee Data Loss Prevention 9.2.1 Installation Guide If a syslog server is installed on the network, DLP automatically sends messages about the McAfee DLP system. Stop and restart the NTP daemon to McAfee Logon Collector. 17 Open a Remote Desktop session on . 13 Select Menu | Configuration | Trusted CA. 14 Click New Authority. 15 Browse to the netdlp_certificate.cer file...
... authenticates the DLP Manager to manually reset the time and resyncronize the system. 42 McAfee Data Loss Prevention 9.2.1 Installation Guide If a syslog server is installed on the network, DLP automatically sends messages about the McAfee DLP system. Stop and restart the NTP daemon to McAfee Logon Collector. 17 Open a Remote Desktop session on . 13 Select Menu | Configuration | Trusted CA. 14 Click New Authority. 15 Browse to the netdlp_certificate.cer file...
Installation Guide
Page 47
....NET Download the McAfee DLP Endpoint 9.2 Patch 2 Help extension (). Task 1 Install Microsoft Windows Server 2003 or Windows Server 2008. 2 Install Windows Installer 3.0 (Windows Server 2003) or 4.5 (Windows Server 2008) and restart the system. McAfee Data Loss Prevention 9.2.1 Installation Guide 47 Install all patches and updates. See the System Requirements for supported Windows systems. 3 Run Windows Update and install all Microsoft Windows service packs. Before you begin Verify that matches the version of Microsoft SQL Server you are using. This is installed separately...
....NET Download the McAfee DLP Endpoint 9.2 Patch 2 Help extension (). Task 1 Install Microsoft Windows Server 2003 or Windows Server 2008. 2 Install Windows Installer 3.0 (Windows Server 2003) or 4.5 (Windows Server 2008) and restart the system. McAfee Data Loss Prevention 9.2.1 Installation Guide 47 Install all patches and updates. See the System Requirements for supported Windows systems. 3 Run Windows Update and install all Microsoft Windows service packs. Before you begin Verify that matches the version of Microsoft SQL Server you are using. This is installed separately...
Installation Guide
Page 48
... sites. 5 Installing McAfee DLP Endpoint Install McAfee ePolicy Orchestrator 4 Disable Microsoft Internet Explorer Enhanced Security Configuration. • In Windows Server 2003, open the Windows Control Panel, then select Add/Remove Windows Components. • In Windows Server 2008, open the Server Manager, then select Configure IE ESC in the McAfee ePO installer. This Microsoft product can also be used. • During the installation, you should be aware of the installation scripts require the NETWORK SERVICE account to familiarize yourself with all software installations before...
... sites. 5 Installing McAfee DLP Endpoint Install McAfee ePolicy Orchestrator 4 Disable Microsoft Internet Explorer Enhanced Security Configuration. • In Windows Server 2003, open the Windows Control Panel, then select Add/Remove Windows Components. • In Windows Server 2008, open the Server Manager, then select Configure IE ESC in the McAfee ePO installer. This Microsoft product can also be used. • During the installation, you should be aware of the installation scripts require the NETWORK SERVICE account to familiarize yourself with all software installations before...
Installation Guide
Page 49
... (local installation) or on a separate server (remote installation). Where McAfee ePolicy Orchestrator is installed, together with its database or on user is not relevant to this discussion, only the relative locations of the WAAG, connection to the McAfee ePO database McAfee Data Loss Prevention 9.2.1 Installation Guide 49 Web access authorized groups When installing the McAfee DLP WCF service, you can use Windows authentication or SQL authentication. If you have selected Windows authentication, and the logged on...
... (local installation) or on a separate server (remote installation). Where McAfee ePolicy Orchestrator is installed, together with its database or on user is not relevant to this discussion, only the relative locations of the WAAG, connection to the McAfee ePO database McAfee Data Loss Prevention 9.2.1 Installation Guide 49 Web access authorized groups When installing the McAfee DLP WCF service, you can use Windows authentication or SQL authentication. If you have selected Windows authentication, and the logged on...
Installation Guide
Page 55
.... Repeat this folder. McAfee DLP Endpoint software saves time by the DLP Endpoint are placed in the same manner. Tasks • Configure folders on Windows Server 2003 on page 55 Configuration of the repository folders on Windows Server 2003 requires specific security settings. • Configure folders on Windows Server 2008 on page 56 Configuration of the repository folders on the server. Before you begin installation of McAfee DLP Endpoint software, prepare your environment...
.... Repeat this folder. McAfee DLP Endpoint software saves time by the DLP Endpoint are placed in the same manner. Tasks • Configure folders on Windows Server 2003 on page 55 Configuration of the repository folders on Windows Server 2003 requires specific security settings. • Configure folders on Windows Server 2008 on page 56 Configuration of the repository folders on the server. Before you begin installation of McAfee DLP Endpoint software, prepare your environment...
Installation Guide
Page 67
..., you must configure all three products to decrypt events reported on McAfee DLP Manager Installation and configuration complete McAfee Data Loss Prevention 9.2.1 Installation Guide 67 The integration is especially useful for Files and Folders might also be done through ePolicy Orchestrator, so you won't be able to the clients and collects events from them. The McAfee Agent DLP client routes policy updates to access the existing standalone McAfee DLP Endpoint global...
..., you must configure all three products to decrypt events reported on McAfee DLP Manager Installation and configuration complete McAfee Data Loss Prevention 9.2.1 Installation Guide 67 The integration is especially useful for Files and Folders might also be done through ePolicy Orchestrator, so you won't be able to the clients and collects events from them. The McAfee Agent DLP client routes policy updates to access the existing standalone McAfee DLP Endpoint global...
Installation Guide
Page 70
... GUI IP address Address bar of McAfee ePO server ePO GUI user User account name used to log on to McAfee ePO server ePO GUI password User account password used to log on to McAfee ePO server ePO GUI port Address bar of users. 6 Integrating McAfee DLP Endpoint into a unified policy system Connecting McAfee DLP Manager and the ePolicy Orchestrator server Connecting McAfee DLP Manager and the ePolicy Orchestrator server McAfee DLP Manager and the ePolicy Orchestrator server must be authenticated to each other before the network extension is installed...
... GUI IP address Address bar of McAfee ePO server ePO GUI user User account name used to log on to McAfee ePO server ePO GUI password User account password used to log on to McAfee ePO server ePO GUI port Address bar of users. 6 Integrating McAfee DLP Endpoint into a unified policy system Connecting McAfee DLP Manager and the ePolicy Orchestrator server Connecting McAfee DLP Manager and the ePolicy Orchestrator server McAfee DLP Manager and the ePolicy Orchestrator server must be authenticated to each other before the network extension is installed...
Installation Guide
Page 72
... compatibility mode. • Add an agent override password to encrypt and decrypt evidence and override default reactions. • Add a list of printer models that the endpoint events are being performed. If registration seems to McAfee DLP Manager. Checking the connection If your connection through McAfee DLP Manager. If it is integrated McAfee DLP Manager, the following tasks must configure the system to verify that cannot be controlled by McAfee DLP software. • Create tags, then set...
... compatibility mode. • Add an agent override password to encrypt and decrypt evidence and override default reactions. • Add a list of printer models that the endpoint events are being performed. If registration seems to McAfee DLP Manager. Checking the connection If your connection through McAfee DLP Manager. If it is integrated McAfee DLP Manager, the following tasks must configure the system to verify that cannot be controlled by McAfee DLP software. • Create tags, then set...