Knowledge Center

The DEGO tool helps customers and product engineers determine if a client has the required hardware to support installation and activation of DE.

The utility indicates the readiness of the system to install either DE or other appropriate products. It provides an indication of readiness, but not a definitive indication that no errors will occur. The utility provides some initial testing of the system to verify that it will be ready to install and activate the product. It does not pick up DE error states, such as failing to activate because no users are assigned to the system.

The first release is targeted for deployment to Windows systems, and a Mac version is in development with similar functionality.

The product checks for the following types of problems:

Communication
The communication of this information back to the ePolicy Orchestrator (ePO) does not use the data channels because it is possible that one of the tests will identify the data channels are not functioning correctly. Thus, communication uses the standard McAfee Agent functionality. Information is sent from the client to the ePO server at every Agent-to-Server Communication Interval (ASCI). This allows ePO administrators to have a continuously updated view of the information. For example, the administrator can observe when the number of systems that are ready to deploy the product increases as the number of systems with incompatible products decreases.
 

Troubleshooting and Logging (Client/Server)
Diagnostic information on the client has a similar format to the MfeEpe.log with levels of Error, Warning, Info, and Debug. The log information at Info level shows a basic trace of pings and tests and at Debug level shows all data and messages sent to and from the client with detailed traces of each test.

Client logging and configuration can be achieved by controlling the logging level using either the command line or the registry. Server logging is achieved by modifying an XML file.

For details on how to enable debug logging for DEGO, see KB73165.

ePO Reports
A dashboard and a few reports are available for users to see all of the information that is returned by the various systems. On the dashboard, the ePO admin can see a pie chart that shows a view of how many of the systems are ready, and which ones are not ready. The admin can click on the not ready systems and drill down to view the details.
 

Report Name	Role
Drive Encryption GO:  Compliance	Report containing the endpoints running DEGO.
Drive Encryption GO:  Data Channel Status	Reports the results of the datachannel ping from the client in milliseconds and the reachable status from the server with a timeout of 30 minutes.
Drive Encryption GO: Incompatible products	Reports incompatible product detections at the client:   Incompatible Product DEGO 7.x BitLocker Yes GuardianEdge Yes HP Client (OEM) Yes HP ProtectTools Yes PGP Whole Disk Encryption (Mac/PC) Yes PointSec v6 Yes SafeBoot Yes SafeGuardEasy Yes SafeGuard v1-v5.5 Yes SafeGuard v5.5+ Yes SafeNet ProtectDrive Yes Symantec Endpoint Encryption Yes TrueCrypt Yes Wave Trusted Drive Manager Yes WinMagic SecureDoc Yes
Drive Encryption GO: Test Failures	DEGO testing to check: SMART Status (PredictFailure Attribute) Can the disk be used to install the DE MBR Opal Supported Drive

ePO Charts
An additional pie chart might be available that shows which incompatible products were discovered (if any). For example: 1000 machines are running this tool and 100 have incompatible products. The pie chart might show 75 running PointSec and 25 running BitLocker.

ePO Policies
This includes a policy with a single setting which by default is disabled. When an admin views a system from the system tree, on the system details, an extra section shows the information that was obtained for this particular system.

PING test
This includes an option that is available from the ePO system tree that allows an administrator to ping a system(s) using the data channel technology to see if this data channel technology is functioning.