Jamf Nation Community

travismchugh · ‎09-11-2013

We are currenty using McAFee FDE in our environment. Our Information Security team wants to make sure that we get to 99-100% compliance using the product on the Mac Platform.

I can report on the McAfee Security app, but that only determines that the McAfee Security app is installed. It does not show if the disk is encrypted.

Is anyone using Casper to report on how many of their Macs are fully encrypted using McAfee FDE? If so, how are you accomplishing this?

mm2270 · ‎09-11-2013

I'm not certain if you're referring to McAfee Endpoint Encryption, but if so, we use an Extension Attribute to get the status.

If the "/Library/McAfee/ee/Agent/EpeMacTool" exists, call it with:

/Library/McAfee/ee/Agent/EpeMacTool -a

to get the status, as in Active, Inactive, etc.

Unfortunately, its not going to give you an actual percentage of encryption, just whether encryption is active or not. But maybe that's good enough? I don't know of a way to get the % of encryption from the command line against Endpoint.

The existence of that EpeMacTool is a good measure of whether the product is installed as well.

travismchugh · ‎09-11-2013

Thanks! I appreciate it.

travismchugh · ‎09-12-2013

We are McAfee EE.

On a fully encrypted Mac, when calling the EpeMacTool (/Library/McAfee/ee/Agent/EpeMacTool -a), I receive "Failed to get system information".

Have you encountered this message?

mm2270 · ‎09-12-2013

on the Mac you ran this against, if you click on the McAfee EE menulet, do you see something like "No Volume Information" or does it state its encrypted? if you see the former, it usually indicates a communication issue from the mac to the EPO server.

jimmy-swings · ‎11-30-2013

Hi Travis,
Have you had any luck in reporting on your McAfee EE status?

Jamf Nation Community

Reporting on McAfee FDE