McAfee Host Data Loss Prevention 9.1
COPYRIGHT
Copyright © 2011 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
LICENSE INFORMATION License Agreement
Contents
Installing Host DLP in a Cluster Environment. . . .4
Requirements. . . 4
Installing the McAfee Host Data Loss Prevention extension. . . 4
Upgrading McAfee Host Data Loss Prevention. . . 5
Installing Host DLP WCF service. . . 6
Installing Host DLP in a Cluster Environment
McAfee Host Data Loss Prevention 9.1 software provides high availability for environments running ePolicy Orchestrator 4.5 in a cluster.
This guide describes Host DLP installation on a Microsoft Win 2008 Server with Failover Clustering role. Installation on other operating systems has not been tested and is not currently supported.
Contents
Requirements
Installing the McAfee Host Data Loss Prevention extension Upgrading McAfee Host Data Loss Prevention
Installing Host DLP WCF service Testing the cluster
Requirements
Before running McAfee Host Data Loss Prevention 9.1 in a cluster environment ensure that: • Microsoft Failover Clustering is set up and running on a cluster of two or more servers. • Two separate drives are configured for clustering: a Quorum drive and a Data drive. • There is a supported database server (SQL 2005 or SQL 2008) in the network.
• McAfee ePolicy Orchestrator is set up according to theMcAfee ePolicy Orchestrator 4.5 Cluster Installation Guide. The guide can be found at:
https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/21000/pd21842/en_us/epo_450_cluster_install_guide_en-us.pdf.
Installing the McAfee Host Data Loss Prevention
extension
Use this task for a clean installation of the McAfee Host Data Loss Prevention software version 9.1 extension in ePolicy Orchestrator on one of the nodes.
Before you begin
Verify that the ePolicy Orchestrator server name is listed under Trusted Sites in the Internet Explorer security settings.
• Automatic prompting for ActiveX controls • Download signed ActiveX controls
Task
1 In ePolicy Orchestrator, click Menu | Software | Extensions, then click Install
Extension.
2 Browse to and select the Host DLP Policy zip file (..\HDLP_9_1_0_xxx.zip). Click Open,
then OK. The installation dialog box displays the file parameters to verify that you are installing the correct extension.
3 Click OK. The extension is installed.
4 Click Install Extension again, Browse to and select the Help zip file (...help_dlp_900.zip). Click Open, then OK.
NOTE:This file contains the Host DLP extension to the ePO Help system.
5 Click OK. The other nodes are updated automatically.
6 To verify Host DLP extension installation, navigate in ePolicy Orchestrator to Menu | Data
Protection | DLP Monitor. The DLP Management Tool Wizard runs to complete the
installation.
Upgrading McAfee Host Data Loss Prevention
Use this task to upgrade an earlier version of McAfee Host Data Loss Prevention software to version 9.1 in ePolicy Orchestrator.
CAUTION:If you want to be able to view previous events in the Host DLP Monitor, do not delete the existing McAfee Host Data Loss Prevention extension in ePolicy Orchestrator. Removing the extension removes all events from the Host DLP Database.
Before you begin
• When downloading the files from the McAfee download site for McAfee Host Data Loss Prevention, follow the link to the download page for ePolicy Orchestrator Help, and download the latest Help zip file.
• Log out of ePolicy Orchestrator and close the browser window. (Step 1 cannot be completed without doing this.)
Task
1 From the Windows Control Panel, using Add or Remove Programs, uninstall the Host DLP Management Tools. This step should be performed on each node.
2 In ePolicy Orchestrator, go to Software | Extensions. Click Install Extension, then click Browse and select the McAfee Host Data Loss Prevention policy manager zip file (..\HDLP_Extension_9_1_0_xxx.zip). Click Open, then OK twice. The extension is installed, and appears in the extension list.
If you are installing without removing the previous extension, you see a warning that the new extension will replace the existing one. Click OK.
3 Install Extension again, Browse and select the Help zip file (..\help_dlp_910.zip). Click Open, then clickOK. The installation dialog box warns you that you will replace the existing
Help system. Click OK.
NOTE:This file contains the Host DLP extension to the ePO Help system.
Log out of ePolicy Orchestrator, then log back in. New features not supported by the previous installed version might not work if you do not do this.
4 To verify Host DLP extension installation, navigate in ePolicy Orchestrator to Menu | Data
Protection | DLP Monitor. The DLP Management Tool Wizard runs to complete the
installation.
Installing Host DLP WCF service
Use this task to install and configure the WCF service. This must be done on each of the nodes.
NOTE:Perform this task even if you are upgrading from a previous McAfee Host Data Loss Prevention version. Failure to do so can lead to errors when trying to save the global policy to the reporting database or updating database credentials.
Before you begin
Add the logged on user to the MS SQL database as a Windows or SQL user, according to which form of authorization you plan to use. Log out of ePolicy Orchestrator.
Task
1 Browse to and run theDLPWCFServiceInstaller.msi installer.
2 Follow the wizard until you reach the Select Installation Folder page. Verify that the destination folder is the local drive and the not shared drive.
3 Continue until you reach the SQL Database page. Provide the following information: • Database Server — Name of the server hosting the ePO database.
• Database Name — Name of the ePO database
• Database Server Credentials — Credentials to connect to the database server
NOTE:Changes to the WCF configuration should be performed on each node separately.
Testing the cluster
When the McAfee Host Data Loss Prevention 9.1 cluster is set up and online, use this task to ensure that Host DLP functions in a failover situation.
Task
1 Restart the system functioning as the active node. The passive node automatically becomes the active node.
2 Log in to ePolicy Orchestrator, open Data Protection | DLP Policy and click Apply to
