12th October 2024

Creating DLP(Data Loss/Leak Prevention) Admin on Mcafee ePO

Multiple products are managed via Mcafee ePO. These may require privileged authorization. We will authorize the DLP(Data Loss/Leak Prevention) product on Mcafee ePO. The personnel we have authorized will only see the fields about the DLP product.

Setting “Permission Sets”

For this, we first click on the “Menu -> Permission Sets” button on Mcafee ePO.

Permission Sets
Permission Sets

 

On the “Permission Sets” screen, click the “New Permission Set” button at the top.

New Permission Set
New Permission Set

 

In the “New Permission Set” screen, you can give the unit name as the name. As an example, we gave “DLP Admin“. Exit by clicking the “Save” button.

DLP Admin
DLP Admin

 

We choose the “DLP Admin” that we created in the “Permission Set” settings. Here we click the “Edit” button for the “Data Loss Prevention“, “Dashboards“, “DLP Help Desk Actions” tab. We give permissions as seen on the screen below.

DLP Admin
DLP Admin
Dashboards
Dashboards
Data Loss Prevention
Data Loss Prevention
DLP Help Desk Actions
DLP Help Desk Actions

 

And then click the “Edit” button for the “Policy Assignment Rule“, “Systems“, “System Tree access:“, tab. We give permissions as seen on the screen below.

DLP Admin
DLP Admin
Policy Assignment Rule
Policy Assignment Rule
Systems
Systems
System Tree access
System Tree access

 

User Creation and Settings

As a first step, we will create a user. For this, we click on the “Menu -> Users” button on Mcafee ePO.

Users
Users

 

Click the “New User” button at the top of the “Users” screen.

New User
New User

 

Here, enter the user’s job in the “User name” field. If Active Directory is used in the environment, you can add a user from the “Windows authentication” section. If not, you can create a user via ePO from the “ePO authentication” section. The important thing here is the “Manually assigned permission sets” part. Here we select the “Permission set” that we created. We choose “” set. Exit by clicking the “Save” button.

LEARN MORE  Removing Mcafee Agent from Client - Removing Mcafee Agent Tool
create a dlp new user on Mcafee ePO
Create a dlp new user on Mcafee ePO

 

DLP Policy Settings

Third, we will set the “DLP Policy” settings. For this, we click on the “Menu -> Policy Catalog” button on Mcafee ePO.

Policy Catalog
Policy Catalog

 

On the “Policy Catalog” page, we click on the “Data Loss Prevention 11.6” option. Here we choose the DLP policy we use. Click on the “Administrator” option in the “Owner” option on the right.

Data Loss Prevention -> Owner
Data Loss Prevention -> Owner

 

We select the user “01_omer” that we created on the “Policy Ownership” page. Click the “Save” button.

Policy Ownership
Policy Ownership

 

The “01_omer” user we have chosen as the owner is as seen below.

Owner
Owner

 

Login to “McAfee ePolicy Orchestrator”

We log in to “ePolicy Orchestrator” with the user we created.

Login to "McAfee ePolicy Orchestrator"
Login to “McAfee ePolicy Orchestrator”

 

We can see a limited number of categories on the screen as a result of the authorizations we have given for the user we have created. Here you can see the DLP admin authorizations we have given in the “Menu” tab.

DLP admin authorization
DLP admin authorization

 

Leave a Reply

Your email address will not be published. Required fields are marked *