Which type of installation do you need?

Install McAfee® Data Loss Prevention (McAfee DLP) software as a first-time installation or upgrade in McAfee® ePolicy Orchestrator® (McAfee® ePO™) on an on-premises, VDI, or AWS server. Deploy the McAfee® Device Control or McAfee® Data Loss Prevention Endpoint (McAfee DLP Endpoint) client software as a first-time installation or upgrade on network endpoints.



McAfee DLP Endpoint software has two parts:

  • McAfee DLP extension
    • Installs in McAfee ePO
    • Defines rules and policies
    • Monitors and analyzes incidents and operational events
    • Manages cases
  • McAfee DLP Endpoint client
    • Installs as a client in McAfee® Agent on network endpoints
    • Enforces rules and policies
    • Collects evidence

Options for installing the client software

McAfee DLP Endpoint client software is available in two configurations. There is no difference in the installation between the configurations. Both client configurations are available for installation on Microsoft Windows and macOS computers.

  • McAfee® Device Control — Protects against data loss by preventing unauthorized use of removable media devices.
  • McAfee Data Loss Prevention and McAfee® Device Control — Protects against data loss through the broadest set of data-loss channels: removable devices, non-system hard disks, email or email attachments, web posts, clipboard or screen capture, printing, file system, and more.

McAfee DLP supports multiple versions of McAfee DLP Endpoint with the backward compatibility option in DLP Settings.

Large networks typically divide the workload by LAN or workgroup, and McAfee DLP can assign different policies to different groups. Reporting can be by group, or a rollup data server task can collect data from several servers to produce a single report.

McAfee DLP Endpoint performs cryptographic operations in a way that is compliant with FIPS 140-2. Use settings in the Windows registry to turn FIPS 140-2 compliancy on and off.