Decrypting McAfee-managed encryption, and Breaking ePO connection from managed endpoints

Describes how to break the connection between the McAfee ePO management connection and remove McAfee-managed drive encryption.

Introduction

McAfee products can be managed remotely via the University ePO. In order to completely remove McAfee-managed drive encryption, an IT Pro will need to break this connection and unencrypt the endpoint's drive. The following steps describe how to do this task.

You will need

  • administrative access to the affected Windows or MacOS systems (the endpoints).
  • remote access to control the installed McAfee software on the endpoints via the University ePO.

Decypt encryption before removing McAfee products!

Your endpoints may have multiple McAfee products installed on them. Typically you'll want to decrypt the drive before you remove other McAfee products.

Steps

  1. Log in to ePO by visiting https://epo.cites.illinois.edu:8443/ and select the "System Tree" icon at the top of the page.
    epo-system-tree-icon.png
  2. In the left pane, drill down to your OU (My Organization→ad.uillinois.edu→and so on) and select the OU to which you wish to apply a policy.
  3. To decrypt McAfee-managed encryption select the "Assigned Policies" button then select your encryption product in the "Product" popup – typically "Drive Encryption Go", "Endpoint Encryption", or "Endpoint Encryption for Mac". epo-assigned-policies-button-highlighted.png
  4. Underneath the "Actions" column select the "Edit Assignment" link and a new panel will appear.
  5. In the new panel, set the policy assignment to "Break inheritance and assign the policy settings below" as illustrated and select "Save" at the bottom-right.
    epo-policy-assignment-panel-full.png
    The "Lock policy inheritance" setting will not be listed.
  6. Do not do anything else in ePO to that device until the decryption process is complete. This includes uninstalling each remaining McAfee product or Agent. Don’t try to break inheritance and/or uninstall multiple products simultaneously.

How to tell you've broken an endpoint's connection to McAfee management

After the McAfee Endpoint Encryption is removed, you can select a machine entry in the "Systems" panel then select the "Endpoint Encryption" tab and you should see "No details are available". This message will provide positive confirmation that you’ve successfully removed McAfee-managed endpoint encryption.




Keywords:decryption mcafee "drive encryption" removing endpoints ePO products   Doc ID:68048
Owner:J.B. N.Group:University of Illinois Technology Services
Created:2016-10-25 14:39 CSTUpdated:2016-12-19 15:33 CST
Sites:University of Illinois Technology Services
CleanURL:https://answers.uillinois.edu/decrypting-mcafee-encryption-removing-mcafee-products-breaking-epo-connection
Feedback:  0   0