Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
31323334353637383940
You can also create two separate tasks to deploy the packages, providing you wait for the first
deployment (EEAgent) to complete before deploying the second package. You can also verify the
completion of the EEAgent deployment, before deploying the EEPC package, by creating and executing
a customized query from the McAfee ePO server. If the EEPC package is deployed first, you can run
the EEAgent task and deploy it later.
End user experience
The deployment task pushes both the Endpoint Encryption Agent and the EEPC components to the
selected systems. The installation is silent, however, the user is prompted to restart the client when
the EEPC component install is complete. It is important that the user restarts the client PC when
prompted. If this does not happen, EEPC will not activate.
Add group users
Group Users are the EEPC user accounts that are be allocated to every encrypted system. They are
typically administration accounts used for troubleshooting and supporting the client in a given group.
If you choose to add a Group or an Organizational Unit (OU), you will not see the individual user names.
Instead, you will see the entire Domain Name of the Group or Organizational unit.
All EEPC user accounts, including Group User, accounts get assigned the default password upon
creation. If the default password is not changed in the User-Based Policies then use 12345 as the
default password for the first time you log on with these user accounts.
If you want the system to capture the user's credentials automatically without having to make them
use a default password on PBA, enable the Do not Prompt for default password option under User Based Policies |
Password.
Users
To access the data on an encrypted computer, the user must go through the PBA. If the Enable Auto
Booting option is not enabled then the client user is presented with the PBA screen when the system is
restarted after activating EEPC.
During the first Pre-Boot after activation, the user needs to initialize the user account with the default
password and enroll for the self recovery if this feature has been enabled in the policy.
During the initialization process, users will set up their Pre-Boot credentials to unlock the disk. Only
the assigned users from a registered LDAP server will be accepted by EEPC PBA.
At least one EEPC user is required to be assigned to EEPC on each client; this could be an administrative
user.
Add local domain users
This option automatically adds the previously logged in domain users to the client system, so that
administrators don't have to manually assign users to the client systems in the ePolicy Orchestrator
console.
This option can be enabled as and when needed through the Endpoint Encryption Product Settings
Policies (Menu | Policy | Policy Catalog | Endpoint Encryption 1.2.0 (Product Settings) | Log on tab | Add local domain users).
Deployment and activation
Add group users
4
McAfee Endpoint Encryption for PC 6.2 Software Best Practices Guide
31