We are currenty using McAFee FDE in our environment. Our Information Security team wants to make sure that we get to 99-100% compliance using the product on the Mac Platform.
I can report on the McAfee Security app, but that only determines that the McAfee Security app is installed. It does not show if the disk is encrypted.
Is anyone using Casper to report on how many of their Macs are fully encrypted using McAfee FDE? If so, how are you accomplishing this?
I'm not certain if you're referring to McAfee Endpoint Encryption, but if so, we use an Extension Attribute to get the status.
If the "/Library/McAfee/ee/Agent/EpeMacTool" exists, call it with:
to get the status, as in Active, Inactive, etc.
Unfortunately, its not going to give you an actual percentage of encryption, just whether encryption is active or not. But maybe that's good enough? I don't know of a way to get the % of encryption from the command line against Endpoint.
The existence of that EpeMacTool is a good measure of whether the product is installed as well.