Compatibility with Encryption Products



Similar documents
Backups and Repository Maintenance

4cast Client Specification and Installation

Symantec Endpoint Encryption Full Disk

Microsoft SQL 2008 / R2 Configuration Guide

Version Provance Technologies, Inc. All rights reserved. Provance Technologies Inc. 85 Bellehumeur Gatineau, Quebec CANADA J8T 8B7

Dell Statistica Document Management System (SDMS) Installation Instructions

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

Symantec AntiVirus Corporate Edition Patch Update

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

Sophos Disk Encryption License migration guide. Product version: 5.61 Document date: June 2012

Sophos Enterprise Console server to server migration guide. Product version: 5.1 Document date: June 2012

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

SafeGuard Enterprise upgrade guide. Product version: 6.1

Check Point FDE integration with Digipass Key devices

Universal Management Service 2015

Specops Command. Installation Guide

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Administrator s Guide to deploying Engagement across multiple computers in a network using Microsoft Active Directory

SafeGuard Enterprise upgrade guide. Product version: 7

DriveLock Quick Start Guide

CTERA Agent for Windows

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Dell Statistica Statistica Enterprise Installation Instructions

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Archive Add-in Administrator Guide

Sophos Enterprise Console server to server migration guide. Product version: 5.2

Project management integrated into Outlook

Project management integrated into Outlook

In the same spirit, our QuickBooks 2008 Software Installation Guide has been completely revised as well.

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

How To Install Outlook Addin On A 32 Bit Computer

Adobe Acrobat 9 Deployment on Microsoft Systems Management

Microsoft Corporation. Status: Preliminary documentation

Foxit Reader Deployment and Configuration

Acronis Backup & Recovery 11.5

Acronis Backup & Recovery 11

SQL 2014 Configuration Guide

SafeGuard Enterprise Web Helpdesk. Product version: 6.1

Dell DR4000 Disk Backup System. Introduction to the Dell DR4000 Restore Manager A primer for creating and using a Restore Manager USB flash drive

For Active Directory Installation Guide

Active Directory Change Notifier Quick Start Guide

Thirtyseven4 Endpoint Security (EPS) Upgrading Instructions

Automating client deployment

Installation Guide for Pulse on Windows Server 2012

safend a w a v e s y s t e m s c o m p a n y

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Nexio Connectus Cluster Set Up with SQL Server Backend

Sophos Cloud Migration Tool Help. Product version: 1.0

Password Manager Windows Desktop Client

SafeGuard PortProtector 3.30 SP6 Installation guide

Installation Instructions Release Version 15.0 January 30 th, 2011

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

WINDOWS SERVER 2008 OFFLINE SYSTEM RECOVERY USING WINDOWS SERVER BACKUP WITH NETWORKER

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Egress Switch Client Deployment Guide V4.x

Foxit Reader Deployment and Configuration

Preparing Your Server for an MDsuite Installation

HP MediaSmart Server Software Upgrade from v.2 to v.3

User Guide. CTERA Agent. August 2011 Version 3.0

VERITAS Backup Exec TM 10.0 for Windows Servers

Version 5.0. SurfControl Web Filter for Citrix Installation Guide for Service Pack 2

Full Disk Encryption Agent Reference

CA Nimsoft Monitor. Probe Guide for Active Directory Response. ad_response v1.6 series

Remote Media Encryption Log Management

SafeGuard Enterprise Web Helpdesk

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Migrating MSDE to Microsoft SQL 2008 R2 Express

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Booting Live Backup Disaster Recovery over the Network

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

XMap 7 Administration Guide. Last updated on 12/13/2009

Global VPN Client Getting Started Guide

Software License Registration Guide

Lepide Event Log Manager: Installation Guide. Installation Guide. Lepide Event Log Manager. Lepide Software Private Limited

Installation & Activation Guide. Lepide Active Directory Self Service

Dream Report Version 4.5

Acronis Backup & Recovery 11.5 Quick Start Guide

CTERA Agent for Windows

BDR for ShadowProtect Solution Guide and Best Practices

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

Installing RMFT on an MS Cluster

WinMagic Encryption Software Installation and Configuration

Active Directory 2008 Operations

SafeGuard Easy upgrade guide. Product version: 7

EVault for Data Protection Manager. Course 301 Server Protection with DPM File and System State

LifeSize Control Installation Guide

Acronis Backup & Recovery 11

Xcalibur Global Version 1.2 Installation Guide Document Version 3.0

VirtualXP Users Guide

Colligo Engage Windows App 7.0. Administrator s Guide

Installing Microsoft Exchange Integration for LifeSize Control

XEROX, The Document Company, the stylized X, and the identifying product names and numbers herein are trademarks of XEROX CORPORATION.

White Paper. Deployment of ActiveX Controls via Microsoft Windows Active Directory. Fabasoft Folio 2015 Update Rollup 2

Downloading and Mass Deploying Applications

Wise Package Studio 8.0 MR1 Release Notes

Abila MIP. Installation User's Guide

PowerMapper/SortSite Desktop Deployment Guide v Introduction

Transcription:

Technical Brief Compatibility with Encryption Products Overview The purpose of this document is to describe the integration between Persystent Suite 4.5 and disk encryption products such as McAfee Endpoint Device Encryption, GuardianEdge Hard Disk Encryption, WinMagic SecureDoc Disk Encryption, PGP Desktop Whole Disk Encryption, and Sophos Safeguard Enterprise Device Encryption. Compatibility Persystent Suite 4.5 has been tested and is compatible with only the following versions of third party products: McAfee Endpoint Device Encryption (5.2.4) GuardianEdge Hard Disk Encryption (9.5.0) WinMagic SecureDoc Disk Encryption (4.6) PGP Desktop Whole Disk Encryption (10.0.0) Sophos Safeguard Enterprise Device Encryption (5.4) Best Practices While it is not required to have a separate server when setting up Persystent Suite 4.5 with disk encryption technologies, it is recommended that you use a separate server for clients that will be using encryption technologies. By doing this, you ensure that all functions of Persystent Suite are available to clients that are not using encryption technologies. Persystent Suite must be installed before any encryption product is installed on the client. If encryption software is currently installed it must be uninstalled prior to installing Persystent Suite. Please note that a computer cannot be PXE booted once encryption is installed, unless you are trying to rebuild the computer. Offline mode must be used to ensure correct operation with encrypted disks. 1

Implementation Enabling Encryption Compatibility: Server Install The first thing you want to do when installing Persystent Suite 4.5 with disk encryption technologies is to select the supported product from the dropdown menu in the server installer as seen below. After choosing the product and installing the server, the next step is only needed if you are using a separate server for your encryption clients. Enabling Encryption Compatibility: WebUI In addition to being able to set encryption compatibility during the server install, the setting can later be changed through the WebUI. To do this: 1. Launch the WebUI web console by clicking Start All Programs Persystent Persystent Suite WebUI. 2. Log into the web console. 3. In the left navigation pane under Servers select the server that will be encryption compatible. 4. In the main navigation area select the Manage tab. 5. Under the Server section locate Encryption Compatibility dropdown box. Select the encryption product that you wish to use in conjunction with Suite. 6. Click Save. 2

WebUI Repair Configuration You will need to make a few changes to the WebUI configuration to support disk encryption products. With encryption, if you are not using a separate server then it is recommended to assign those clients to a specific group, and to set the repair mode to OS Secure if you want to enable repair policies on the computers. If you assign System Secure or System Secure Profile Safe repair, you will need to define filters for the encrypted systems so that they will be properly protected on a System Secure repair. CAUTION Failure to define these filters and repairing the system with System Secure or System Secure Profile Safe will render the client systems inoperable on any repair event. The only way to recover the data is to use the encryption manufacturer s recovery methods. Including and Filtering Encryption Keys Persystent recommends that you include the encryption keys in your Repair Points, and then filter them out so that they are not repaired. The following are the basic steps to include and filter files. Repair Point Includes Configuration 1. Launch the WebUI web console by clicking Start All Programs Persystent Persystent Suite WebUI. 2. Log into the web console. 3. In the left navigation select Filters. 4. Under File Filters select the Include Files- Folders filter. 5. In the File Path field enter the path to the file or folder to be included in the Repair Point. 6. Click Add. 7. Repeat steps 5-6 as necessary for additional files or folder. 3

Repair Point Filter Configuration 1. Launch the WebUI web console by clicking Start All Programs Persystent Persystent Suite WebUI. 2. Log into the web console. 3. In the left navigation select Filters. 4. Under File Filters select the Exclude from Repair filter. 5. In the File Path field enter the path to the file or folder to be excluded from repair. 6. Click Add. 7. Repeat steps 5-6 as necessary for additional files or folder. TIP When typing paths, it is not necessary to type c:\ and the paths are not case sensitive. All backward slashes will be converted to forward slashes. Encryption Keys The following are encryption keys that should be included in a Repair Point and then filtered so that they are not repaired. McAfee Endpoint Device Encryption Configuration The following file should be backed up and excluded from repair: Safeboot.fs Safeboot.rsv The default location of these files is the root of the C drive Drive. If the files are not located on the root of the C drive, consult the McAfee Endpoint Device Encryption setup for more information on the location of these files. GuardianEdge Hard Disk Encryption Configuration The following files should be backed up and excluded from repair: EP0.vol, EP1.vol, EP2.vol, EP3.vol, EP4.vol, EP5.vol The default location of these files is the root of the C drive. If the files are not located on the root of the C drive, consult the GuardianEdge documentation for more information on the location of these files 4

WinMagic SecureDoc Configuration The following file should be backed up and excluded from repair: C:\MyKey.dkb (MyKey represents the name of the key that was entered during installation) The default location of this file is the root of the C drive. If the file is not located on the root of the C drive, consult the WinMagic documentation for more information on the location of this file. PGP Desktop Whole Disk Encryption Configuration The following files should be backed up and excluded from repair: C:\PGPWDExx (xx represents a two digit number) C:\Users\<User>\Documents\PGP (Windows Vista and 7) C:\Documents and Settings\<User>\My Documents\PGP (Windows XP) pubring.pkr pubring-bak.pkr secring.skr secring-bak.skr The above locations are the default locations for the key files. If the files are not located there, consult the PGP Desktop documentation for more information on the location of these files. Sophos Safeguard Enterprise Device Encryption Configuration No extra filters are needed to support Sophos Safeguard Enterprise Device and Persystent Suite 4.5. Client Configuration and Installation In Persystent Suite 4.5, we support full disk encryption from the supported vendors list, and only if clients exist in Persystent Suite and are in offline mode before installing encryption software. 5

Preparing Encryption Clients This part of the guide will explain the process of inheriting the client that is going to be running full disk encryption into Persystent Suite, and then proceeding with the encryption software install. The first step is to launch the Offline Inherit MSI Builder: 1. Launch the Client MSI Generator by clicking Start All Programs Persystent Client MSI Generator. 2. Choose Create Offline Inherit MSI from the list. Click Next. Once the MSI is launched you will want to select the server the client will join and the group that the computer will belong to. You are also given the option to run any Client Build Tasks that you have defined such as creating a repair point or joining a domain. Inheriting Clients After you have built the MSI, you will want to install it on your target systems using your preferred installation method (the MSI does support silent installs and most basic msiexec switches, so you can use group policy if you choose), and reboot. As soon as the computer is done rebooting, check the Persystent WebUI to verify it is joined to the correct server and group and the client is in Offline Mode. To verify the client is in offline mode, click the computer name in the WebUI and check the Pre-Boot tab. If Offline Mode says yes then you are ready to proceed with installing your full disk encryption software, and encrypting the hard drive of the client computer. Deploying Base Image and Configuring Encryption Deploy base image to the clients using either Client Build Screen or Scheduled task. Make sure that a repair point is created and Offline mode is set after installing base image. As soon as the client is finished building, check the Persystent WebUI to verify that the client is in offline mode. To verify the client is in offline mode, click the computer name in the WebUI and check the Pre-Boot tab. If Offline Mode says yes then you are ready to proceed with installing your full disk encryption software, and encrypting the hard drive of the client computer. 6

Utopic Software 1215 East 6 th Ave. Tampa, FL 33605 Phone: (813) 444-2231 Fax: (813) 421-6523 Email: Sales@UtopicSoftware.com Web Site: www.utopicsoftware.com Copyright 2011 Utopic Software, LLC. All rights reserved. Printed in the United States of America. Information in this document is subject to change without notice. Utopic Software makes no warranties, express, implied, or statutory, as to the information in this document. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, without written permission of Utopic Software, LLC 1215 East 6 th Ave., Tampa, FL 33605, except as specified in the Product Warranty and License Terms. Utopic Software, LLC logos are registered trademarks; Persystent Suite is a trademark of Utopic Software, LLC. Microsoft, Windows Server 2008, Windows Server 2003, Windows XP, Windows Vista, Windows 7, Active Directory, SQL Server, SQL Express, and.net are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other registered trademarks and service marks mentioned are the property of their respective owner. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information