McAfee Complete Data Protection: Full disk encryption product overview
Expert Karen Scarfone examines the features of McAfee Complete Data Protection, a full disk encryption product for securing client-side computers and servers.
This is part of a series on the top full disk encryption products and tools in the market. For more, check out our FDE product roundup.
McAfee Complete Data Protection provides full disk encryption (FDE) capabilities for hard drives on desktops, laptops and servers. FDE ensures all data on a hard drive is encrypted; as long as the device is off, an attacker cannot use forensic tools and other means to recover any sensitive data from it.
McAfee Complete Data Protection also includes storage encryption capabilities for individual files and for removable media. These capabilities do not take the place of FDE, but rather complement it by providing storage encryption for data while the device is in use.
There are three versions of McAfee Complete Data Protection available.
The first, simply named McAfee Complete Data Protection, is the standard full disk encryption product sold by McAfee. The second, named McAfee Complete Data Protection Advanced, offers everything that the standard version does, plus data loss prevention (DLP) capabilities. Finally, the third version, McAfee Complete Data Protection-Essential, offers management features for Apple FileVault and Microsoft BitLocker, but no full disk encryption capabilities of its own.
All three versions can be centrally managed through the McAfee ePolicy Orchestrator software, which is used to manage a variety of McAfee security products in the enterprise. Because the standard and Advanced versions of McAfee Complete Data Protection are the same in terms of FDE support, and the Essential version does not offer any FDE capabilities of its own, the rest of this article will focus on only the standard version, not the Advanced or Essential versions.
McAfee Complete Data Protection is available for various operating systems (OSes), including the following: Microsoft Windows 10, Microsoft Windows 8 and 8.1, Microsoft Windows 7, Microsoft Windows Vista, Microsoft Windows XP (32-bit), Microsoft Windows Server 2008, Microsoft Windows Server 2003 (32-bit), and Apple Mac OS X 10.7, 10.8, 10.9, 10.10 and 10.11.
Encryption and authentication support
McAfee Complete Data Protection uses the Advanced Encryption Standard (AES) encryption algorithm with 256-bit keys for its storage encryption. AES 256 is a strong algorithm and key size combination that will ward off today's threats as well as future threats. McAfee Complete Data Protection’s use of AES has been Federal Information Processing Standard (FIPS) 140-2-certified, which means it has been carefully evaluated to ensure it does not contain any common cryptographic implementation errors that could cause weakness in the storage encryption implementation.
multifactor authentication is natively supported by McAfee Complete Data Protection, as is integration with Active Directory, public-key infrastructures and other enterprise authentication-related services.
Because McAfee Complete Data Protection is designed to be managed centrally with the McAfee ePolicy Orchestrator software, it is intended for use in enterprise environments and not by individual users or by small enterprises that perform all security management locally. Organizations that already have other McAfee enterprise products deployed may find it easier to deploy McAfee Complete Data Protection, because they are highly likely to already have the McAfee ePolicy Orchestrator infrastructure in place and operating -- plus their operational staff is probably already familiar with the interface.
Licensing for McAfee Complete Data Protection
Channel partners sell McAfee Complete Data Protection licenses. The licenses are issued per device (e.g., desktop, laptop, server), not per user. This is typical of commercial FDE products.
McAfee offers a free trial of its Complete Data Protection product.
Here is a sampling of current retail pricing (as of this writing) for McAfee Complete Data Protection licenses. Note that each license includes one year of technical support.
Is McAfee Complete Data Protection right for you?
McAfee Complete Data Protection offers FDE capabilities, as well as file encryption and removable media encryption capabilities, for enterprises that are running Windows and Mac OS X systems. McAfee Complete Data Protection's centralized management capabilities, as well as authentication and encryption characteristics, are all comparable with its competitors' products.
A solid choice for any enterprise, McAfee Complete Data Protection is even more likely to be the right product for organizations that already have a McAfee centralized management infrastructure deployed for managing other McAfee enterprise security products.
Get more reviews of other full disk encryption products featured in this series: Symantec Endpoint Encryption, Sophos SafeGuard, Microsoft BitLocker, Dell Data Protection | Encryption, Check Point Full Disk Encryption, DiskCryptor and Apple FileVault 2.