Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
51525354555657585960
Table Of Contents
Importing the systems or users from 5.x.x database into the McAfee ePO server
Make sure that 5.x.x and 7.0 Patch 1 are connected to the same LDAP server during the export and
import process.
Make sure that you have registered an LDAP server on the McAfee ePO server before initiating the
import process.
Make sure that you have scheduled and run the EE LDAP Server User/Group Synchronization Server task
before initiating the import process.
Analyze the colorcoordinated results in different phases of the import. It guides you to make
appropriate decisions before proceeding to the next step.
Do not navigate away or shut the browser when the import is running on ePolicy Orchestrator.
Doing so interrupts the import thread and stops the import process. When the import is running,
you can see the message Please wait, assigning users to systems in the top left of the McAfee
ePO console.
After you import the systems or users from 5.x.x database into the McAfee ePO server, check that
the systems, users, and the audit details are imported as you expected. Check that the password
token, self recovery, SSO details, if available, are imported as you expected.
Conduct a policy review after the import process. If you need your 5.x.x policy settings for 7.0
Patch 1, you must set them before upgrading the client. Make sure that you enable the Encrypt
product setting policy under Endpoint Encryption 7.0.1 | Product Settings | Encrypt. If this is
not set, encrypted client system starts decrypting by default.
To initiate the encryption on the client, you must select any one of the options other than None. The
default option None does not initiate the encryption.
Some firewall software enforce HTTP session timeouts. During the import you should review your
firewall settings according to the manufacturer documentation and take the necessary actions to
prevent the firewall from timing out the session.
Before upgrading the client, make sure that the user's UBP enforcement settings are correct and
the appropriate Policy Assignment Rule is created on McAfee ePO if those users are intended to use
the nondefault UBP.
Upgrading to Endpoint Encryption 7.0 Patch 1
Make sure that the system to be migrated is managed by the McAfee ePO server.
Migration of users directly from 5.x.x client to the new EEPC 7.0 Patch 1 client is not supported.
Any migration of user assignments must be done on ePolicy Orchestrator before or after deploying
EEPC 7.0 Patch 1 to the client system.
To upgrade the client, first install the EEAgent, then the Endpoint Encryption software packages.
If 5.x.x users are found in the assigned LDAP OU/Group, the 5.x.x password token, SSO and Self
Recovery data will be transferred to EEPC 7.0 Patch 1. If new users are present in the assigned
LDAP OU/Group, then they are added to EEPC 7.0 Patch 1, as users not being initialized.
When upgrading from EEMac 1.x/6.x to EEMac 7.0 Patch 1, make sure that you restart the client
system when prompted. EEMac services will not be available until you restart the client system.
6
Migration and upgrade
Best practices for migration and upgrade
52
McAfee Endpoint Encryption 7.0 Patch 1 Software Best Practices Guide