Client Configuration page

Configure the settings that the Client Proxy software uses to redirect web requests based on the location of the endpoint: inside or outside the network or connected to the network by VPN.

Configuration of the customer identifier and shared password settings depends on which platform you are using to manage Client Proxy:

  • McAfee® ePolicy Orchestrator® (McAfee® ePO™)
  • McAfee® ePolicy Orchestrator® Cloud (McAfee® ePO™ Cloud)

Customer Identifier (McAfee ePO)
Category Option Definition
Customer Identifier

Before configuring this page, download the customer ID .xml file from one of these servers:

  • McAfee® Web Gateway
  • McAfee® Web Gateway Cloud Service (McAfee® WGCS)

You must have this information to save the configuration.

Browse Click to locate the .xml file with the customer ID and shared password.
Unique Customer ID Displays the customer ID imported from the XML file.
Shared Password Displays the hashed shared password imported from the XML file.
Shared Password (McAfee ePO Cloud)
Category Option Definition
Configure Shared Password
Caution: After you enter the shared password, you must save the new policy for the password to be updated in the system. Allow enough time for this process to complete. Otherwise, authentication fails.
Shared Password Enter and confirm the password that Client Proxy and McAfee WGCS use to communicate securely.
Reset Customer Credentials When clicked, opens a warning dialog box, where you can confirm that you want to change the shared password.
Export Customer Credentials When clicked, opens a dialog box, where clicking Export Password opens a new tab in the web browser with the password and customer ID displayed in XML format.
Client Configuration options
Category Option Definition
Traffic Redirection Settings Redirect network traffic when computer is not connected to corporate network and not working through VPN The software redirects web requests to a proxy server in this case: The user is working outside your organization's network and is not connected to the network by VPN.
Always redirect network traffic to proxy servers

The software redirects web requests to a proxy server in all cases:

  • The user is working inside your organization's network.
  • The user is working outside your network and is connected by VPN.
  • The user is working outside your network and is not connected by VPN.

Corporate Network Detection Detect if MCP is inside the corporate network Select an option:
  • by testing connectivity to ePO — The software determines whether the endpoint is inside the network by pinging the McAfee ePO server.
    Note: Best practice: We recommend this option.
  • by testing connectivity to any of the following corporate servers — The software determines whether the endpoint is inside the network by pinging the specified servers on the network.
Server Address Specifies the IP address or host name of a server on your organization's network.
Server Port Specifies the port number of the server on your organization's network.
Corporate VPN Detection Detect if MCP is connected to a corporate VPN Specifies the addresses of one or more VPN servers. The software determines whether the endpoint is connected to the VPN by pinging the servers you specify.
Server Address Specifies the IP address or host name of a VPN server on your organization's network.
Server Port Specifies the port number of the VPN server on your organization's network.
Active Directory Groups Filter Regular Expression Specifies the names of one or more Active Directory groups. The software uses the names to filter the groups in the header that it adds to web requests before redirecting them to the proxy server.

Format: <domain_name>\\<group_name>

Group membership information must not exceed 4096 characters.

Include / Exclude For each regular expression, select an option:
  • Include — Includes the Active Directory name in the header added to the web request.
  • Exclude — Excludes the Active Directory name in the header added to the web request.
Log File Settings (OS X Only) Specifies how much information the software logs to a file. Select an option:
  • Log messages with Error and Critical priority
  • Log messages with Error, Critical, Information, and Warning priority
  • Log all messages (recommended for troubleshooting and debugging)
  • Don't log any messages
Note: On endpoints running Windows, log files are located in this folder: C:\Program Data\McAfee\MCP\Logs. Critical error messages are saved a file named Mcp.log.
Access Protection (Windows Only) Enable access protection Users are allowed to:
  • Use Windows Task Manager to disable the software
  • Edit or delete files
  • Change registry values
Request release key for manual uninstall
  • Selected — Users can request a release code from an administrator and use it to uninstall the software.
  • Deselected — Users must use the Windows uninstall feature to uninstall the software.

Best practice is to use a release code to uninstall the software.