For a few customers, internet access isn't allowed in the employee computer or their computers might be behind a firewall. These restrictions lead to the following:
- Access to the Chrome or Edge web store isn't allowed
- Installation of the Chromium browser extension in respective browsers isn't allowed after installing DLP Endpoint
The above restrictions result in issues such as DLP not recognizing or capturing the URL. The Text Post monitoring in Chromium browsers doesn't function as well.
This article provides the instructions to install DLP Endpoint Chrome and Microsoft Edge Extension offline.
Preconditions:
- The DLP Endpoint client system must be domain-joined (DC).
- Enable the following option:
Policy Catalog, Data Loss Prevention, Windows Client Configuration, Edit, Operational Mode and Modules, Chrome and Edge web extension - for identifying address bar URL.
- Download the extension and create a shared location:
- Get the extension ID from the test system.
- Install the latest DLP Endpoint build on a test system.
- Open the Registry editor and access HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\ or Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\
For DLP Endpoint builds lesser than 11.10, get the "last" value from the key com.mcafee.dlp_native_messaging_host
For DLP Endpoint builds 11.10 onward, get the "last" value from the key com.trellix.dlp_native_messaging_host
This is the extension ID we would need to install on our agent.
- Open any browser and download the extension crx package using the steps below:
- Get the Chrome version from the About option of the browser.
- Replace CHROME_VERSION and EXTENSION_ID in the URL below:
https://clients2.google.com/service/update2/crx?response=redirect&prodversion=CHROME_VERSION&acceptformat=crx2,crx3&x=id%3DEXTENSION_ID%26uc
- The file will be in .crx format; save the extension file. For example, extension.crx
- Extract the extension version from extension.crx.
- Extract the crx file.
- Open manifest.json and get the version number from the highlighted field. (Let's call it version_X)
- Create the extension package file (.xml)
- Create a shared folder on the server, which is accessible to DLP Endpoint. For example, \\hostname\extensions
- Place the downloaded extension.crx package in the folder.
- Create an XML file as shown below:
<Replace EXTENSION_ID and version_X>
<?xml version='1.0' encoding='UTF-8'?>
<gupdate xmlns='http://www.google.com/update2/response' protocol='2.0'>
<app appid='EXTENSION_ID'>
<updatecheck codebase='file://///hostname/extensions/extension.crx' version='version_X' />
</app>
</gupdate>
- Save the XML in the same shared folder.