Drive Encryption communication architecture
Technical Articles ID:   KB71865
Last Modified:  12/11/2017


McAfee Drive Encryption (DE) 7.x

For details about DE supported environments, see KB79422.


The table below shows the communication architecture for Drive Encryption. 
Communication DE 7.x
Upstream - Key backup Event
Upstream - Other Event
Message handling - Key backup ePO
Message handling - Other Agent Handler + SQL Server
Downstream (No Firewall)  Data Channel (Pushed)
Downstream (Firewalled) Data Channel (Pulled)

Delivery of client-server messages causes perceived policy enforcement slowdown or failure
One of the major changes in communication architecture is that most client-server messages are now sent using the ePO Event mechanism. DE relies solely on McAfee Agent to send its Events to the Agent Handler. Often, there can be a delay between DE creating an Event and passing it to McAfee Agent and the McAfee Agent sending the Event up to the Agent Handler. This sequence of events can lead to the perception that nothing is happening on the client, but DE is simply waiting for McAfee Agent to dispatch its Events. When the Event is dispatched, the DE policy enforcement process continues.

Because of this delay, the DE policy enforcement can continue after the McAfee Agent status monitor reports that McAfee Agent policy enforcement is complete. Unlike other McAfee managed products, Drive Encryption requires a complex sequence of client-server communications to request user data before policy enforcement can be completed.

The current policy enforcement state of DE is visible in the Drive Encryption Status Monitor on the client. When policy enforcement is complete, the status monitor shows "Policy enforcement complete". If the status displays a message similar to "Created get all users event", an Event is waiting to be sent up to the Agent Handler. Clicking Send Events from the McAfee Agent Status Monitor window sends the event immediately.

Tip: If activation appears to have halted or policies have failed to be enforced, click Send Events from the McAfee Agent Status Monitor window.

DE/ePO Architecture
In the following diagrams:
  • Red arrow = ePO Communication Channel 
  • Green arrow = DE Communication Channel
NOTE: Drive Encryption (DE) was formerly known as Endpoint Encryption for PC (EEPC). The diagram below shows references to EEPC but applies to DE.



Rate this document

Affected Products

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.