Release Notes
Revision AMcAfee Data Loss Prevention Endpoint
9.4.100
For use with McAfee ePolicy Orchestrator
Contents
About this release New features Enhancements
Installation instructions Known issues
Find product documentation
About this release
This document contains important information about the current release. We strongly recommend that you read the entire document.
This release includes the following: • McAfee®
Data Loss Prevention extension for McAfee®
ePolicy Orchestrator®
(McAfee ePO™
) 9.4.100.15
To upgrade policies and events, install the McAfee DLP 9.4.100 extension in McAfee ePO together with McAfee®
Data Loss Prevention Endpoint (McAfee DLP Endpoint) extension 9.3.500 (Patch 5) or later.
Upgrade to the version 9.3.500 or later extension before installing the version 9.4.100 extension.
• McAfee®
Data Loss Prevention Endpoint (McAfee DLP Endpoint) client for Microsoft Windows build 9.4.100.94
• McAfee DLP Endpoint client for OS X build 9.4.100.17
• McAfee DLP Endpoint Diagnostic Tool for Windows 9.4.100.68 • McAfee®
This release was developed for use with: • McAfee ePO 4.6.9, 5.1.3, and 5.3.1
When running McAfee ePO in Microsoft Internet Explorer, use Internet Explorer 10.0 or later.
• McAfee®
Agent for Windows 4.8 Patch 3 and 5.0.2 • McAfee Agent for Mac 4.8 Patch 2 or later or 5.0 or later
OS X Yosemite 10.10 requires McAfee Agent 4.8 Patch 2 or later, or McAfee Agent 5.0 or later; OS X El Capitan 10.11 requires McAfee Agent 4.8.0.1938 (Patch 3) or 5.0.2 HF1085179
Supported systems
The McAfee DLP Endpoint client for Microsoft Windows in this release was developed for use with the following Microsoft operating systems.
• Windows 7 SP1 or later Enterprise and Professional editions, 32-bit and 64-bit • Windows 8 and 8.1 or later Enterprise and Pro, 32-bit and 64-bit
• Windows 10 Enterprise and Pro, 32-bit and 64-bit
• Windows Server 2008 R2 and 2008 SP2 or later, 32-bit and 64-bit • Windows Server 2012 and 2012 R2 or later, 64-bit
File System Discovery rules and Network Communication Protection rules are not supported on servers.
The McAfee DLP Endpoint client for OS X in this release was developed for use with the following Mac operating systems. • OS X Mountain Lion 10.8.5 • OS X Mavericks 10.9.5 • OS X Yosemite 10.10 • OS X El Capitan 10.11 Install McAfee®
Endpoint Protection for Mac 2.3 and McAfee®
Agent 4.8.0.1938 (Patch 3) before upgrading OS X to El Capitan 10.11, and before upgrading McAfee DLP Endpoint for OS X to this release.
Compatible McAfee managed products
The McAfee DLP Endpoint client for Windows in this release has been tested for compatibility with the following McAfee managed product versions.
• McAfee®
Application Control (formerly Solidcore) 6.1.3 and 6.2 • McAfee®
Client Proxy 1.2 and 2.0 • McAfee®
Data Exchange Layer (DXL) 1.1 and 2.0 • McAfee®
Drive Encryption (formerly McAfee Endpoint Encryption for PC) 7.1.3 • McAfee®
Endpoint Security 10.0.1 • McAfee®
File and Removable Media Protection (FRP) (formerly McAfee®
• McAfee®
Host Intrusion Prevention System 8.0 Patch 5 (Patch 6, if applicable for Microsoft Windows 10)
• McAfee®
Management of Native Encryption (MNE) 3.0.1 • McAfee®
Policy Auditor 6.2 • McAfee®
Risk Advisor 2.7 Patch 2 • McAfee®
Rogue System Detection (RSD) 4.7.0.312 and 5.0.2 • McAfee®
SiteAdvisor®
Enterprise 3.5 Patch 3 • McAfee®
Threat Intelligence Exchange (TIE) 1.1 • McAfee®
Virtual Technician 1.1.0 • McAfee®
VirusScan®
Enterprise 8.7 Patch 5 and 8.8 Patch 6
The McAfee DLP Endpoint client for Mac in this release has been tested for compatibility with the following McAfee managed product versions.
• McAfee Client Proxy 2.0
• McAfee Endpoint Encryption for Mac 7.0 • Endpoint Protection for Mac 2.2 and 2.3
OS X El Capitan 10.11 requires Endpoint Protection for Mac 2.3 only.
• McAfee®
Endpoint Security for Mac 10.0 • McAfee®
Management of Native Encryption (MNE) 2.1 • McAfee VirusScan for Mac 9.7
Supported software
McAfee DLP Endpoint supports the following third-party software products. These versions have been tested for compatibility with this release.
Virtualization applications:
• Citrix XenApp 6.0, 6.5 FP2, and 7.6
Citrix Device Rules are not supported when using a separate controller server with XenApp 7.6.
• Citrix XenDesktop 5.5, 5.6, 7.0, 7.1, 7.5, and 7.6 • VMware View 5.3, 6.0, and 6.2
• VMware Hyper-V 6.3.9600 Cloud applications:
• Box Sync 3.4.25–4.0.5693 • Microsoft OneDrive 17.0.2015–17.3.1229 • Dropbox 2.4.6–4.0.6073 • Syncplicity 3.4.5.6–3.5.2.19
Security and encryption applications: • Boldon James Email Classifier 3.7.4
• Microsoft Active Directory Rights Management Service (AD RMS) 2008, 2012 • Seclore FileSecure Policy Server 2.78.0.0
• Seclore Desktop Client 2.43.0.0 • Stormshield Data Security 9.1.10442 • Titus Message Classification 3.5 • Titus Classification for Desktop 3.1 • Titus Classification Suite 4.3 HF1 • Titus SDK 3.1.9.9
• TrueCrypt 7.0.1 Office applications:
• Adobe Acrobat Pro, X and XI • Adobe Reader 7–10.1.4
• Adobe Acrobat Reader DC 2015.008.20082
• Google Chrome 32-bit 37.0.2062.103– 46.0.2490.71 • Lotus Notes client software 8.5.2, 8.5.3, 9.0, and 9.0.1 • Microsoft Edge 20.10240.16384.0
• Microsoft Internet Explorer 8–11
• Microsoft Office 2007, 2010, and 2013 SP1 • Microsoft Outlook 2007, 2010, 2013 SP1 • Microsoft Sharepoint 2007, 2010, and 2013 • Mozilla Firefox 32-bit 38.0–42.0
New features
This release of the product includes these new features.
Case management
McAfee DLP Endpoint 9.4.100 supports case management. The feature is implemented as a module under Data Protection in the McAfee ePO menu. The module is available to both McAfee DLP Endpoint and McAfee®
Data Loss Prevention Discover (McAfee DLP Discover). Case management allows administrators to collaborate toward the resolution of related incidents.
Policy and event migration from 9.3 to 9.4
After running conversions, check the Server Task Log to verify the conversion.
The DLP policy conversion task is run after installing McAfee DLP Endpoint 9.4.100. Rules appear in the DLP Policy Manager Rule Sets table as [9.3] Policy conversion rule set. All converted rules appear as a single rule set. There is no division into separate rules. Classifications and definitions appear in their respective tabs, labeled as [9.3].
Operation events and incident conversions are run in chunks of 200,000 per run. We recommend scheduling the operational events and incident conversions to run at night, during off-peak hours, or weekends to avoid placing an excessive load on the processor during work hours.
Data rollup tasks
McAfee ePO rollup tasks draw data from multiple servers to produce a single report. You can create rollup reports for McAfee DLP operational events and incidents. The feature is implemented as a McAfee ePO server task. You can now create a data rollup server task, and select either DLP Incidents or DLP Operational Events from the Data Type drop-down list on the Actions page.
Enhancements
This release of the product includes these enhancements.
Microsoft Windows 10 support
McAfee DLP Endpoint 9.4.100 supports Windows 10 32‑bit and 64‑bit PC operating systems.
Microsoft Edge support in web post protection rules
Web post protection rules now support uploads from the Microsoft Edge browser.
Threat Intelligence Exchange integration
McAfee®
Data Exchange Layer (DXL) communicates threat information to McAfee DLP Endpoint. The threat information received from DXL can track application-based threats according to a specified TIE reputation using Application File Access Protection rules.
Improved Titus support
For supported versions of Titus, McAfee DLP Endpoint calls the Titus API to identify tagged files and determine the tags.
The Titus SDK must be installed on the endpoint computer in order to call the API.
The enhancement is implemented with the classification criteria File conditions | Third party tags. The third-party tag condition can be set to search for an exact Titus tag name or a substring of a Titus tag name. Multiple Titus tag names or substrings can be added to a single definition when separated by semicolons. The enhancement is supported in all data protection rules.
Stormshield Data Security encryption support
Removable storage and network share data protection rules now support encryption with Stormshield Data Security software. The enhancement is implemented when selecting the prevent action Encrypt, with an option for either FRP or Stormshield Data Security.
Improved printer definitions
The Network Printer definition now accepts substrings in the UNC field.
Improved exceptions engine
Exceptions in data protection rules have been moved to a separate tab. The Conditions tab no longer supports NOT options. On the Exceptions tab, you can create multiple exceptions for each rule. Multiple rule exception pages are treated as AND. Added rule exceptions are disabled by default, but can be enabled from a drop-down list on the page.
Summary event for endpoint discovery moved to DLP Incident Manager
The summary for each scan run is now exported to DLP Incident Manager. It is no longer treated as an operational event. A McAfee ePO server task migrates McAfee DLP Endpoint 9.4.0 summary events to the 9.4.100 DLP Incident Manager.
True file type support in removable storage file access device rules
Removable storage file access device rules now support true file type in addition to file extension and file name.
Installation instructions
The McAfee DLP extension is installed in McAfee ePO.
The McAfee DLP Endpoint client is available in two versions, one for Microsoft Windows and one for OS X computers. The recommended installation of the client software uses the McAfee ePO infrastructure for deployment to the endpoint computers.
You can also deploy McAfee DLP Endpoint client software to your network using third‑party enterprise software deployment tools.
For information about installing McAfee DLP Endpoint, see the McAfee Data Loss Prevention Endpoint Product Guide, version 9.4.100.
Known issues
For a list of known issues in this product release, see this McAfee KnowledgeBase article: KB84509.
Find product documentation
On the ServicePortal, you can find Information about a released product, including product documentation, technical articles, and more.
Task
1 Go to the ServicePortal at http://support.mcafee.com and click the Knowledge Center tab. 2 In the Knowledge Base pane under Content Source, select Product Documentation.
Product documentation
Every McAfee product has a comprehensive set of documentation. See this documentation for your product version:
• McAfee Data Loss Prevention Endpoint Release Notes • McAfee Data Loss Prevention Endpoint Product Guide
Help modules are automatically included with the product installation.
Copyright © 2015 McAfee, Inc. www.intelsecurity.com
Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others.
