Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
31323334353637383940
Table Of Contents
High level process of the installation
This section lists the steps and considerations involved in Endpoint Encryption deployment and
activation.
This procedure is explained in more detail in the McAfee Endpoint Encryption
7.0 Patch 1 Product
Guide.
Task
1
Install the EEPC/EEMac extensions into ePolicy Orchestrator. Check for the correct and latest
version of the extension. Install EEAdmin extension first then EEPC.
2
Check in the EEPC/EEMac packages to ePolicy Orchestrator. Check for the correct and latest version
of the EEAdmin and EEPC packages.
3
Register your LDAP Server. Check for the correct domain and Server IP address of your LDAP
server configured.
4
Create EE LDAP Server User/Group Synchronization task and schedule it to run. Check for the correct format
of the user attributes while scheduling the task.
5
Modify the Product Settings and UserBased Policies, as appropriate. Plan and verify the policy
settings for your organization's requirements.
6
Add a user to the client system. Decide whether to add the users manually in ePolicy Orchestrator
or to add users using the Add local domain user option present under the Product Settings Policy. At least
one user must be assigned to each client in order to activate EEPC on it.
7
Create a client task to deploy the EEPC/EEMac components to the client systems. Make sure that
you deploy the packages in the right order (EEAgent then EEPC/EEMac).
8
Test for successful deployment, activation and encryption on targeted endpoints. Make sure to
make use of the reporting facilities available in the ePolicy Orchestrator management software.
Client task to deploy the EEAgent and Endpoint Encryption
packages
We recommend that you create a new system group in ePolicy Orchestrator for Endpoint Encryption
deployment. Name it EEPC/EEMac Test Systems or EEPC/EEMac Production Systems, respectively, for
example.
Do not create the deployment task at the My Organization level of the System Tree. Select a group in the
System Tree, go to the Client Tasks tab and create the deployment task.
Importing systems from Active Directory to ePolicy Orchestrator
McAfee ePO provides an AD Synchronization/NT domain task to synchronize ePolicy Orchestrator with the
configured Active Directory. This option allows you to map the ePolicy Orchestrator System Tree structure
with a registered AD. Using this option, you can import and effectively manage large numbers of
systems in ePolicy Orchestrator.
This option works only with Active Directory.
Refer to the product documentation for your version of McAfee ePO, for detailed procedures on how to
import systems from Active Directory to ePolicy Orchestrator.
4
Deployment and activation
High level process of the installation
36
McAfee Endpoint Encryption 7.0 Patch 1 Software Best Practices Guide