Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
21222324252627282930
Basic preparations and recommendations
The following recommendations will make sure that your data is protected during and after the
encryption process.
As with any roll out and deployment, it is advisable to back up the system before
you encrypt it, and perform regular backups
It is good practice to back up the system before installing EEPC to ensure data is not lost in the
unlikely event a problem occurs. The EETech recovery tools can also be used to decrypt and recover
any unbootable disks. Please refer to the EETech User Guide for more information.
When upgrading EEPC the Mfeepehost service must not be stopped either manually or by third party
software since this can cause problems. Also note that during an upgrade the system must be kept
powered on until the software (both Host and Admin portions) complete installing.
CHKDSK /r Clean up the disk before you encrypt it
Hard disks that are damaged, or have a high number of undiscovered bad sectors, may fail during the
full disk encryption process. Run a CHKDSK /r command prior to installing EEPC to make sure the disk is
healthy. Optionally, run the OEM diagnostic tools to make sure that all other HW components are
working correctly.
Understand the supported tokens/readers for EEPC
Make sure that the supported reader drivers are installed in your client system before trying to install
Endpoint Encryption for PC. Make sure to obtain the correct drivers from the manufacturer website
and review their release notes to avoid any known issues with the tokens or readers. The supported
tokens and readers are listed in these KB articles:
Supported Readers used for authentication in McAfee Endpoint Encryption for PC 6.x: https://
kc.mcafee.com/corporate/index?page=content&id=KB71554
Supported Tokens used for authentication in McAfee Endpoint Encryption for PC 6.x: https://
kc.mcafee.com/corporate/index?page=content&id=KB71555
Maintain separate test and production clients
Enterprise administrators are advised to maintain separate test and production environments.
Modification to the production server should be limited. Use the test system to test software updates,
driver updates and Windows Service Packs prior to updating the production systems.
Build and test recovery tools
The administrator needs to be aware that there will be changes to the normal client boot process due
to installing EEPC. Administrators are advised to:
Create and test the customized EETech WinPE V1 or V3 Disk with EEPC drivers installed.
Create and test an EETech Standalone Boot disk.
Run a pilot test of software compatibility
We recommend that you run a pilot test of EEPC on a client system. This will make sure that EEPC is
not in conflict with any encryption software on the client computers before rolling out to a large
number of clients. EEGO can be a valuable tool to detect the presence of third party encryption
software that may prevent activation or create further issues with EEPC.
This is particularly useful in environments that use a standardized client image.
4
Deployment and activation
Basic preparations and recommendations
28
McAfee Endpoint Encryption for PC 6.2 Software Best Practices Guide