Multiple products are managed via Mcafee ePO. These may require privileged authorization. We will authorize the DLP(Data Loss/Leak Prevention) product on Mcafee ePO. The personnel we have authorized will only see the fields about the DLP product.
Setting “Permission Sets”
For this, we first click on the “Menu -> Permission Sets” button on Mcafee ePO.
![Permission Sets](https://www.systemconf.com/wp-content/uploads/2021/10/img_616013310703a.png)
On the “Permission Sets” screen, click the “New Permission Set” button at the top.
![New Permission Set](https://www.systemconf.com/wp-content/uploads/2021/10/img_616015858eee8.png)
In the “New Permission Set” screen, you can give the unit name as the name. As an example, we gave “DLP Admin“. Exit by clicking the “Save” button.
![DLP Admin](https://www.systemconf.com/wp-content/uploads/2021/10/img_61648190defb2.png)
We choose the “DLP Admin” that we created in the “Permission Set” settings. Here we click the “Edit” button for the “Data Loss Prevention“, “Dashboards“, “DLP Help Desk Actions” tab. We give permissions as seen on the screen below.
![DLP Admin](https://www.systemconf.com/wp-content/uploads/2021/10/img_616482f18ce0a.png)
![Dashboards](https://www.systemconf.com/wp-content/uploads/2021/10/img_6164785bf1e8f.png)
![Data Loss Prevention](https://www.systemconf.com/wp-content/uploads/2021/10/img_6164798c03da9.png)
![DLP Help Desk Actions](https://www.systemconf.com/wp-content/uploads/2021/10/img_616479bdacbe6.png)
And then click the “Edit” button for the “Policy Assignment Rule“, “Systems“, “System Tree access:“, tab. We give permissions as seen on the screen below.
![DLP Admin](https://www.systemconf.com/wp-content/uploads/2021/10/img_616483e50f549.png)
![Policy Assignment Rule](https://www.systemconf.com/wp-content/uploads/2021/10/img_61647a5e42125.png)
![Systems](https://www.systemconf.com/wp-content/uploads/2021/10/img_61647aa4a7d8a.png)
![System Tree access](https://www.systemconf.com/wp-content/uploads/2021/10/img_61647ace6d87d.png)
User Creation and Settings
As a first step, we will create a user. For this, we click on the “Menu -> Users” button on Mcafee ePO.
![Users](https://www.systemconf.com/wp-content/uploads/2021/10/img_616024efa8570.png)
Click the “New User” button at the top of the “Users” screen.
![New User](https://www.systemconf.com/wp-content/uploads/2021/10/img_616024890d467.png)
Here, enter the user’s job in the “User name” field. If Active Directory is used in the environment, you can add a user from the “Windows authentication” section. If not, you can create a user via ePO from the “ePO authentication” section. The important thing here is the “Manually assigned permission sets” part. Here we select the “Permission set” that we created. We choose “” set. Exit by clicking the “Save” button.
![create a dlp new user on Mcafee ePO](https://www.systemconf.com/wp-content/uploads/2021/10/img_616485cf83e52.png)
DLP Policy Settings
Third, we will set the “DLP Policy” settings. For this, we click on the “Menu -> Policy Catalog” button on Mcafee ePO.
![Policy Catalog](https://www.systemconf.com/wp-content/uploads/2021/10/img_6164878e35429.png)
On the “Policy Catalog” page, we click on the “Data Loss Prevention 11.6” option. Here we choose the DLP policy we use. Click on the “Administrator” option in the “Owner” option on the right.
![Data Loss Prevention -> Owner](https://www.systemconf.com/wp-content/uploads/2021/10/img_61648b28614aa.png)
We select the user “01_omer” that we created on the “Policy Ownership” page. Click the “Save” button.
![Policy Ownership](https://www.systemconf.com/wp-content/uploads/2021/10/img_61648bb70f226.png)
The “01_omer” user we have chosen as the owner is as seen below.
![Owner](https://www.systemconf.com/wp-content/uploads/2021/10/img_61648c6c2470c.png)
Login to “McAfee ePolicy Orchestrator”
We log in to “ePolicy Orchestrator” with the user we created.
![Login to "McAfee ePolicy Orchestrator"](https://www.systemconf.com/wp-content/uploads/2021/10/img_6164909c0edf1.png)
We can see a limited number of categories on the screen as a result of the authorizations we have given for the user we have created. Here you can see the DLP admin authorizations we have given in the “Menu” tab.
![DLP admin authorization](https://www.systemconf.com/wp-content/uploads/2021/10/img_61648f79dbebf.png)