McAfee DFFCDE-AA-DA Product Manual

McAfee Endpoint Encryption for Files and Folders

4.0.0

Product Guide

COPYRIGHT

Copyright © 2011 McAfee, Inc. All Rights Reserved.

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form
or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.

TRADEMARK ATTRIBUTIONS

AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE
EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN,
WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in
connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property
of their respective owners.

LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED,
WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH
TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS
THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET,
A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU
DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN
THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide2

Contents

Introducing McAfee Endpoint Encryption for Files and Folders. . . . . . . . . . . . . . . . . . . . . . . 5

Installing EEFF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Uninstalling EEFF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Why EEFF?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

How EEFF 4.0 works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

EEFF Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

System requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

About this guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Installing EEFF using ePO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Checking in the EEFF deployment package. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Installing EEFF extension. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Installing the ePO help extension. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Registering an LDAP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Deploying EEFF on managed nodes using ePO 4.5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Deploying EEFF on managed systems using ePO 4.6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Uninstalling EEFF from managed nodes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Uninstalling EEFF from managed nodes using ePO 4.6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Removing the EEFF extension. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Removing EEFF deployment package. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Uninstalling EEFF from managed nodes using command prompt. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Uninstalling EEFF from managed nodes using Shell command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Uninstalling EEFF from managed nodes using MSI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Configuring EEFF policies using ePO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

EEFF Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Creating a policy from Policy Catalog. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Editing the EEFF policy settings from Policy Catalog. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Assigning policies to a system or a system group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Assigning a policy to a managed node. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Assigning a policy to a system group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Enforcing EEFF policies on a system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Enforcing EEFF policies on a system group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

3McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Contents

How Policy Assignment Rules work. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Policy assignment rule priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Working with policy assignment rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

How multi-slot policies work. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Assigning multiple instances of Grant Key policy through System Tree. . . . . . . . . . . . . . . . . . . . . . . 25

Assigning Grant key policy through policy assignment rule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Viewing effective policy assigned to systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Viewing effective policy assigned to users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Managing EEFF keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Creating a regular key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Activating or deactivating keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Assigning keys to a policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Editing a key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Deleting keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Exporting keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Importing keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

How user personal keys work. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Working with user personal keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Managing EEFF Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Creating EEFF custom queries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Viewing the standard EEFF queries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Defining EEFF permission sets for ePO users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Creating permission sets for user accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Editing EEFF Policy Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Editing EEFF Key Server permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Appendix A: Removable Media registry controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Relaxing the Removable Media definition. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Exempt local drives and network shares from encryption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Appendix B: Best Practices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide4

Introducing McAfee Endpoint Encryption for
Files and Folders

McAfee Endpoint Encryption for Files and Folders (EEFF) offers data protection in the form of
powerful encryption technology so that only authorized users can access information.

Contents

Why EEFF?

How EEFF 4.0 works

EEFF Features

System requirements

About this guide

Why EEFF?

EEFF offers enhanced security to protect your data. EEFF depends on Microsoft Windows user
accounts and works in real-time to authenticate user to access encryption keys and to retrieve
the correct policy in EEFF. A smart card implementation based on Windows logon can be used
for enhanced security.

Endpoint Encryption for Files and Folders allows you to define and protect information in a way
that only certain users can access it. This data is stored, managed, archived, and distributed
as any other file is, however, it can be viewed only by those who have been granted access.

Endpoint Encryption for Files and Folders is a Persistent Encryption engine: when a file has
been encrypted and has been moved or copied to another place, it remains encrypted. If a file
is moved out of an encrypted directory, it will also remain encrypted. Likewise, if an encrypted
file is moved to a memory stick – the encryption will remain in place.

EEFF integrates with McAfee ePolicy Orchestrator (ePO), which provides a single point of control
over all the data on the systems. EEFF with ePO supports both user-based and system-based
policies. Assigning these policies to users encrypts the data on the client as configured.

EEFF depends on Microsoft Windows credentials therefore, both registered domain users and
local system users can be assented encryption policies and associated keys.

How EEFF 4.0 works

EEFF encrypts folders and files according to policies assigned to the user. These policies are
enforced by the ePO server.

5McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Introducing McAfee Endpoint Encryption for Files and Folders
EEFF Features

The client software is installed on the client system. After the installation, the system synchronizes
with the ePO server and acquires the user data. EEFF then assigns encryption policies and keys
to the user as configured.

EEFF client acts like a filter between the application creating or editing the files and the storage
media. When a file is saved, EEFF filter executes the assigned encryption policies and encrypts
the data, if applicable. If the user manages to kill the main EEFF process on the client system,
EEFF encrypts folders and files according to policies assigned to the user. These policies are
enforced by the ePO server.

The client software is installed on the client system. After the installation, the system synchronizes
with the ePO server and acquires the user data. EEFF then assigns encryption policies and keys
to the user as configured.

The EEFF client acts like a filter between the application creating or editing the files and the
storage media. When a file is saved, the EEFF filter executes the assigned encryption policies
and encrypts the data, if applicable. If the user manages to kill the main EEFF process
(MfeffCore.exe) on the client system, attempting to deviate from the assigned encryption policy,
the process will be automatically regenerated. The automatic restart cannot be disabled.

When a file that is encrypted with key A is moved to a folder where files are encrypted with
key B, the file encrypted with key A will immediately be re-encrypted with key B. This behavior
is known as
has access to both key A and key B. This operation takes place instantly when the file is placed
in the folder encrypted with key B.

follow-target-encryption

and requires that the user or process transferring the file

EEFF Features

• Centralized management — Provides support for deploying and managing McAfee Endpoint
Encryption for Files and Folders using ePO 4.5 and 4.6.

• Windows authentication based policy enforcement — Assigns encryption policies and
keys to Windows user accounts.

• Integration with the McAfee Tray icon - Consolidates the tray icons to one common
McAfee icon.

• User Personal Keys - Allow users to have individual keys, generated centrally and possible
to assign in policies for encryption.

• Protect data on Removable media — Provides support for removable media encryption.

• Migration from EEFF v3.x to EEFF v4 - Provides support for migrating keys from EEFF
v3.x to EEFF v4 by importing them into ePO.

• File Extension exclusion - Excludes the listed file types from encryption. For example,
MP3 and WAV files.

System requirements

System requirements

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide6

RequirementsSystems

See McAfee ePolicy Orchestrator 4.5 and 4.6 - Installation GuideePO Server Systems

Introducing McAfee Endpoint Encryption for Files and Folders
About this guide

Software requirements

RequirementsSoftware (or package name)

McAfee management software • ePO 4.5 (minimum patch 4) and 4.6

• McAfee Agent for Windows 4.5 (minimum Patch 2) and 4.6

Endpoint Encryption for Files and Folders • EEFF Extension

• EEFF_4.0.0_xxx.ZIP

• help_eeff_400.ZIP

• MfeEEFF_Client_4.0.0.x.ZIP

Redistributable” package ( for ePO)

Redistributable” package ( for ePO)

Operating system requirements

Client Systems • Microsoft Windows Vista (32-bit) SP 2

About this guide

This guide provides information on detailed instructions for managing the McAfee Endpoint
Encryption for Files and Folders 4.0 client.

Target audience

See McAfee ePolicy Orchestrator 4.5 and 4.6 - Installation GuideMicrosoft “Windows Installer 3.0

See McAfee ePolicy Orchestrator 4.5 and 4.6 - Installation GuideMicrosoft “.NET Framework 2.0

See McAfee ePolicy Orchestrator 4.5 and 4.6 - Installation GuideMicrosoft MSXML 6 ( for ePO)

SoftwareSystems

See McAfee ePolicy Orchestrator 4.5 and 4.6 - Installation GuideePO Server Systems

• Microsoft Windows XP (32-bit) SP 3

• Microsoft Windows 7 (32-bit and 64-bit) SP 0 and SP 1

This guide is mainly intended for McAfee Endpoint Encryption for Files and Folders users.

7McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Installing EEFF

This chapter describes how to install EEFF using McAfee ePolicy Orchestrator management
software version 4.5 and 4.6. To use this chapter effectively, you need to be familiar with ePO.

NOTE: This document does not provide detailed information about installing or using ePO. See

the McAfee ePolicy Orchestrator product documentation for more information.

Installing EEFF using ePO

The ePO server provides a scalable platform for centralized policy management and enforcement
of EEFF on the managed nodes. It also provides comprehensive reporting and product
deployment capabilities, all through a single point of control.

Tasks

Checking in the EEFF deployment package

Installing EEFF extension

Installing the ePO help extension

Registering an LDAP Server

Deploying EEFF on managed nodes using ePO 4.5

Deploying EEFF on managed systems using ePO 4.6

Checking in the EEFF deployment package

Use this task to check in the EEFF deployment package to the master repository.

Task

For option definitions, click ? in the interface.

1 Copy the MfeEEFF_Client_4.0.0.x archive to a temporary location of your ePO computer.

2 Log on to the ePO server as an administrator.

3 Click Menu | Software | Master Repository, then click Actions | Check In Package.

The Check In Package wizard appears.

4 In the Package page, select the Package type as Product or Update (.ZIP) and browse

in File path to locate MfeEEFF_Client_4.0.0.x saved in a temporary folder.

5 Click Next. The Package Options page appears with the package information.

6 Click Save.

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide8

Installing EEFF
Installing EEFF using ePO

Installing EEFF extension

Use this task to install the EEFF extension. The extension file is in .ZIP format.

Task

For option definitions, click ? in the interface.

1 Copy the EEFF_4.0.0_xxx archive to a temporary location of your ePO computer.

2 Log on to the ePO server as an administrator.

3 Click Menu | Software | Extensions | Install Extension. The Install Extension dialog

box appears.

4 Click Browse to locate the extension file EEFF_4.0.0_xxx, then click OK. The Install

Extension page appears with the extension name and version details.

5 Click OK.

Installing the ePO help extension

You can install the ePO help extension separately on the ePO 4.5 and 4.6 server using the

Software tab. The Help extension is a .ZIP file.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Software | Extensions | Install Extension. The Install Extension dialog

box appears.

3 Click Browse, then select the extension file help_eeff_400.ZIP, then click OK. The

Install Extension page appears with the extension name and version details.

4 Click OK.

Registering an LDAP Server

Use this option to register an LDAP Server such as Microsoft Active Directory (AD). You must
have a registered Active Directory to use Policy Assignment Rules, to enable dynamically assigned
permission sets, and automatic user account creation.

Before you begin

Make sure you have the appropriate rights to modify server settings, permission sets, users,
and registered servers.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Configuration | Registered Servers, then click New Server. The

Registered Server Builder wizard opens.

3 From the Server type drop-down list on the Description page, select LDAP Server, specify

a unique name (a user friendly name) and any details, then click Next. The Details page
appears.

9McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Installing EEFF
Installing EEFF using ePO

4 Type the Domain name or the Server name.

NOTE: Use DNS-style domain name. While using DNS-style domain name, ensure that the

system is configured with appropriate DNS setting and can resolve the DNS-style domain
name of the Active Directory. The Server name is the name or IP address of the system
where the Windows Active Directory is present.

5 Type the User name and Password.

NOTE: The User name should be of the format: domain\Username of Active Directory

accounts.

6 Click Test Connection to ensure that the connection to the server works, then click Save.

Deploying EEFF on managed nodes using ePO 4.5

Use this task to deploy EEFF on the managed nodes. ePO allows you to create tasks to deploy
product on a single node, or on groups of the system tree.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Systems | System Tree | Client Tasks, select the required group in the

System Tree, then click Actions | New Task. The Client Task Builder wizard appears.

3 In the Description page, type a Name for the task, Notes (optional), select the Type as

Product Deployment, then click Next.

4 In the Configuration page, select Target Platforms as Windows, Products and

components as McAfee Endpoint Encryption for Files and Folders 4.0.0.0, Action
as Install. Select an appropriate Language, then click Next.

5 Schedule the task to run immediately or as required, then click Next to view a summary

of the task.

6 Review the summary of the task, then click Save. The task is added to the list of client

tasks for the selected group and any group that inherits the task.

7 Send an agent wake-up call.

Deploying EEFF on managed systems using ePO 4.6

Use this task to deploy EEFF to groups of managed systems in the System Tree.

Task

For option definitions, click ? in the interface.

1 Click Menu | Policy | Client Task Catalog , select McAfee Agent | Product

Deployment as Client Task Types, then click Actions | New Task . The New Task dialog

box appears.

2 Ensure that Product Deployment is selected, then click OK.

3 Type a name for the task you are creating and add any notes.

4 Select Target Platforms as Windows, Products and components as McAfee Endpoint

Encryption for Files and Folders 4.0.0.0, Action as Install. Select an appropriate
Language

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide10

Installing EEFF
Installing EEFF using ePO

5 Next to Options, select if you want to run this task for every policy enforcement process

(Windows only) and click Save.

6 Click Menu | Systems | System Tree | Assigned Client Tasks, then select the required

group in the System Tree.

7 Select the Preset filter as Product Deployment (McAfee Agent).

Each assigned client task per selected category appears in the details pane.

8 Click Actions | New Client Task Assignment. The Client Task Assignment Builder wizard

appears.

9 On the Select Task page, select Product as McAfee Agent and Task Type as Product

Deployment, then select the task you created for deploying product.

10 Next to Tags, select the desired option, then click Next:

• Send this task to all computers

• Send this task to only computers that have the following criteria — Use one
of the edit links to configure the criteria.

11 On the Schedule page, select whether the schedule is enabled, and specify the schedule

details, then click Next.

12 Review the summary, then click Save.

11McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Uninstalling EEFF

This chapter describes how to uninstall EEFF from managed nodes and ePO server.

Contents

Uninstalling EEFF from managed nodes

Uninstalling EEFF from managed nodes using ePO 4.6

Removing the EEFF extension

Removing EEFF deployment package

Uninstalling EEFF from managed nodes using command prompt

Uninstalling EEFF from managed nodes

Use this task to uninstall EEFF from managed nodes.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Systems | System Tree | Client Tasks, select the required group in the

System Tree, then click Actions | New Task. The Client Task Builder wizard appears.

3 In the Description page, type a Name for the task, Notes (optional), select the Type as

Product Deployment, then click Next.

4 In the Configuration page, select Target Platforms as Windows, Products and

components as McAfee Endpoint Encryption for Files and Folders 4.0.0.0, Action
as Remove. Select an appropriate Language, then click Next.

5 Schedule the task to run immediately or as required, then click Next to view a summary

of the task.

6 Review the summary of the task, then click Save.

7 Send an agent wake-up call.

Uninstalling EEFF from managed nodes using ePO

4.6

Use this task to unistall EEFF from managed systems in the System Tree.

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide12

Uninstalling EEFF
Removing the EEFF extension

Task

For option definitions, click ? in the interface.

1 Click Menu | Policy | Client Task Catalog , select McAfee Agent | Product

Deployment as Client Task Types, then click Actions | New Task . The New Task dialog

box appears.

2 Ensure that Product Deployment is selected, then click OK.

3 Type a name for the task you are creating and add any notes.

4 Select Target Platforms as Windows, Products and components as McAfee Endpoint

Encryption for Files and Folders 4.0.0.0, Action as Remove. Select an appropriate
Language

5 Next to Options, select if you want to run this task for every policy enforcement process

(Windows only) and click Save.

6 Click Menu | Systems | System Tree | Assigned Client Tasks, then select the required

group in the System Tree.

7 Select the Preset filter as Product Deployment (McAfee Agent).

Each assigned client task per selected category appears in the details pane.

8 Click Actions | New Client Task Assignment. The Client Task Assignment Builder wizard

appears.

9 On the Select Task page, select Product as McAfee Agent and Task Type as Product

Deployment, then select the task you created for uninstalling EEFF from managed nodes.

10 Next to Tags, select the desired option, then click Next:

• Send this task to all computers

• Send this task to only computers that have the following criteria — Use one
of the edit links to configure the criteria.

11 On the Schedule page, select whether the schedule is enabled, and specify the schedule

details, then click Next.

12 Review the summary, then click Save.

Removing the EEFF extension

Use this task to remove the EEFF extension from the ePO server.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Software | Extensions. The Extension page appears with the extension

name and version details.

3 Select the Endpoint Encryption for Files and Folders extension file, then click Remove.

The Remove extension confirmation page appears.

4 Select Force removal, bypassing any checks or errors to force product extension

removal, then click OK.

13McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide

Uninstalling EEFF
Removing EEFF deployment package

Removing EEFF deployment package

Use this task to remove the EEFF deployment package from the ePO.

Task

For option definitions, click ? in the interface.

1 Log on to the ePO server as an administrator.

2 Click Menu | Software | Master Repository. The Packages in Master Repository page

appears with the list of software packages and their details.

3 Click Delete next to EEFF package. The Delete package confirmation page appears.

4 Click OK on the Delete Package page.

Uninstalling EEFF from managed nodes using
command prompt

Use these tasks to uninstall EEFF from managed nodes using command prompt.

Uninstalling EEFF from managed nodes using Shell command

Use this task to uninstall EEFF from a managed node using MfeFfShell command.

Before you begin

You should have administrator rights to run this command on the managed node.

Task

For option definitions, click ? in the interface.

1 On the command prompt navigate to the folder where EEFF was installed.

NOTE: By default, EEFF is installed in

[SYSDRIVE]:\Program Files\McAfee\Endpoint Encryption for Files and Folders

2 Run the following command MfeFfShell.com-force_uninstall. You will be prompted to

restart the system after uninstallation.

Uninstalling EEFF from managed nodes using MSI

Use this task to uninstall EEFF from a managed node using MSI.

Before you begin

You should have administrator rights to run this command on the managed node.

Task

For option definitions, click ? in the interface.

McAfee Endpoint Encryption for Files and Folders version 4.0.0 Product Guide14