McAfee DLP implementation

The recommended installation for a simple McAfee® Data Loss Prevention (McAfee DLP) implementation is on a single McAfee® ePolicy Orchestrator® (McAfee® ePO™) server.

McAfee DLP extension is installed on the McAfee ePO server. It manages the policies and data analysis for all McAfee DLP applications. It is the starting point for all deployments.

Figure 1. Basic McAfee DLP deployment with options


Table 1: McAfee DLP extension
1 McAfee ePO server — Hosts the embedded McAfee DLP software and the DLP Classification, Incident Manager, Operations, and Case Management modules.
1a Administrator workstation — Accesses McAfee ePO and the McAfee DLP module consoles in a browser.
1b McAfee ePO database
Note: For recommendations on using a separate server for the McAfee ePO database in more complex installations, see the McAfee ePolicy Orchestrator Hardware Sizing and Bandwidth Usage Guide.
1c Evidence storage — stores an encrypted copy of the content that was blocked or monitored
Table 2: Optional components
2 Managed endpoints — Apply the security policies using the McAfee® Data Loss Prevention Endpoint (McAfee DLP Endpoint) client software.
3 McAfee® Data Loss Prevention Discover (McAfee DLP Discover) servers (physical or virtual) — Scan network repositories and databases, classify data, and apply security policies (remediation).
3a McAfee DLP Discover local or cloud repositories
4 McAfee® Data Loss Prevention Prevent (McAfee DLP Prevent) appliance (physical or virtual) — Analyzes email and web traffic and applies security policies.
4a Email gateway and web gateway
5 McAfee® Data Loss Prevention Monitor (McAfee DLP Monitor) appliance (physical or virtual) — Acquires network packets through a network tap, monitors network traffic and applies security policies.
6 McAfee® Data Loss Prevention Prevent for Mobile Email (McAfee DLP Prevent for Mobile Email) server — Receives email from a MobileIron Sentry server (6a). It analyzes the email and attachments and creates incidents, or saves evidence, based on mobile protection rules.
6a MobileIron Sentry server