Loading...

Knowledge Center


Overview of Drive Encryption Go
Technical Articles ID:   KB72777
Last Modified:  8/30/2017
Rated:


Environment

McAfee Drive Encryption (DE) 7.x
McAfee Drive Encryption GO (DEGO) 7.1.x

NOTE: DEGO was formerly known as Endpoint Encryption GO (EEGO).

For details of DE supported environments, see KB79422.
NOTE: DEGO is supported on all Windows operating systems where DE is listed as supported.

Summary

The DEGO tool helps customers and product engineers determine if a client has the required hardware to support installation and activation of DE.

The utility indicates the readiness of the system to install either DE or other appropriate products. It provides an indication of readiness, but not a definitive indication that no errors will occur. The utility provides some initial testing of the system to verify that it will be ready to install and activate the product. It does not pick up DE error states, such as failing to activate because no users are assigned to the system.

The first release is targeted for deployment to Windows systems, and a Mac version is in development with similar functionality.

The product checks for the following types of problems:
  • Data Channels (to verify communication in both directions is working)
  • Incompatible product installed. For details, see KB84990.
  • Self-Monitoring, Analysis, and Reporting Technology (SMART) to check a computer system hard disk drive to detect and report on various indicators of reliability, with the aim of anticipating failures
  • Partition / Disk / MBR compatibility
  • Opal drive compatibility
  • Overall Ready (Yes/No)
Communication
The communication of this information back to the ePolicy Orchestrator (ePO) does not use the data channels because it is possible that one of the tests will identify the data channels are not functioning correctly. Thus, communication uses the standard McAfee Agent functionality. Information is sent from the client to the ePO server at every Agent-to-Server Communication Interval (ASCI). This allows ePO administrators to have a continuously updated view of the information. For example, the administrator can observe when the number of systems that are ready to deploy the product increases as the number of systems with incompatible products decreases.
 

Troubleshooting and Logging (Client/Server)
Diagnostic information on the client has a similar format to the MfeEpe.log with levels of Error, Warning, Info, and Debug. The log information at Info level shows a basic trace of pings and tests and at Debug level shows all data and messages sent to and from the client with detailed traces of each test.

Client logging and configuration can be achieved by controlling the logging level using either the command line or the registry. Server logging is achieved by modifying an XML file.

For details on how to enable debug logging for DEGO, see KB73165.


ePO Reports
A dashboard and a few reports are available for users to see all of the information that is returned by the various systems. On the dashboard, the ePO admin can see a pie chart that shows a view of how many of the systems are ready, and which ones are not ready. The admin can click on the not ready systems and drill down to view the details.
 
Report Name
Role
Drive Encryption GO:  Compliance
Report containing the endpoints running DEGO.
Drive Encryption GO:  Data Channel Status
Reports the results of the datachannel ping from the client in milliseconds and the reachable status from the server with a timeout of 30 minutes.
Drive Encryption GO: Incompatible products
Reports incompatible product detections at the client:
 
Incompatible Product
DEGO 7.x
BitLocker
Yes
GuardianEdge
Yes
HP Client (OEM)
Yes
HP ProtectTools
Yes
PGP Whole Disk Encryption (Mac/PC) Yes
PointSec v6 Yes
SafeBoot Yes
SafeGuardEasy Yes
SafeGuard v1-v5.5 Yes
SafeGuard v5.5+ Yes
SafeNet ProtectDrive Yes
Symantec Endpoint Encryption Yes
TrueCrypt Yes
Wave Trusted Drive Manager Yes
WinMagic SecureDoc Yes

 

Drive Encryption GO: Test Failures DEGO testing to check:
  • SMART Status (PredictFailure Attribute)
  • Can the disk be used to install the DE MBR
  • Opal Supported Drive


ePO Charts
An additional pie chart might be available that shows which incompatible products were discovered (if any). For example: 1000 machines are running this tool and 100 have incompatible products. The pie chart might show 75 running PointSec and 25 running BitLocker.

ePO Policies
This includes a policy with a single setting which by default is disabled. When an admin views a system from the system tree, on the system details, an extra section shows the information that was obtained for this particular system.

PING test
This includes an option that is available from the ePO system tree that allows an administrator to ping a system(s) using the data channel technology to see if this data channel technology is functioning.

Rate this document

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.