Summary of Contents for McAfee DFFCDE-AA-DA - Endpoint Encryption For Files
Page 1
McAfee Endpoint Encryption for Files and Folders 4.0.0 Product Guide...
Page 2
EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
Introducing McAfee Endpoint Encryption for Files and Folders McAfee Endpoint Encryption for Files and Folders (EEFF) offers data protection in the form of powerful encryption technology so that only authorized users can access information. Contents Why EEFF? How EEFF 4.0 works...
• Windows authentication based policy enforcement — Assigns encryption policies and keys to Windows user accounts. • Integration with the McAfee Tray icon - Consolidates the tray icons to one common McAfee icon. • User Personal Keys - Allow users to have individual keys, generated centrally and possible to assign in policies for encryption.
This guide provides information on detailed instructions for managing the McAfee Endpoint Encryption for Files and Folders 4.0 client. Target audience This guide is mainly intended for McAfee Endpoint Encryption for Files and Folders users. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Installing EEFF This chapter describes how to install EEFF using McAfee ePolicy Orchestrator management software version 4.5 and 4.6. To use this chapter effectively, you need to be familiar with ePO. NOTE: This document does not provide detailed information about installing or using ePO. See the McAfee ePolicy Orchestrator product documentation for more information.
From the Server type drop-down list on the Description page, select LDAP Server, specify a unique name (a user friendly name) and any details, then click Next. The Details page appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Task For option definitions, click ? in the interface. Click Menu | Policy | Client Task Catalog , select McAfee Agent | Product Deployment as Client Task Types, then click Actions | New Task . The New Task dialog box appears.
Page 11
Click Actions | New Client Task Assignment. The Client Task Assignment Builder wizard appears. On the Select Task page, select Product as McAfee Agent and Task Type as Product Deployment, then select the task you created for deploying product. 10 Next to Tags, select the desired option, then click Next: •...
Product Deployment, then click Next. In the Configuration page, select Target Platforms as Windows, Products and components as McAfee Endpoint Encryption for Files and Folders 4.0.0.0, Action as Remove. Select an appropriate Language, then click Next. Schedule the task to run immediately or as required, then click Next to view a summary of the task.
Click Actions | New Client Task Assignment. The Client Task Assignment Builder wizard appears. On the Select Task page, select Product as McAfee Agent and Task Type as Product Deployment, then select the task you created for uninstalling EEFF from managed nodes.
Use this task to uninstall EEFF from a managed node using MSI. Before you begin You should have administrator rights to run this command on the managed node. Task For option definitions, click ? in the interface. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 15
Run the following commands to uninstall EEFF. You will be prompted to restart the system after uninstallation. msiexec /q /norestart /I eeff[XX].msi msiexec /q /x eeff[XX].msi [XX] — 32 for 32-bit Operating System and 64 for 64-bit Operating System McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Allow Explicit Encrypt — Enables the Encrypt option for client system users. Default value is disabled. • Allow Explicit Decrypt — Enables the Decrypt option for client system users. Default value is disabled. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 17
Percentage of free space — Encrypts a specified percentage of the free space on the removable media. Default value is 100%. • Recovery Methods — Specifies methods used to recover the EERM encrypted removable media. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 18
NOTE: File wiping may slow down encrypted file operations due to the additional disk operations required. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 19
Maximum clients allowed to encrypt folders — Specifies the maximum number of users who can simultaneously encrypt folders on a network. NOTE: This option is applicable only if the file is being encrypted through policy enforcement. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Task For option definitions, click ? in the interface. Click Menu | Policy | Policy Catalog, then select Endpoint Encryption for Files and Folders from the Product drop-down list. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Use this task to assign a policy to multiple managed nodes within a group. You can assign policies before or after Endpoint Encryption for Files and Folder is deployed. Task For option definitions, click ? in the interface. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Select Enforcing or Not enforcing accordingly as Enforcement status. Choose whether to lock policy inheritance. Locking inheritance for policy enforcement prevents breaking enforcement for groups and systems that inherit this policy. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
(or other Active Directory objects such as a group or organizational unit) when creating the policy assignment rule. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Use this table to perform common management tasks when working with policy assignment rules. To perform these actions, click Menu | Policy | Policy Assignment Rules. Select the action to perform from the Actions menu or the Actions column. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Locate the Grant Key policy category, then click Edit Assignment. The Policy Assignment page appears. Click New Policy Instance. The new policy instance Policy 2 is added in the Policy Assignment page McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Click Add Policy to select the policies that you want to be enforced by this policy assignment rule. Select Endpoint Encryption for Files for Folders 4.0.0 from the Product drop-down list. Select Grant Keys from the Category drop-down list. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 27
System Tree. Before you begin To complete this task you must: • Have a registered LDAP server. For more information, see Registering LDAP servers . McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Assignment page appears. Select the Product as Endpoint Encryption for Files and Folders 4.0.0, then click Select User next to Effective Policy for User. The Select User window appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 29
Locate the Grant Key policy category, then click View Effective Policy. The View Effective Grant Keys Policy page appears with the list of keys available to the user and the policies to which they are associated. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Use this task to create a new encryption key. Task For option definitions, click ? in the interface. Click Menu | Data Protection | EEFF keys. The EEFF Key Management page appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Click Menu | Data Protection | EEFF keys. The EEFF Key Management page appears. Select the key to edit, then click Actions | Edit key. The Edit Key dialog box appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Click Menu | Data Protection | EEFF keys. The EEFF Key Management page appears. Click Actions | Import Keys. The Import Keys page appears. Browse to select the .bin or .xml file, then type the password if prompted. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Click Menu | Policy | Policy Assignment Rules, then click New Assignment Rule. The Policy Assignment Builder wizard appears. Type the Name and Description, then click Next. The user Selection Criteria page opens. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 34
Click Menu | Data Protection | EEFF keys. The EEFF Key Management page appears. Select the required user personal key, then click Actions | Edit Key. The Edit key dialog box appears. Select Display as regular, then click OK. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
• PDF — Print the results. Contents Creating EEFF custom queries Viewing the standard EEFF queries Creating EEFF custom queries Use this option to create EEFF custom queries with the Query Builder wizard. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
For option definitions, click ? in the interface. Click Menu | Reporting | Queries. The Queries page opens. Select EEFF Queries from Shared Groups in Groups pane, The standard EEFF query list appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 37
Available actions depend on the permissions of the user. NOTE: The user has an option to edit the query and to view the details of the query. Click Close when finished. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Use this task to define permissions for configuring EEFF policy settings. Task For option definitions, click ? in the interface. Click Menu | User Management | Permission Sets | New Permission Set. The New Permission Set page appears. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Click Menu | User Management | Permission Sets | New Permission Set. The New Permission Set page appears. Click Edit next to EEFF Key Server. The Edit Permission Set page appears. Set appropriate permissions to the user and click Save. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
CD/DVD drives. Task On the client system, create a DWORD value in HKLM\System\CCS\Service\MfeEEFF called ExemptNonRemovable and set its value to 1. Restart the system to save the changes. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 41
• This registry value must be manually set on each client system. It can also be remotely distributed with a systems management tool. • When enabled, it will not be possible to read (decrypt) any existing encrypted files on local drives or network shares. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Encryption for Files&Folders. Typically, most anti-virus solutions can be policy controlled to exclude certain directories from real-time scanning. Consult the operating manuals for your anti-virus solution for further details. McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 43
Query Builder wizard regular creating custom queries user local user personal registered servers LDAP servers, adding LDAP servers, registering requirements, operating system McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...
Page 44
LDAP servers, registering best practices software create systems enable assigning policies to grant key policy enforcement for a product recover Uninstall View Effective policy deployment package system from ePO user McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide...