Symantec Endpoint Encryption Removable Storage Release Notes



Similar documents
PGP Portable Quick Start Guide Version 10.2

Symantec Endpoint Encryption Full Disk Release Notes

PGP Desktop Version 10.2 for Mac OS X Maintenance Pack Release Notes

PGP Desktop Version 10.2 for Windows Maintenance Pack Release Notes

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Symantec Endpoint Protection Shared Insight Cache User Guide

Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide

Symantec Backup Exec System Recovery Granular Restore Option User's Guide

Symantec Mobile Management for Configuration Manager

Symantec Encryption Desktop Version 10.3 for Windows Maintenance Pack Release Notes

Backup Exec Cloud Storage for Nirvanix Installation Guide. Release 2.0

Symantec File Share Encryption Quick Start Guide Version 10.3

Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide

Symantec Security Information Manager - Best Practices for Selective Backup and Restore

Recovering Encrypted Disks Using Windows Preinstallation Environment. Technical Note

Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide

Symantec System Recovery 2013 Management Solution Administrator's Guide

Symantec NetBackup Backup, Archive, and Restore Getting Started Guide. Release 7.5

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference

Symantec NetBackup Desktop and Laptop Option README. Release 6.1 MP7

Symantec LiveUpdate Administrator. Getting Started Guide

Symantec Security Information Manager 4.8 Release Notes

Symantec System Recovery 2011 Management Solution Administrator's Guide

Symantec Enterprise Security Manager Oracle Database Modules Release Notes. Version: 5.4

Symantec Endpoint Encryption Full Disk Release Notes

Veritas Operations Manager Package Anomaly Add-on User's Guide 4.1

Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide

Symantec Endpoint Encryption Device Control Release Notes

Altiris Patch Management Solution for Linux 7.1 SP2 from Symantec User Guide

PGP Command Line Version 10.3 Release Notes

Symantec Client Firewall Policy Migration Guide

Symantec Virtual Machine Management 7.1 User Guide

Symantec Mobile Management 7.2 MR1Quick-start Guide

Veritas Cluster Server Getting Started Guide

Symantec Protection Engine for Cloud Services 7.0 Release Notes

Symantec Protection for SharePoint Servers Implementation Guide

Symantec Protection Center Enterprise 3.0. Release Notes

Symantec Data Center Security: Server Advanced v6.0. Agent Guide

Symantec NetBackup for Lotus Notes Administrator's Guide

Veritas Operations Manager LDom Capacity Management Add-on User's Guide 4.1

Symantec ApplicationHA agent for SharePoint Server 2010 Configuration Guide

Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide

Symantec Endpoint Encryption Full Disk Release Notes

Veritas Operations Manager Release Notes. 3.0 Rolling Patch 1

Symantec Management Platform Installation Guide. Version 7.0

Symantec ApplicationHA agent for Internet Information Services Configuration Guide

PGP Command Line Version 10.2 Release Notes

Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc

Symantec NetBackup OpenStorage Solutions Guide for Disk

Symantec NetBackup Vault Operator's Guide

Symantec ApplicationHA agent for Microsoft Exchange 2010 Configuration Guide

PGP CAPS Activation Package

Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise Release Notes 3.1.0

Configuring Symantec AntiVirus for NetApp Storage system

Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide

Symantec Patch Management Solution for Windows 7.5 SP1 powered by Altiris User Guide

Symantec Secure Proxy Administration Guide

Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP

Altiris Asset Management Suite 7.1 from Symantec User Guide

Encryption. Administrator Guide

Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide

InventoryControl for use with QuoteWerks Quick Start Guide

Symantec Security Information Manager Release Notes

Veritas Operations Manager Advanced 5.0 HSCL Pack 1 Release Notes

Symantec Response Assessment module Installation Guide. Version 9.0

Symantec Critical System Protection Agent Event Viewer Guide

Symantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

Altiris Patch Management Solution for Windows 7.1 SP2 from Symantec User Guide

Symantec Enterprise Vault. Upgrading to Enterprise Vault

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

Altiris Monitor Solution for Servers 7.1 SP1 and Event Console 7.1 MR1 from Symantec Release Notes

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Altiris Monitor Solution for Servers 7.1 SP1from Symantec User Guide

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Spector 360 Deployment Guide. Version 7

Symantec Critical System Protection Agent Event Viewer Guide

Altiris Monitor Solution for Servers 7.5 from Symantec User Guide

Symantec NetBackup for Enterprise Vault Agent Administrator's Guide

Symantec Mail Security for Domino

Migrating MSDE to Microsoft SQL 2008 R2 Express

Symantec Enterprise Vault Technical Note

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Symantec Endpoint Encryption Removable Storage

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

Symantec Endpoint Encryption Removable Storage

SafeGuard Enterprise Web Helpdesk

Symantec Storage Foundation and High Availability Solutions Microsoft Clustering Solutions Guide for Microsoft SQL Server

Symantec Enterprise Vault

PGP Desktop Quick Start Guide Version 10.2

Symantec Enterprise Vault

Spector 360 Deployment Guide. Version 7.3 January 3, 2012

Symantec Critical System Protection Agent Guide

Symantec NetBackup PureDisk Deduplication Option Guide

Veritas Dynamic Multi-Pathing for Windows Release Notes

Install SQL Server 2014 Express Edition

Transcription:

Symantec Endpoint Encryption Removable Storage Release Notes Symantec Endpoint Encryption Removable Storage 8.2.1 Symantec Endpoint Encryption Framework 8.2.1 www.symantec.com About Symantec Endpoint Encryption Removable Storage Symantec Endpoint Encryption Removable Storage allows enterprise organizations and government agencies to enjoy the benefits of removable storage devices while eliminating the liability, customer service, and brand erosion costs associated with data breach incidents. As part of Symantec Endpoint Encryption (SEE), SEE Removable Storage leverages existing IT infrastructures for seamless deployment and operation. SEE Removable Storage provides the industry s most robust and comprehensive integration with Microsoft Active Directory for fast, simple deployment of endpoint data protection controls in a familiar administrative environment. What s New What s New in Version 8.2.1 Device Exclusion List Increased The number of devices the administrator can now exclude in the device exclusion list has increased from 20 to 50. In addition, wild card support has been added so administrators can exclude all devices from a vendor. Able to encrypt multiple files/folders Users can now encrypt multiple files and/or folders at a time using the Windows Access Utility. What s New in Version 8.2.0 Device Session Default Password If allowed by policy, users can now set a default password that lasts as long as the device remains connected or until the user logs off of Windows. Removable Storage Access Utility Distribution Administrators can now choose whether to distribute the Removable Storage Access Utility for Mac OS X, the Removable Storage Access Utility for Windows, or both. CD/DVD Burner Blocking Symantec Endpoint Encryption Device Control can now block all CD/DVD burning applications except the Removable Storage CD/DVD Burner application, ensuring enforcement of Removable Storage policy on optical media. Requires separate Symantec Endpoint Encryption Device Control application. esata Removable Storage now protects esata drives. USB 3.0 USB 3.0 ports and devices are now supported. Multi-Factor Authentication Enhancements This release of Removable Storage features the following enhancements to multi-factor Client Console authentication.

Additional Readers Supported ExpressCard smart card readers and Argus 3015 USB 2.0 Dual Card Reader (smart card slot only). Additional Smart Cards Tested Oberthur ID-One Cosmo 64 v5.2d Fast ATR with PIV application SDK, Oberthur ID-One 128K v5.5 (dual), and HID Crescendo C700. Additional Software Supported SafeSign Identity Client v3.0.40 and VeriSign PKI Client v1.5. Additional Data Model Supported SafeSign v2.1. Resolved Issues For a list of issues that have been resolved in this release, please go to the Symantec Knowledgebase and search for TECH184842, "SEE Removable Storage Resolved Issues." Installation Notes Symantec Endpoint Encryption Framework 8.2.1 is only compatible with SEE Removable Storage 8.2.1 and SEE Full Disk 8.2.1. If you are running SEE Full Disk and plan to upgrade to SEE Removable Storage 8.2.1, you must also upgrade to SEE Full Disk 8.2.1. Known Issues Compatibility Number Third Party Product Description Workaround 2745537 Microsoft BitLocker After providing Microsoft BitLocker password, the drive gets unlocked but attempts to open the partition results in an "Access is denied" error. Do not install SEE Removable Storage on a system encrypted with Microsoft BitLocker. MA20688/2547597 Symantec Backup Exec Attempts to restore from backup may fail with the message, Errors exist. Remove and reinsert device. MA24144/2551052 Microsoft Security Essentials (MSE) After clicking to open an encrypted file, users may see XML code instead of the file contents. Remove and reinsert device. To prevent the issue from recurring, disable the MSE realtime protection feature. MA21710/2548617 Windows Live File System If the user chooses to format a CD/DVD using the Windows Live File System, the existing encryption policy will be enforced on the CD/DVD but the automatic copying of the Removable Storage Access Utility will not. Users should insert a regular USB flash drive to obtain the Removable Storage Access Utility. Users can use the Removable Storage Access Utility from the alternate media to decrypt the CD/DVD. MA22034/2549209 Windows Server 2008 The CD/DVD burner bundled with Windows Server 2008 enforces Removable Storage encryption policies. Page 2 of 10

Number Third Party Product Description Workaround MA21835/2548742 MA21950/2548858 MA20908/2547817 Volume Shadow Service (VSS) Administrators may experience intermittent failures with Windows programs that make use of Volume Shadow Service (VSS) on Symantec Endpoint Encryption Removable Storage protected computers with operating systems other than Windows XP. Try again. MA11594/2538616 Anti-Virus Tools If an antivirus program scans a removable storage device, multiple password prompts may be generated. Enable group key, set Default Password, or set Default Certificate(s). MA11146/2538170 SanDisk U3 Software The use of SanDisk s built-in U3 software to download U3 applications is not supported. MA12322/2539344 Media Transport Protocol (MTP) Policies will not be enforced on devices that are in Media Transport Protocol (MTP) mode. MA14639/2541591 Roxio Easy Media Creator If the encryption policy is set to Encrypt all and the disc is formatted with Roxio Drag-to- Disc, files dragged and dropped to CD/DVD using Windows Explorer will be encrypted. Installation/Upgrade 2645266 With the increase in the number of devices that can be excluded from encryption in version 8.2.1, the Device Exclusions panel in Installation Settings, Group Policy Objects (GPOs), and Native Policies now takes longer to load. MA24186/2551094 MA23202/2550104 If an esata or USB 3.0 drive was connected during the installation of Full Disk and Removable Storage, the message Update Settings failed appears following the post-installation reboot. Novell users with Single Sign-On enabled are no longer logged onto Novell automatically following an upgrade from Symantec Endpoint Encryption Full Disk 7.0.7 or earlier or GuardianEdge Hard Disk 9.5.1 Patch 1 or earlier. Shut the computer down. Remove the drive. Power on. Users must log on to the User Client Console, open the Novell SSO panel, select the Turn on Single Sign-On to Novell Netware check box, and click OK. Page 3 of 10

MA22161/2549066 MA20747/2547656 If a custom destination folder was chosen during the installation of GuardianEdge Management Server 9.2.2, 9.2.1, or 9.2.0, the default path shown in the Destination Folder page during the upgrade to 7.0.7 will be missing the final subdirectory. For example, if you chose C:\GuardianEdge\Management Server\ for your original installation files, C:\GuardianEdge will be the default. If a local instance is selected during the installation of the Symantec Endpoint Encryption Management Server, the Symantec Endpoint Encryption Management Server uninstallation will fail with the message, Could not connect to Microsoft SQL Server. Click Change and navigate to the desired destination of the Symantec Endpoint Encryption Management Server files. Locate the GEServerConfig.xml file on the Symantec Endpoint Encryption Management Server machine. Find (local). Replace with the computer name of the Symantec Endpoint Encryption Management Server machine. Save and close the file. Try the uninstall again. Manager Console MA21307/2548215 MA16623/2543556 If an XPS print job is canceled, the following error may be displayed, The data area passed to a system call is too small. Deploying an Active Directory policy that contains a change to the Client Administrator settings from an Symantec Endpoint Encryption 6.1.0 or later Manager to Symantec Endpoint Encryption 6.0.0 or earlier and/or GuardianEdge 8.5.3 or earlier clients will result in a failure of the new Client Administrator policy to be applied, a deletion of all existing Client Administrator policies, and a return to the Client Administrators specified in the original installation settings. When deploying an Active Directory policy from a 6.0.0 or earlier Manager, add the following WMI filter: Select * FROM Win32_Product WHERE (name= Symantec Endpoint Encryption Framework Client AND Version <= 6.0.0 ) OR (name= GuardianEdge Framework Client OR name= Encryption Anywhere Framework Client ) AND version <= 8.5.3 )) When deploying an Active Directory policy from a 6.1.0 or later Manager, add the following WMI filter: Select * FROM Win32_Product WHERE (name = Symantec Endpoint Encryption Framework Client AND version > "6.1.0") OR (name = GuardianEdge Framework Client AND version > "9.0.0") Page 4 of 10

Microsoft Office Files MA21207/2548115 After a user opens and attempts to save a previously encrypted Microsoft Office 2003 or 2007 file residing on removable media other than CD/DVD when an Encrypt to CD/DVD only policy is in place, a permission denied error will occur. The user should select Save As instead of Save. Removable Storage Access Utility MA21347/2548255 MA21392/2548301 MA21252/2548160 MA18663/2545574 MA17816/2544732 MA17526/2544444 MA18337/2545251 MA17454/2544372 MA18230/2545144 The device must have free space equivalent to twice the size of each file to be encrypted to accomplish encryption using the Removable Storage Access Utility. If a Mac OS X user adds a file or folder to the device, declines to encrypt it, then chooses to encrypt it later, the file may show a status of No in the Encrypted column and be inaccessible. Users will be unable to launch the Removable Storage Access Utility from Mac OS X computers if the RSMacAccessUtility.dmg file or the Mac Access Utility folder was renamed. The Removable Storage Access Utility will not be copied automatically to CompactFlash cards inserted into multi-card readers after Windows has loaded. Upon closing the Removable Storage Access Utility on a PC, users will not be prompted to encrypt unencrypted files if the files were added to the device using Windows Explorer or using the Send to right-click menu option. Users may be able to copy two files or folders of the same name to a removable storage device using Windows Explorer or the Send to right-click menu option on a PC. When an Encrypt all policy is enforced in conjunction with the writing of the Removable Storage Access Utility to all devices, users may receive a Write Failed message after clicking Continue or Limited Access on the pre-existing files warning message and a 0 byte Autorun.inf file will be copied to their device. Remove and reinsert the device. Rename the folder to Mac Access Utility. Rename the file to RSMacAccessUtility.dmg. Try again. Power down, insert the card, and power on. Users should use the Removable Storage Access Utility to add files to their removable storage devices, not Windows Explorer. Users should be instructed to ignore these messages and occurrences. Page 5 of 10

esata Drives MA23780/2550684 MA23836/2550740 MA23695/2550599 Attempts to launch the Removable Storage Access Utility from an esata drive connected using any port other than an esata port that was built into the original computer will fail. Removable Storage blocks access to esata drives connected using ports other than esata ports that were built into the original computer. File Decryption/Encryption MA23099/2550002 MA20076/2546984 MA21512/2548422 MA16902/2543829 MA24174/2551082 Due to Windows limitations, self-extracting executables larger than 4 GB fail to extract with the message, file name.exe is not a valid Win32 application. Users may be unable to decrypt files encrypted by the Removable Storage Access Utility from a Symantec Endpoint Encryption Removable Storage protected machine if the device is of a sector size other than 512 bytes. Browsing the contents of removable storage devices using Windows Explorer, users may receive repeated decryption prompts for thumbs.db and image files when Thumbnails or Filmstrip is selected from the Windows Explorer View menu. After upgrading to Symantec Endpoint Encryption from a GuardianEdge version, users cannot decrypt files encrypted under a Certificates only policy. Users should not create a selfextracting executable larger than 4 GB. If the file was encrypted on a PC, you can use the Removable Storage Access Utility on a PC to decrypt the files. The user should set a Default Password or Default Certificate(s) or else avoid viewing removable storage device files in these modes. Use the Removable Storage Access Utility of the version that you upgrade from to decrypt the files. Device Session Default Passwords MA23786/2550690 MA23801/2550705 Removal of MultiMediaCards and Secure Digital cards does not result in the deletion of the Device Session Default Password. A policy that allows users to set Device Session Default Passwords may occasionally prevent Removable Storage from caching decryption passwords on NTFS-formatted external hard drives. Removable Storage may occasionally fail to set Device Session Default Passwords on NTFSformatted external hard drives. Users must remove the device from the computer to clear the Device Session Default Password. Remove and reinsert the device. Page 6 of 10

MA23794/2550698 Removable Storage does not log an event in the Windows System Event Log when it fails to set the Device Session Default Password. itunes Synchronization MA20798/2547707 MA20803/2547712 MA20804/2547713 MA20895/2547804 MA20893/2547802 MA20902/2547811 Users who have synchronized photos from a machine not protected by Symantec Endpoint Encryption Removable Storage may experience encryption of the photos upon inserting the ipod Classic or Nano into a Symantec Endpoint Encryption Removable Storage protected machine when an Encrypt all policy is in place. If an Encrypt all or Encrypt new policy is in place and the user places files in the Calendar, Contacts, Notes, Recordings, or Photos directories of their ipod Classic or Nano using itunes, these files will be encrypted by Symantec Endpoint Encryption Removable Storage. Encrypted files will not be visible once the ipod is detached from the Symantec Endpoint Encryption Removable Storage protected machine. If a user does not have itunes closed when they plug in their ipod, synchronization may fail. The user must resynchronize the ipod from the machine not protected by Symantec Endpoint Encryption Removable Storage. Users must return to the Symantec Endpoint Encryption Removable Storage protected machine to view the content. Restore the ipod to its factory settings from a machine not protected by Symantec Endpoint Encryption Removable Storage. Ensure that users remember to close itunes before plugging in their ipod. File Icons MA16932/2543859 If the key for an encrypted EXE file is not available, the file may bear the icon of an unassociated file. Ignore the incorrect icon display. Safely Remove Hardware MA15648/2542592 Under an Encrypt all policy on Windows XP SP1 and SP2 endpoints, if Continue is selected on the limited access message and the device contains both encrypted and unencrypted files, selection of Safely Remove Hardware from the Windows notification area may occasionally produce a message that the device cannot be removed. Upgrade to Windows XP SP3. Page 7 of 10

MA20831/2547740 ipod Classic, Nano, and Shuffle devices cannot be safely removed. CD/DVD MA23901/2550808 MA15003/2541951 The CD/DVD Burner application fails to cache the decryption password if an installation setting or policy is in place that allows users to set Device Session Default Passwords. If a CD or DVD is in the drive when the user registers, the user will be unable to read the CD/DVD following registration. Log off Windows or reboot. Novell Logon MA19876/2546784 Users will have to log on to Novell and Windows separately following the installation of Symantec Endpoint Encryption Removable Storage, if Symantec Endpoint Encryption Full Disk is not also installed. Section 508 MA16937/2543864 JAWS does not always announce all of the information displayed within the Registration wizard and User Client consoles. Users should follow these steps: 1. Press INSERT+F9. 2. Select the frame that is of interest from the resultant Frames List dialog. 3. Click OK. 4. Press P. If this doesn t work, restart JAWS and try the steps again. Technical Support Symantec Technical Support maintains support centers globally. Technical Support s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates. Page 8 of 10

Symantec s support offerings include the following: A range of support options that give you the flexibility to select the right amount of service for any size organization Telephone and/or Web-based support that provides rapid response and up-to-the-minute information Upgrade assurance that delivers software upgrades Global support purchased on a regional business hours or 24 hours a day, 7 days a week basis Premium service offerings that include Account Management Services For information about Symantec s support offerings, you can visit our Web site at the following URL: http://www.symantec.com/business/support/ All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy. Contacting Technical Support Customers with a current support agreement may access Technical Support information at the following URL: http://www.symantec.com/business/support/ Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem. When you contact Technical Support, please have the following information available: Product release level Hardware information Available memory, disk space, and NIC information Operating system Version and patch level Network topology Router, gateway, and IP address information Problem description: Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes Licensing and registration If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: http://www.symantec.com/business/support/ Customer service Customer service information is available at the following URL: http://www.symantec.com/business/support/ Customer Service is available to assist with non-technical questions, such as the following types of issues: Questions regarding product licensing or serialization Page 9 of 10

Product registration updates, such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades Information about upgrade assurance and support contracts Information about the Symantec Buying Programs Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs or manuals Support agreement resources If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows: Asia-Pacific and Japan Europe, Middle-East, Africa North America, Latin America customercare_apac@symantec.com semea@symantec.com supportsolutions@symantec.com Copyright and Trademarks Copyright (c) 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. Page 10 of 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information