McAfee DLP Manager

McAfee DLP Manager

Flexible, centralized management for McAfee Data Loss Prevention (DLP)

Next Steps:

Overview

McAfee DLP Manager provides a flexible, efficient, and cost-effective data control solution, delivering streamlined incident monitoring, dynamic searching, and easy policy building. DLP Manager allows you to configure, control, and monitor all McAfee DLP components from a single interface.

Gain incident visibility — DLP Manager allows you to view all incidents generated by McAfee DLP anywhere in your network.

Quickly create reports — With DLP Manager, you can quickly generate reports that cover one, multiple, or all McAfee DLP components, and combine incidents and cases as needed to fit your workflow.

Perform sensitive data searches — DLP Manager allows you to perform searches against all McAfee DLP components to find sensitive data, learn how it is used, fine-tune rules, and validate policies on the fly.

Get started quickly You can deploy preconfigured policies for common regulations such as HIPAA and PCI.

Expedite setup with built-in roles — DLP Manager’s built-in roles expedite setup for key team members. You can add custom administration roles, allowing any user to configure, manage, monitor, and respond to any data or incident within their control.

Features & Benefits

Save time and money with central management

Configure, manage, and monitor all DLP components with the familiar McAfee ePolicy Orchestrator (ePO) platform, and create comprehensive dashboards and reports from one central console.

Control incident views based on role

Determine who views specific incidents, from general risk reporting to detailed incident information. Protect sensitive information with data changes right in the management user interface.

Streamline remediation

Configure, manage, check status, and view all alerts from a single console. Quickly hand off cases and incidents between authorized administrators.

Improve case management

Consolidate and address group-related incidents that require remediation. Easily track multiple incidents and cases, and escalate incidents to different users. Access a detailed case history, export cases for offline viewing, and send email notifications to case owners if a change is made.

Simplify incident reporting

Access a centralized view of all incidents that were generated by any McAfee DLP component. Generate reports that cover one, multiple, or all McAfee DLP components. Automate reporting with prepackaged, configurable reports that you can schedule for automatic email delivery in multiple formats.

Use advanced data control

Search, mine, and analyze data. Find sensitive data, learn how it is used, fine-tune rules quickly, and validate rules on the fly.

Perform comprehensive data filtering

Quickly filter information to get to specific data of interest. Automatically create filters by selecting data values, and easily add, remove, and compound filters.

Manage from a single interface

Configure and manage any McAfee DLP component from a single interface, the McAfee ePO platform, and easily check the status of CPU utilization, disk utilization, and network throughput. View remediation alarms and alerts generated by any managed McAfee DLP component.

Streamline policy and rule distribution

Distribute polices and rules for all, or specific, data loss vectors. Configure and distribute action rules, including email notification, encryption, quarantining, redirection, bouncing, and blocking.

Improve incident workflow management

Correlate incidents into a customizable dashboard. Escalate incidents through a flexible embedded case management tool and delegate responsibility for a specific incident and/or case among key users. Rules affected by workflow changes are easily updated.

Accelerate setup through preconfigured roles

Expedite setup using preconfigured roles for key members of teams within the organization, including administrators, legal, human resources, compliance, operations, and information security. Assign permissions to a role with high granularity and define additional roles with a few mouse clicks. Integrate with LDAP or Microsoft Active Directory for centralized authentication services.

System Requirements

McAfee DLP Manager, McAfee DLP Monitor, McAfee DLP Discover, and McAfee DLP Prevent are now supported on the McAfee DLP 5500 appliance. The DLP 5500 appliance is an Intel-based platform with dual six core CPUs, 32 GB of RAM and over 10 TB of storage in a 2U form factor. DLP hardware appliance solutions are self-contained devices. There are no minimum software or hardware system requirements or additional database installations required.

McAfee DLP 5500 Appliance

  • System
    • CPU: 2x Intel E5-2620, 6 core, 15 M Cache, 2.0 GHz, 7.20 GT/s Intel QPI
    • Memory:32 GB P1333 DDR3
    • Hard Drives: 8 x 2 TB 7,200 rpm 3.5" SATA drives
    • Network Interfaces: Intel Dual Copper 1 Gb Ethernet I/O Module
    • IPMI: Intel Remote Management Modules 4 (AXXRMM4)
  • Power
    • 2 x 760W hot-swap Power Supply Modules
  • Dimensions
    • 17.57"W x 30.79"D x 3.43"H
    • Form factor: 2RU
  • Weight
    • 67 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • NRTL Certification (US/Canada)CB Certification (International)
    • CE Declaration of Conformity (CENELEC Europe)
    • FCC/ICES-003 Class A Attestation (USA/Canada)
    • USA-UL
    • VCCI Certification (Japan)
    • C-Tick Declaration of Conformity (Australia)
    • MED Declaration of Conformity (New Zealand)
    • BSMI Certification (Taiwan)
    • GOST R Certification / Certification (Russia)
    • CC Certification (Korea)
    • IRAM Certification (Argentina)
    • Ecology Declaration (International)
    • China RoHS Environmental Friendly Use Period
    • Packaging & Product Recycling Marks
    • SABS (South Africa)
    • NOM/NYCE (Mexico)
    • CCC Certification (China)
    • CC EAL 2+
    • FIPS-compliant encryption algorithms
    • Security Technical Implementations Guide (STIG)

Virtual Appliance Minimum Hardware Requirements

  • System
    • CPU: Intel Quad Core
    • Memory: 16 GB RAM
    • Hard Drive(s):
      • Drive 1: 100 GB for VM software
      • Drive 2: 512 GB for DLP virtual image
    • Network Ports: 4 Virtual NICs
    • BIOS: Enable VT thread

Legacy System Requirements

The Network DLP 4400, Network DLP 1650, and Network DLP 3650 appliances have been discontinued. In accordance with McAfee’s End of Life policy, they are being supported until October 2016.

McAfee DLP 4400 Appliance

  • System
    • CPU: 2x Intel X5660, 12M Cache, 2.8 GHz (6 cores)
    • Memory: 24 GB P1333 DDR3
    • Hard Drives: 12 x 1 TB 7,200 rpm 3.5" SATA drives (8 TB usable storage)
    • Network Interfaces: Intel Dual Copper 1 Gb Ethernet I/O Module
    • RAID Controller: Intel RS2MB044
  • Power
    • 2 x 760W hot-swap Power Supply Modules
  • Dimensions
    • 17.57"W x 30.79"D x 3.43"H
    • Form factor: 2RU
  • Weight
    • 67 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • NRTL Certification (US/Canada)CB Certification (International)
    • CE Declaration of Conformity (CENELEC Europe)
    • FCC/ICES-003 Class A Attestation (USA/Canada)
    • USA-UL
    • VCCI Certification (Japan)
    • C-Tick Declaration of Conformity (Australia)
    • MED Declaration of Conformity (New Zealand)
    • BSMI Certification (Taiwan)
    • GOST R Certification / Certification (Russia)
    • CC Certification (Korea)
    • IRAM Certification (Argentina)
    • Ecology Declaration (International)
    • China RoHS Environmental Friendly Use Period
    • Packaging & Product Recycling Marks
    • SABS (South Africa)
    • NOM/NYCE (Mexico)
    • CCC Certification (China)
    • CC EAL 2+
    • FIPS-compliant encryption algorithms
    • Security Technical Implementations Guide (STIG)

Virtual Appliance Minimum Hardware Requirements

  • System
    • CPU: Intel Quad Core
    • Memory: 8 GB RAM
    • Hard Drive(s):
      • Drive 1: 128 GB for VM software
      • Drive 2: 640 GB for DLP virtual image
    • Network Ports:
      • 2 ports for DLP Monitor application
      • 1 port for DLP Prevent, DLP Manager, or DLP Discover applications
    • BIOS: Enable VT thread

McAfee Network DLP 1650 Appliance

  • System
    • Memory: 16 GB
    • Fans: 5 cooling fans
    • Datastore capacity: 500 GB
    • Drive bays: 4
    • Disk capacity: 500 GB
    • Disk technology: SATA2
    • Optional expansion cards: External storage interconnection card
    • Network interfaces: Two 10/100/1000 copper network interface
    • RAID level: RAID-1
  • Power
    • Redundant hot-swappable 650-W AC-DC power supply, 100- to 240-V AC, 50–60 hertz
  • Dimensions
    • 17 1/4"W x 27 3/4"D x 1 3/4"H
    • Form factor: 1RU
  • Weight
    • 39 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • USA-UL
    • Canada-CUL
    • Germany-TÜV
    • EN 60950
    • IEC 60950
    • CB report
    • CCC certification

McAfee Network DLP 3650 Appliance

  • System
    • Memory: 16 GB
    • Fans: 5 cooling fans/redundant rear exhaust fans
    • Datastore capacity: 6 TB
    • Drive bays: 16
    • Disk capacity: 500 GB
    • Disk technology: SATA2
    • Optional expansion cards: External storage interconnection card
    • Network interfaces: Two 10/100/1000 copper network interface
    • RAID levels: RAID-1 and RAID-5
  • Power
    • Redundant hot-swappable 800-W AC-DC power supply, 100- to 240-V AC, 50–60 hertz
  • Dimensions
    • 17 1/4"W x 25 1/2"D x 5 1/4"H
    • Form factor: 3RU
  • Weight
    • 72 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity Range: 8%–90%, non-condensing
  • Compliance
    • USA-UL
    • Canada-CUL
    • Germany-TÜV
    • EN 60950
    • IEC 60950
    • CB report
    • CCC certification

Resources

Data Sheets

McAfee DLP Manager

For a technical summary on the McAfee product listed above, please view the product data sheet.

Community

Blogs

  • When Hackers Get Hacked: the Malware Servers of a Data-Stealing Campaign
    Ankit Anubhav - May 29, 2015

    Selling stolen data is an easy way for cybercriminals to make some quick money on cyber black markets. The following flowchart shows a generic credential-stealing campaign in action. In the last step, the flow is bidirectional. The malware makes a two-way authentication-free connection between the victim and the attacker. This two way connection not only […]

    The post When Hackers Get Hacked: the Malware Servers of a Data-Stealing Campaign appeared first on McAfee.

  • What is the Cloud?
    Robert Siciliano - May 25, 2015

    You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there? The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may […]

    The post What is the Cloud? appeared first on McAfee.

  • Kraken/Laziok HTTP Bot Controls Victims With Remote Admin Tool
    Umesh Wanve - May 19, 2015

    Lately, McAfee Labs has observed a lot of active samples detected as Trojan Laziok by many security vendors. According to online reports, the Trojan Laziok is dropped via an exploit of the Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability (CVE-2012-0158), which arrives via a spam email. In contrast, we have identified the […]

    The post Kraken/Laziok HTTP Bot Controls Victims With Remote Admin Tool appeared first on McAfee.

  • Understanding the Scope of Venom (CVE-2015-3456)
    Jim Walter - May 19, 2015

    In recent days, much has been said and written around the recently disclosed “Venom” vulnerability. It is important to fully understand the real-world severity of vulnerabilities such as Venom. Although the threat is potentially severe and certainly interesting (it is in a class of relatively rare guest escapes from virtual machines), one has to take into […]

    The post Understanding the Scope of Venom (CVE-2015-3456) appeared first on McAfee.

  • Enhanced Certificate Security – Pinning
    McAfee Foundstone Professional Services - May 18, 2015

    Written by Deepak Choudhary There are always risks involved when relying on a third party to send and receive sensitive data over secure network channels. While we recognize the roles of the Public Key Infrastructure (PKI) and third party certificate authority (CA), we also believe that Certificate SSL Pinning can play a key role in […]

    The post Enhanced Certificate Security – Pinning appeared first on McAfee.

Threats and Risks