Reference Guide
Security Management Server v10.2.7 AdminHelp
143
Full Disk Encryption (FDE)
On
Off
Toggle to ON to enable all full disk
encryption policies. If this policy is
toggled to OFF, no full disk
encryption takes place, regardless
of other policy values.
On means that all Full Disk
Encryption policies are enabled.
Changing the value of this policy
triggers a new sweep to
encrypt/decrypt files.
Encryption Algorithm AES 256
AES 256, AES 128, FIPS AES 256,
FIPS AES 128
Encryption algorithm used for Full
Disk Encryption.
Encryption Mode CBC
CBC, XTS
Encryption mode used for Full Disk
Encryption.
Enable FDE Plugin Selected
The plugin must remain selected.
To deactivate the PBA and disable
full disk encryption, toggle the Full
Disk Encryption policy to OFF.
Self-Encrypting Drive (SED)
This technology manages self-encrypting drives (SEDs). Authentication by users through a Pre-Boot
Authentication environment (before the operating system has booted) is required to unlock the drive.
Self-Encrypting Drive (SED) Off
On
Off
Enable this policy to provision the
PBA. If disabled after the PBA is
provisioned, the PBA is de-
provisioned and the PBA database
is deleted. Re-enabling this policy
re-provisions the PBA and re-
creates the PBA database.
See advanced settings
Policy Default Setting Description
Policy-Based Encryption
This technology uses Dell's proprietary data centric encryption to allow user data and computer
encryption. This allows greater protection over individual data than traditional full disk encryption, by
limiting access on a computer to only what a user is authorized to view.
Policy-Based Encryption Off
On
Off
Toggle to ON to enable all policy-
based encryption policies. If this
policy is toggled to OFF, no policy-
based encryption takes place,
regardless of other policy values.
On means that all Policy-Based
Encryption policies are enabled.
Changing the value of this policy
triggers a new sweep to
encrypt/decrypt files.
Application Data Encryption Key
Common
Common, User, User Roaming