The McAfee Client Proxy is a Windows Desktop Agent that intelligently determines whether a web request:
- Is routed through a proxy
- Is denied access to a proxy
- Bypasses the web proxy entirely
MCP also sends encrypted authentication information to the SaaS Web Protection server for transparent user identification.
To implement McAfee Client Proxy without ePolicy Orchestrator:
- Download the MCP executable (MCP.exe).
- Log on to the Control Console using your Admin account.
- Navigate to Web Protection.
- Click the Setup tab, and select Download MCP under the McAfee Client proxy link.
NOTE: You must download and deploy the MCP.exe file to each of the user systems as a Desktop Agent working with the MCP policy file.
- Download the MCP policy file. The policy file inspects the users' web requests. When a web request is received, it takes one of the following actions:
- Immediately deny the request (the web request is denied at the client level).
- Bypass the request (do not communicate with the proxy servers). This action is used with an intranet request.
- Send the request to a web filtering policy for further filtering.
- Log on to the Control Console using your Admin account.
- Navigate to Web Protection.
- Select Policies and under McAfee client proxy policies, click New to create the policy. After you save the policy, it downloads and then creates the .OPG file.
- Rename the file to MCPPOLICY.OPG before you push it to every system. You must push the OPG file to the users' Application Data folder:
C:\ProgramData\McAfee\MCP\Policy%common_app_data%\McAfee\MCP\Policy\MCPPolicy.opg
- Distribute MCP.exe and the MCP policy file from the Control Console using a Windows management system such as AD/GPO, Tivoli, or logon scripts.
- Map the Network IDs to the Control Console user accounts. To map the network IDs, you must update the Network IDs in the Alias field. Select each user account in the Control Console using Admin rights:
- Click Account Management, Configuration, User Agent.
- Map each Control Console account to its corresponding Login ID under Active Directory/Windows Network to achieve transparent user authentication while accessing the web through a web browser.
Example:
<firstname.lastname>@<companyname.com> <domainname>/<loginname>
- Exit Account Management.
