Skip to main content

McAfee Drive Encryption 6.x

Connector name

agtmcee6

Connector type

Executable

Type (UI field value)

McAfee Drive Encryption

Target system versions supported / tested

McAfee Drive Encryption 6.x or McAfee Drive Encryption 7.x

Connector status / support

Customer-Verified

Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system.

The following Bravura Security Fabric operations are supported by this connector (depending on your product license and version):

  • administrator reset password

  • reset hard drive encryption password

  • Challenge-response - generate an unlock code to recover control of a machine after reboot (6.2+)

  • get server information

  • List:

    • accounts

Preparation

Before you can target McAfee Drive Encryption 7.x or Endpoint Encryption:

  1. Install the McAfee server/client software according to the installation instructions in the McAfee documentation.

  2. If the McAfee server is using a self-signed certificate or a certificate not from a trusted certificate source, import the certificate into the Bravura Security Fabric server’s Windows certificate store.

  3. If support for the verify or reset operation is required, add the Active Directory/LDAP system that the McAfee server is synchronized with as a source of profiles target system. Enable auto-association of accounts on the McAfee server.

Setting up a target system administrator

Bravura Security Fabric uses the logon credentials for the McAfee ePolicy Orchestrator to perform Bravura Security Fabric operations. The following permissions are required for password and account operations:

  • Permissions needed for ePO administrator user:

    • Queries and Reports: Use public groups

    • System Tree access: <Access to nodes where relevant users are>

  • Permissions needed for Drive Encryption or Endpoint Encryption:

    • Allow administrator recovery

    • Change and view user management

  • Permissions needed for retrieving McAfee ePolicy Orchestrator server version for serverinfo operation:

    • Global administrator privileges

Targeting the McAfee Drive Encryption system

For each McAfee Drive/Endpoint Encryption system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems):

  • Type is McAfee Drive Encryption .

  • Address uses the following options:

    Server The McAfee server’s host name or IP address.

    (key: server)

    Port The console to server application port, typically 8443

    (key: port)

    Connection over SSL Switch connection over SSL protocol. Default is "true".

    (key: ssl)

    Validate the server’s certificate when connecting determines whether to validate the server’s security certificate for SSL connection. Default is "true".

    (key: checkCert)

    HTTP Network Proxy specifies a proxy URL to use for connecting.

    (key: proxy)

    Database server name The name or IP address of the backing database server used by the McAfee server.

    This can be checked from the Endpoint encryption connector manager.

    (key: dbserver)

    Database name The name of the database on the database server, used by the McAfee server.

    The name can be checked from the Endpoint encryption connector manager.

    When database server and name are not specified, the connector does not make wake-up calls to the client.

    ODBC Driver Select:

    • SQL Server Native Client 9 - for SQL Server 2005

    • SQL Server Native Client 10.0 - for SQL Server 2008

    • SQL Server Native Client 11.0 - for SQL Server 2012/2014

    • ODBC Driver 11 for SQL Server - for SQL Server

    (key: driver)

    The address is entered in KVGroup syntax:

    {server=<server name>;port=<port>;[proxy=<URL>;][ssl=<true|false>;][checkCert=<true|false>;][dbsever=<servername>;][dbname=<name>;]driver=<driver>;}

  • For the target system administrator, use the credentials for the administrative user of the McAfee ePolicy Orchestrator server.

  • If you specify dbserver and dbname, add a second set of administrative credentials for logging into the database server. Identify it as a System password.

The full list of target parameters is explained in Target System Options .

Handling target system attributes

You can view the complete list of attributes that Bravura Security Fabric can manage, including native and pseudo-attributes, using the Manage the system (PSA) module. To do this, select McAfee Drive Encryption from the Manage the system > Resources > Account attributes > Target system type menu.

For information about the native McAfee Drive Encryption 6.x or McAfee Drive Encryption 7.x attributes managed by Bravura Security Fabric , consult your McAfee documentation.

In this section: