McAfee DLP implementation

McAfee® Data Loss Prevention (McAfee DLP) is a suite of products deployable and manageable through McAfee® ePolicy Orchestrator® (McAfee® ePO™) , which enables sharing of common policies and provides incident and case management for network and endpoint data loss prevention products.

The McAfee DLP extension is installed on the McAfee ePO server. It manages the policies and data analysis for all McAfee DLP applications. It is the starting point for all deployments.

McAfee DLP extension
1 McAfee ePO server — Hosts the embedded McAfee DLP software and the DLP Classification, DLP Incident Manager, DLP Operations, and DLP Case Management.
1a Administrator workstation — Accesses McAfee ePO and the McAfee DLP module consoles in a browser.
1b McAfee ePO database.
Note: For recommendations on using a separate server for the McAfee ePO database in more complex installations, see the McAfee ePolicy Orchestrator Hardware Sizing and Bandwidth Usage Guide.
1c Evidence storage — Stores an encrypted copy of the content that was blocked or monitored.
Optional components
2 Managed endpoints — Apply the security policies using the McAfee® Data Loss Prevention Endpoint (McAfee DLP Endpoint) client software.
3 McAfee® Data Loss Prevention Discover (McAfee DLP Discover) servers (physical or virtual) — Scan network repositories and databases, classify data, and apply security policies (remediation).
3a McAfee DLP Discover local or cloud repositories.
4 McAfee® Data Loss Prevention Prevent (McAfee DLP Prevent) appliance (physical or virtual) — Analyzes email and web traffic and applies security policies.
4a Email gateway and web gateway.
5 McAfee® Data Loss Prevention Monitor (McAfee DLP Monitor) appliance (physical or virtual) — Acquires network packets through a network tap, monitors network traffic, and applies security policies.
6 McAfee® Data Loss Prevention Prevent for Mobile Email (McAfee DLP Prevent for Mobile Email) server — Receives email from a MobileIron Sentry server (6a). It analyzes the email and attachments and creates incidents, or saves evidence, based on mobile protection rules.
6a MobileIron Sentry server.
Basic McAfee DLP deployment with options