McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide
COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. 2
Contents Installing Host DLP in a Cluster Environment........................................... 4 Requirements............................................................................. 4 Installing the McAfee Host Data Loss Prevention extension........................................ 4 Upgrading McAfee Host Data Loss Prevention................................................... 5 Installing Host DLP WCF service.............................................................. 6 Testing the cluster.......................................................................... 6 3
Installing Host DLP in a Cluster Environment McAfee Host Data Loss Prevention 9.1 software provides high availability for environments running epolicy Orchestrator 4.5 in a cluster. This guide describes Host DLP installation on a Microsoft Win 2008 Server with Failover Clustering role. Installation on other operating systems has not been tested and is not currently supported. Contents Requirements Installing the McAfee Host Data Loss Prevention extension Upgrading McAfee Host Data Loss Prevention Installing Host DLP WCF service Testing the cluster Requirements Before running McAfee Host Data Loss Prevention 9.1 in a cluster environment ensure that: Microsoft Failover Clustering is set up and running on a cluster of two or more servers. Two separate drives are configured for clustering: a Quorum drive and a Data drive. There is a supported database server (SQL 2005 or SQL 2008) in the network. McAfee epolicy Orchestrator is set up according to the McAfee epolicy Orchestrator 4.5 Cluster Installation Guide. The guide can be found at: https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/21000/pd21842/en_us/epo_450_cluster_instal_guide_en-us.pdf. Installing the McAfee Host Data Loss Prevention extension Use this task for a clean installation of the McAfee Host Data Loss Prevention software version 9.1 extension in epolicy Orchestrator on one of the nodes. Before you begin Verify that the epolicy Orchestrator server name is listed under Trusted Sites in the Internet Explorer security settings. Change the epolicy Orchestrator event parser service login method to User Credentials. The Host DLP Management Tools installer and DLP Policy initialization wizard use ActiveX technology. To prevent the installer from being blocked, verify that the following are enabled in Internet Explorer Tools Internet Options Security Custom level: 4
Installing Host DLP in a Cluster Environment Upgrading McAfee Host Data Loss Prevention Automatic prompting for ActiveX controls Download signed ActiveX controls 1 In epolicy Orchestrator, click Menu Software Extensions, then click Install Extension. 2 Browse to and select the Host DLP Policy zip file (..\HDLP_9_1_0_xxx.zip). Click Open, then OK. The installation dialog box displays the file parameters to verify that you are installing the correct extension. 3 Click OK. The extension is installed. 4 Click Install Extension again, Browse to and select the Help zip file (...help_dlp_900.zip). Click Open, then OK. NOTE: This file contains the Host DLP extension to the epo Help system. 5 Click OK. The other nodes are updated automatically. 6 To verify Host DLP extension installation, navigate in epolicy Orchestrator to Menu Data Protection DLP Monitor. The DLP Management Tool Wizard runs to complete the installation. Upgrading McAfee Host Data Loss Prevention Use this task to upgrade an earlier version of McAfee Host Data Loss Prevention software to version 9.1 in epolicy Orchestrator. CAUTION: If you want to be able to view previous events in the Host DLP Monitor, do not delete the existing McAfee Host Data Loss Prevention extension in epolicy Orchestrator. Removing the extension removes all events from the Host DLP Database. Before you begin When downloading the files from the McAfee download site for McAfee Host Data Loss Prevention, follow the link to the download page for epolicy Orchestrator Help, and download the latest Help zip file. Log out of epolicy Orchestrator and close the browser window. (Step 1 cannot be completed without doing this.) 1 From the Windows Control Panel, using Add or Remove Programs, uninstall the Host DLP Management Tools. This step should be performed on each node. 2 In epolicy Orchestrator, go to Software Extensions. Click Install Extension, then click Browse and select the McAfee Host Data Loss Prevention policy manager zip file (..\HDLP_Extension_9_1_0_xxx.zip). Click Open, then OK twice. The extension is installed, and appears in the extension list. If you are installing without removing the previous extension, you see a warning that the new extension will replace the existing one. Click OK. 5
Installing Host DLP in a Cluster Environment Installing Host DLP WCF service 3 Install Extension again, Browse and select the Help zip file (..\help_dlp_910.zip). Click Open, then clickok. The installation dialog box warns you that you will replace the existing Help system. Click OK. NOTE: This file contains the Host DLP extension to the epo Help system. Log out of epolicy Orchestrator, then log back in. New features not supported by the previous installed version might not work if you do not do this. 4 To verify Host DLP extension installation, navigate in epolicy Orchestrator to Menu Data Protection DLP Monitor. The DLP Management Tool Wizard runs to complete the installation. Installing Host DLP WCF service Use this task to install and configure the WCF service. This must be done on each of the nodes. NOTE: Perform this task even if you are upgrading from a previous McAfee Host Data Loss Prevention version. Failure to do so can lead to errors when trying to save the global policy to the reporting database or updating database credentials. Before you begin Add the logged on user to the MS SQL database as a Windows or SQL user, according to which form of authorization you plan to use. Log out of epolicy Orchestrator. 1 Browse to and run the DLPWCFServiceInstaller.msi installer. 2 Follow the wizard until you reach the Select Installation Folder page. Verify that the destination folder is the local drive and the not shared drive. 3 Continue until you reach the SQL Database page. Provide the following information: Database Server Name of the server hosting the epo database. Database Name Name of the epo database Database Server Credentials Credentials to connect to the database server NOTE: Changes to the WCF configuration should be performed on each node separately. Testing the cluster When the McAfee Host Data Loss Prevention 9.1 cluster is set up and online, use this task to ensure that Host DLP functions in a failover situation. 1 Restart the system functioning as the active node. The passive node automatically becomes the active node. 2 Log in to epolicy Orchestrator, open Data Protection DLP Policy and click Apply to apply the policy. If the apply policy screen finishes successfully you can conclude that the Host DLP cluster has continued to function during the failover. 6