Posted on 09-11-2013 08:01 AM
We are currenty using McAFee FDE in our environment. Our Information Security team wants to make sure that we get to 99-100% compliance using the product on the Mac Platform.
I can report on the McAfee Security app, but that only determines that the McAfee Security app is installed. It does not show if the disk is encrypted.
Is anyone using Casper to report on how many of their Macs are fully encrypted using McAfee FDE? If so, how are you accomplishing this?
Posted on 09-11-2013 09:42 AM
I'm not certain if you're referring to McAfee Endpoint Encryption, but if so, we use an Extension Attribute to get the status.
If the "/Library/McAfee/ee/Agent/EpeMacTool" exists, call it with:
to get the status, as in Active, Inactive, etc.
Unfortunately, its not going to give you an actual percentage of encryption, just whether encryption is active or not. But maybe that's good enough? I don't know of a way to get the % of encryption from the command line against Endpoint.
The existence of that EpeMacTool is a good measure of whether the product is installed as well.
Posted on 09-11-2013 12:18 PM
Thanks! I appreciate it.
Posted on 09-12-2013 10:54 AM
We are McAfee EE.
On a fully encrypted Mac, when calling the EpeMacTool (/Library/McAfee/ee/Agent/EpeMacTool -a), I receive "Failed to get system information".
Have you encountered this message?
Posted on 09-12-2013 11:05 AM
on the Mac you ran this against, if you click on the McAfee EE menulet, do you see something like "No Volume Information" or does it state its encrypted? if you see the former, it usually indicates a communication issue from the mac to the EPO server.
Posted on 11-30-2013 01:34 PM
Have you had any luck in reporting on your McAfee EE status?