Reporting on McAfee FDE

travismchugh
New Contributor II

We are currenty using McAFee FDE in our environment. Our Information Security team wants to make sure that we get to 99-100% compliance using the product on the Mac Platform.

I can report on the McAfee Security app, but that only determines that the McAfee Security app is installed. It does not show if the disk is encrypted.

Is anyone using Casper to report on how many of their Macs are fully encrypted using McAfee FDE? If so, how are you accomplishing this?

5 REPLIES 5

mm2270
Legendary Contributor II

I'm not certain if you're referring to McAfee Endpoint Encryption, but if so, we use an Extension Attribute to get the status.

If the "/Library/McAfee/ee/Agent/EpeMacTool" exists, call it with:

/Library/McAfee/ee/Agent/EpeMacTool -a

to get the status, as in Active, Inactive, etc.

Unfortunately, its not going to give you an actual percentage of encryption, just whether encryption is active or not. But maybe that's good enough? I don't know of a way to get the % of encryption from the command line against Endpoint.

The existence of that EpeMacTool is a good measure of whether the product is installed as well.

travismchugh
New Contributor II

Thanks! I appreciate it.

travismchugh
New Contributor II

We are McAfee EE.

On a fully encrypted Mac, when calling the EpeMacTool (/Library/McAfee/ee/Agent/EpeMacTool -a), I receive "Failed to get system information".

Have you encountered this message?

mm2270
Legendary Contributor II

on the Mac you ran this against, if you click on the McAfee EE menulet, do you see something like "No Volume Information" or does it state its encrypted? if you see the former, it usually indicates a communication issue from the mac to the EPO server.

jimmy-swings
Contributor II

Hi Travis,
Have you had any luck in reporting on your McAfee EE status?