User Manual For McAfee Agent - The Chinese University of Hong

Transcription

THE CHINESE UNIVERSITY OF HONG KONG
User Manual
For
McAfee Agent
Prepared by
Information Technology Services Centre
The Chinese University of Hong Kong
Version 1.0
User Manual for McAfee Agent v1.0
Table of Contents
Table of Contents............................................................................................................................. 2
1.
2.
3.
4.
5.
6.
Introduction ............................................................................................................................. 3
Install McAfee Agent .............................................................................................................. 3
2.1.
2.2.
Installation ..................................................................................................................................... 3
Check the readiness of File and Removable Media Protection (FRP) ....................... 3
Encrypt a removable media ................................................................................................ 5
3.1.
Plug in the removable media................................................................................................... 5
3.2.
Check the storage space of removable media ................................................................... 5
3.3.
Encrypt a removable media <= 8GB ..................................................................................... 6
3.3.1.
Backup existing data in the removable media ...................................................................... 6
3.3.2.
Encrypt the removable media without data .......................................................................... 7
3.3.3.
Encrypt the removable media with data ...............................................................................12
3.4.
Encrypt a removable media > 8GB ...................................................................................... 17
3.4.1.
Encrypt the removable media and manage the encrypted area ..................................17
Access the encrypted media ............................................................................................. 21
4.1.
Access the encrypted media in a computer WITH McAfee Agent ............................. 21
4.2.
Access the encrypted media in a computer WITHOUT McAfee Agent .................... 22
4.3.
Editing the files of the encrypted media ........................................................................... 23
4.3.1.
Edit the files outside the encrypted media ...........................................................................24
4.3.2.
Edit the files directly in the encrypted media .....................................................................24
Change the password of the encrypted media ........................................................... 25
5.1.
Forgot and reset the password ............................................................................................. 25
5.2.
Change the password ............................................................................................................... 27
5.2.1.
Using computer WITH McAfee Agent .....................................................................................27
5.2.2.
Using computer WITHOUT McAfee Agent ............................................................................30
Best Practices ......................................................................................................................... 35
6.1.
6.2.
Editing files of the encrypted media ................................................................................... 35
Safely eject the removable media ........................................................................................ 36
Page 2
1.
Introduction
This document describes the operations of encrypting a removable media with McAfee
Agent, and accessing the files in the media on a computer with / without McAfee Agent.
2. Install McAfee Agent
Please note that the current version of the McAfee Agent only supports Windows
Platforms including Windows 7, Windows 8, and Windows 8.1. You can install the agent
and encrypt the USB devices on these platforms.
The Macintosh Platform can only read/write the McAfee encrypted USB device with OS X
10.8 or above.
2.1. Installation
2.1.1.
Install the McAfee Agent on your computer following the “Installation
Procedure for McAfee Agent” (on EPSS webpage:
http://epss.itsc.cuhk.edu.hk/data_encryption/installation.html).
2.1.2.
After the McAfee Agent is installed, you will find a McAfee icon on the
notification area.
2.2. Check the readiness of File and Removable Media Protection (FRP)
2.2.1.
Click on McAfee Agent, select ‘Manage Features’, then click ‘File and
Removable Media Protection’.
Page 3
2.2.2.
The McAfee File and Removable Media Protection window will appear, check
the readiness of the following items:

Click ‘Available keys’ on the right hand side, a Personal Key for encryption
should be ready.

The ‘Initialize media’ under on the left menu should be in black color.
2.2.3.
If both are ready, please proceed to Section 3 “Encrypt a removable media”.
2.2.4.
If either one of the items is not ready, follow the steps below to make it ready:
2.2.4.1. Click on McAfee Agent icon, and then click ‘McAfee Agent Status Monitor’.
2.2.4.2. In the McAfee Agent Monitor window, click ‘Enforce Policies’ button to load
the Personal Key, wait until the process finish before next step.
2.2.4.3. Repeat Step 2.2.2 to check the readiness of the items. If they are still not
ready, please contact your LAN administrator for troubleshooting.
Page 4
3. Encrypt a removable media
After the McAfee Agent is installed and the FRP is ready, the data in the computer
will be protected from transferring to unprotected removable media. You can only
write the data to the removable media which is encrypted (protected) by the
McAfee Agent, otherwise, the device can just be read-only.
3.1. Plug in the removable media
Plug in the removable media into the computer which is going to encrypt the
device. Below McAfee message box will be popup which ask whether you want to
encrypt the USB removable media now.

If click ‘Yes’, it will initialize the encryption.

If click ‘No’, it will close the window and not start the encryption, and the
device will be read-only.
Please follow the steps in next Section 3.2 to determine the next action.
3.2. Check the storage space of removable media
The encryption process is different depending on the storage space of the media:
 If the total space of the removable media is smaller than or equal to (<=) 8GB,
the entire media has to be encrypted. Please refer to steps in Section 3.3.

If the total space of the removable media is larger than (>) 8GB, you can
determine and manage the size of encrypted space. Please refer to steps in
Section 3.4.
If you don’ t know the storage space of the removable media, then open Window
Explorer, right click the removable media drive and click ‘Properties’, then check
the total space of the device.
Page 5
3.3. Encrypt a removable media <= 8GB

If there is data inside the removable media, you should:
o backup the existing data manually before the encryption: this can
ensure the data is backup successfully and the encryption process is
faster. Steps can be found in Section 3.3.1. [Recommended]
o backup the existing data via McAfee Agent before the encryption: the
encryption process will be far much longer than the approach in above
step, and may have risk during the process. Steps can be found in
Section 3.3.3.

If there is no data inside the removable media, please refer to steps in Section
3.3.2.
3.3.1. Backup existing data in the removable media
3.3.1.1.
Close McAfee window
3.3.1.1.1.
In the McAfee message box, click ‘No’ button to close the window and
not to start the encryption.
3.3.1.1.2.
Since the removable media is not encrypted, which means it is
unprotected; it can just be read-only. Click ‘OK’ button to close the
window.
Page 6
3.3.1.2. Backup data
3.3.1.2.1.
Open the Window Explorer, click the USB drive.
3.3.1.2.2. Copy the existing files inside the USB drive to a temporary folder in
your computer as a backup, in order to ensure that the data will not be
lost for any problem occurs.
3.3.1.3. Format removable media
3.3.1.3.1.
In the Window Explorer, right click the USB drive and select ‘Format’
to clean and format the USB removable media.
3.3.1.4. Check the healthiness of USB removable media
3.3.1.4.1.
In the Window Explorer, right click the USB drive and click ‘Properties’.
3.3.1.4.2. Choose ‘Tools’ tab, then click ‘Check now…’ under Error-checking.
3.3.1.4.3. Check the options ‘Automatically fix file system errors’ and ‘Scan for
and attempt recovery of bad sectors’, then click ‘Start’ button.
3.3.2. Encrypt the removable media without data
3.3.2.1. After the previous Section 3.3.1, a message box below from McAfee Agent
will be popup again which ask whether you want to encrypt the removable
media now.
Click ‘Yes’ button to initialize the encryption for the removable device.
(* Note: If click ‘No’ button, it will close the window and not start the
encryption, and the removable device will be read-only.)
Page 7
If the above message box is not displayed, please follow the steps below to
initialize the encryption:
3.3.2.1.1.
Click on McAfee Agent icon on the notification area, select ‘Manage
Features’, then click ‘File and Removable Media Protection’.
3.3.2.1.2. In McAfee File and Removable Media Protection window, click
‘Initialize media’ on the left menu:
Page 8
3.3.2.2. An Initialize Removable Media window will be opened. On the left hand
side, select the correct ‘Drives’ that you are going to encrypt.
3.3.2.3. Input ‘Volume label’ for the removable device, maximum 11 characters.
3.3.2.4. Under ‘Authentication password’, input a password and type again to
confirm. The password combination should be with:

minimal length: 8 characters

at least 1 alphabetic character, 1 numeric character, and 1 special
character.
3.3.2.5. Click ‘Initialize’ button to start the encryption.
3.3.2.3
max. 11 characters
3.3.2.2
3.3.2.4
- min. length: 8 characters
- min. 1 alphabetic character
- min. 1 numeric character
- min. 1 special character
3.3.2.5
Page 9
3.3.2.6. When the encryption process is completed, a message ‘Drive is encrypted by
FRP’ will be displayed at the top of the Initialize Removable Media window,
and the label in the Drives area is updated.
3.3.2.6
3.3.2.7
3.3.2.7. Click ‘OK’ button to close the popup message box.
Page 10
3.3.2.8. Open Window Explorer, and then click ‘Computer’. You can find the
removable media with
-
an updated volume label and
-
a lock indicating that it is encrypted
3.3.2.9. After the encryption, you can restore the data which backup in Section 3.3.1
back to the encrypted device.
Page 11
3.3.3. Encrypt the removable media with data
3.3.3.1. In the McAfee message box, click ‘Yes’ button to initialize the encryption for
the removable device.
3.3.3.4. Under ‘Authentication password’, input a password and type again to
confirm. The password combination should be with:


character.
Page 12
3.3.3.3
max. 11 characters
3.3.3.2
3.3.3.4
3.3.3.5
Page 13
3.3.3.6. Since there is existing data in the removable media, an alert message box
will be displayed:
3.3.3.7. If click ‘No’, McAfee will delete all existing data and encrypt the entire device
directly, all the existing data will be lost.
3.3.3.8. If click ‘Yes’, McAfee will keep the existing data. It will automatically:
i.
backup the existing data to a temporary directory
<C:\Users\username\AppData\Local\Temp\McAfeeEERMFormat\Format> in
your computer
ii. cleanup the existing data in the removable media, the following message
box will appear
o If click ‘Secure Erase’, McAfee will rewrite random files several
times into the device and then format it.
o If click ‘Format Device’, McAfee will format the device directly
[Recommended]
Page 14
iii. encrypt the removable media
iv. restore the data back to the removable media from the temporary
directory in the computer
v. remove the data in the temporary directory in the computer
3.3.3.9
3.3.3.10
Page 15
-
an updated volume label, and
-
3.3.3.12. Click the removable media drive, you can find the existing data and there is a
lock indicating that they are encrypted as well.
Page 16
3.4. Encrypt a removable media > 8GB
For a removable media which is larger than 8GB, you can determine and manage
the size of the encrypted area.
But, please note that the encryption will only be done in the available free space in
the removable media. If there is existing data in the device, these data will not be
encrypted and they can just be read-only in the computer with McAfee Agent
installed.
If you want to encrypt the entire device, please follow the steps in Section 3.3.1
and 3.3.2.
3.4.1. Encrypt the removable media and manage the encrypted area
3.4.1.1.
In the McAfee message box, click ‘Yes’ button to initialize the encryption for
the removable device.
Page 17
3.4.1.4. Under ‘Encrypted Area’, enter the size of the area that you want to encrypt.
Please note that:
- the encrypted area cannot be bigger than the Free Space shown;
-
other remaining space which is not encrypted will not be usable /
shown in any computer with McAfee agent.
3.4.1.5. Input a password under ‘Authentication password’, and type again to
confirm the password. The password must be with:


character.
3.4.1.3
max. 11 characters
3.4.1.2
3.4.1.4
The size should not
be bigger than the
‘Free Space’
3.4.1.5
3.4.1.6
Page 18
3.4.1.7
3.4.1.8
Page 19
-
an updated volume label and
-
-
the defined encrypted area size
3.4.1.10. Click the removable media drive, you can:
3.4.1.10.1. find the data, which existed before encryption, are put into a folder
named “Unprotected Files”. They are not encrypted & without a lock.
3.4.1.10.2. create new files in the protected area, i.e. other area outside the
‘Unprotected Files’. They are encrypted & indicated with a lock.
3.4.1.10.1 Files existed in
the media before the
encryption
are not encrypted
3.4.1.10.2 Files create in
the media after the
encryption
are encrypted
Page 20
4. Access the encrypted media
4.1. Access the encrypted media in a computer WITH McAfee Agent
4.1.1.
Plug in the removable media into the computer with McAfee Agent, a
message box will be displayed and asking for the password to access the
encrypted device.
Input the password that used to encrypt the media, and press ‘OK’ button.
If the ‘Cancel’ button is clicked, it will close the window.
If ‘Forgotten Password’ button is clicked, please refer to Section 5.
4.1.2.
You can now view, edit, and manage the data in the encrypted media as usual
by the Window Explorer.
Page 21
4.2. Access the encrypted media in a computer WITHOUT McAfee Agent
4.2.1.
Plug in the removable media into the computer without McAfee Agent.
4.2.2.
Open Window Explorer, click on the removable media drive.
Since the media is encrypted (i.e. protected), you will not find your files
directly in the drive, but 3 McAfee related files are shown:
***IMPORTANT!
DO NOT delete the above files, otherwise, your data in the encrypted device
will be deleted and lost.
4.2.3.
Double click the file ‘MfeEERM’, a message box will be displayed and asking
for the password to access the encrypted device.
Input the password that used to encrypt the device, and press ‘OK’ button.
<*Note: If you forgot the password, you have to reset it with the computer
which encrypted this device before with the recovery key in that computer.
For reset password, please refer to Section 5.1.>
Page 22
4.2.4.
After the correct password is inputted, a window ‘McAfee Removable Media
Protection’ will be opened, it is the container and the only place where you
can view, edit and manage the files in the encrypted device.
McAfee Container
If you trying to view or manage file in Windows Explorer, it is unable to do so.
You can only find the 3 McAfee related files shown in Step 4.2.2.
4.3. Editing the files of the encrypted media
If you want to edit the files in the encrypted media, it is recommended to edit the
file in your local computer which ensures the performance during the saving
process. Please follow the steps in 4.3.1.
Surely you can also edit the file directly in the encrypted media, but the
performance will be slower because the file has to be decrypted before you can
edit and encrypted again everytime when you save it, it also depends on the size of
the file and the read / write speed of the media. Steps are shown in 4.3.2.
Page 23
4.3.1. Edit the files outside the encrypted media
4.3.1.1.
Copy the file from the encrypted media to a temporary location of the local
computer.
4.3.1.2. Open the file in the local computer, edit it and save it.
4.3.1.3. Copy the file from the local computer to the encrypted media.
4.3.2. Edit the files directly in the encrypted media
4.3.2.1. Open the file directly in the encrypted media.
4.3.2.2. Edit it and save it.
4.3.2.3. If you are editing the encrypted file in a computer without McAfee Agent,
the following message box will be displayed reminding that you are going to
change the file content in the encrypted media:
-
Click ‘Yes’ button to save the changes of the file.
-
If ‘No’ button is clicked, the changes on the file will NOT be saved.
Page 24
5. Change the password of the encrypted media
5.1. Forgot and reset the password
If you forgot the password to access the encrypted media, you can only reset it
with the computer which you encrypted it before, it is because the password can
only be reset with the recovery key in this computer.
5.1.1.
Plug in the encrypted media into the computer which used to encrypt the
media before.
5.1.2.
A message box will be displayed and asking for the password to access the
encrypted device. Click ‘Forgotten Password’ button.
5.1.3.
A message box indicating that the device has been recovered with the
assigned Recovery Key, press ‘OK’ button to continue.
5.1.4.
Input a new password under ‘Authentication password’, and type again to


character.
Page 25
Then click ‘OK’ button to reset the password.
5.1.5.
Click ‘OK’ button when the change completed successfully.
Page 26
5.2. Change the password
You can change the password of an encrypted media in different ways as below:
 Reset it with the computer which encrypt the media before, please refers to
the steps in Section 5.1.

Change the password using any computer with the McAfee Agent, please
refers to Section 5.2.1.

Change the password using any computer without the McAfee Agent, please
refers to Section 5.2.2.
5.2.1. Using computer WITH McAfee Agent
5.2.1.1.
Plug in the removable media into the computer with McAfee Agent, a
message box will be displayed and asking for the password to access the
encrypted device.
Input the password that used to encrypt the device, and press ‘OK’ button.
5.2.1.2. Click on McAfee Agent icon on the notification area, select ‘Manage
Features’, then click ‘File and Removable Media Protection’.
Page 27
5.2.1.3. In McAfee File and Removable Media Protection window, click ‘Change
authentication’ on the left menu:
5.2.1.4. Click ‘Change’ button to start the change process.
Page 28
5.2.1.5. Input the current password and click ‘OK’ button.
5.2.1.6. Input a new password under ‘Authentication password’, and type again to


character.
Page 29
5.2.1.7. When the change completed successfully, click ‘OK’ button.
5.2.2. Using computer WITHOUT McAfee Agent
5.2.2.1. Plug in the removable media into the computer without McAfee Agent.
5.2.2.2. Open Window Explorer, click on the removable media drive, and then double
click the file ‘MfeEERM’.
Page 30
5.2.2.3. Input the password that used to encrypt the device, and press ‘OK’ button.
5.2.2.4. After the correct password is inputted, a window ‘McAfee Removable Media
Protection’ container will be opened.
On the menu bar, click ‘Tools’, then ‘Change authentication…’.
Page 31
5.2.2.5. Click ‘Change’ button to start the change process.
5.2.2.6. Input the current password and click ‘OK’ button.
Page 32
5.2.2.7. Input a new password under ‘Authentication password’, and type again to


at least 1 alphabetic character, 1 numeric character, & 1 special character.
5.2.2.8. When the change completed successfully, click ‘OK’ button.
Page 33
5.2.2.9. A message box will be appeared for verifying the newly changed password.
Input the new password, then press ‘OK’ button.
5.2.2.10. After the correct password is inputted, it will return to the ‘McAfee
Removable Media Protection’ container for your works.
Page 34
6. Best Practices
6.1. Editing files of the encrypted media
It is highly recommended to read and write files in your local computer rather
than do it directly in the encrypted media drive. It is because it will take longer
times to decrypt the file before you open it (especially for those files with large file
size), or encrypt the file whenever you save it if the tasks are performed directly in
the encrypted media.
So, in order to ensure the performance and the integrity of the file in the
encrypted media, please follow the steps below:
6.1.1.
Copy the file that you want to read or edit from encrypted media to your local
computer.
6.1.2.
Edit the file in local computer and save it.
6.1.3.
Copy the final updated file from local computer to the encrypted media.
Page 35
6.2. Safely eject the removable media
No matter the removable media is encrypted or not encrypted, if you are going to
unplug it from the computer, it is very important to remove it safely by following
with the steps below, otherwise, data corruption could be caused.
6.2.1.
6.2.1.1.
In the notification area of the task bar, find the icon ‘Safely Remove Hardware
and Eject Media’.
Click on the icon and select the media which you want to eject.
6.2.1.2. Wait until the message ‘Safe To Remove Hardware’ appear, then you can
eject the media from the computer.
Page 36
6.2.2.
Alternatively, you can also eject the removable media safely in Window
Explorer.
6.2.2.1. Open Window Explorer, right click on the removable media drive, and then
click ‘Eject’ on the popup menu.
6.2.2.2. Wait until the message ‘Safe To Remove Hardware’ appear, then you can
eject the media from the computer.
~ END ~
Page 37

User Manual For McAfee Agent - The Chinese University of Hong

Transcription

Similar documents

Covata Safe Share

McAfee Total Protection 2014

Chris Reichart | CBO | Zerion Software, Inc.

Logging into ClassLink Outside of School

These instructions are for the first time users of CIE/WC electronic

Ballast Guard

Set McAfee to Auto Update .DAT files Auto

Veterinary Medical Center

How to reset your existing Nurre Caxton password: