McAfee DFFCDE-AA-DA - Endpoint Encryption For Files Product Manual page 19

Configuring EEFF policies using ePO
EEFF Policies
Category
Grant Keys
(Multi-slot policy)
Network
McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide
Description
• Enable limiting of the file size that will be encrypted — Encrypts
only if the file size is less than the specified limit. Default value is 20 MB.
NOTE: This is applicable only if the folder is encrypted using Folder
Encryption policy.
• I/O Utilization
• Maximum I/O utilization — Specifies the percentage of I/O usage EEFF
processes can utilize during encryption.
• Blocked Processes — Blocks the specified processes from opening or editing
encrypted files. EEFF blocks a process by withholding the keys required to
decrypt the files.
• Add — Adds the process using which the user can not open or edit
encrypted files.
• Remove — Removes the process using which the user can not open or
edit encrypted files.
• Edit — Edits the process using which the user can not open or edit
encrypted files.
• Key Request Exclusion — Enables the process such as anti-virus to exclude
encrypted files if it does not have access to the required encryption key.
NOTE: All the keys assigned to the user through policy are unloaded every time
the user logs off.
• Add — Adds the process that will be excluded.
• Remove — Removes the process from exclusion list.
• Edit — Edits the process that will be excluded.
• File Extension Exclusion — Excludes the specified file extension from
encryption.
• Add — Adds the file extension that will be excluded.
• Remove — Removes file extension from exclusion list.
• Edit — Edits file extension that will be excluded.
• Available Keys — Lists all the active keys, which includes regular, and user
personal keys.
• Selected Keys — Specifies the keys which the policy grants when assigned
to users.
• Enable network encryption — Enables encryption of files on network
locations.
• Enable network bandwidth limit — Limits the network bandwidth used by
EEFF when encrypting files on network locations. Default value is 50 KB/sec.
• Disable encryption on slow connections — Does not encrypt files on
network locations if the network latency is above the specified limit. Default
value is 500 milliseconds.
NOTE: This option is applicable only if the file is being encrypted through policy
enforcement.
• Maximum clients allowed to encrypt folders — Specifies the maximum
number of users who can simultaneously encrypt folders on a network.
NOTE: This option is applicable only if the file is being encrypted through policy
enforcement.
19