Security, McAfee, Decrypting McAfee-managed encryption, and Breaking ePO connection from managed endpoints
Describes how to break the connection between the McAfee ePO management connection and remove McAfee-managed drive encryption.
McAfee products can be managed remotely via the University ePO. In order to completely remove McAfee-managed drive encryption, an IT Pro will need to break this connection and unencrypt the endpoint's drive. The following steps describe how to do this task.
- Log in to ePO by visiting https://epo.cites.illinois.edu:8443/ and select the "System Tree" icon at the top of the page.
- In the left pane, drill down to your OU (My Organization→ad.uillinois.edu→and so on) and select the OU to which you wish to apply a policy.
- To decrypt McAfee-managed encryption select the "Assigned Policies" button then select your encryption product in the "Product" popup – typically "Drive Encryption Go", "Endpoint Encryption", or "Endpoint Encryption for Mac".
- Underneath the "Actions" column select the "Edit Assignment" link and a new panel will appear.
- In the new panel, set the policy assignment to "Break inheritance and assign the policy settings below" as illustrated and select "Save" at the bottom-right.
The "Lock policy inheritance" setting will not be listed.
- Do not do anything else in ePO to that device until the decryption process is complete. This includes uninstalling each remaining McAfee product or Agent. Don’t try to break inheritance and/or uninstall multiple products simultaneously.
How to tell you've broken an endpoint's connection to McAfee management
After the McAfee Endpoint Encryption is removed, you can select a machine entry in the "Systems" panel then select the "Endpoint Encryption" tab and you should see "No details are available". This message will provide positive confirmation that you’ve successfully removed McAfee-managed endpoint encryption.