Administrator Guide
Table Of Contents
- Dell Data Guardian Windows, Mac, Mobile, and Web Administrator Guide v2.9
- Introduction
- Requirements
- Configure and Install Data Guardian on Windows
- Data Guardian Client Registry Settings
- Configure an On-prem Server for Data Guardian
- Install Data Guardian
- Set GPO on Domain Controller to Enable Entitlements
- Uninstall Data Guardian
- View Reports
- Data Guardian Troubleshooting
- Configure and Install Data Guardian on Mac
- Configure and Install Data Guardian for the Web Client
NOTE:
DataGuardianUpdate is used in this example, but you can choose any name.
3. Place the updated executables in the DataGuardianUpdate folder.
4. Create a versions.xml file in the DataGuardianUpdate folder.
5. Open versions.xml with a text editor and verify the file name path is correct for your environment.
Sample:
<?xml version="1.0"?>
<VERSIONS>
<VERSION arch="x86" product="sl" version="0.x.x.xxxx" filename="/setup32.exe"/>
<VERSION arch="x64" product="sl" version="0.x.x.xxxx" filename="/setup64.exe"/>
</VERSIONS>
Version: File version of the updated executables
setup.exe file name: The setup name of the executables is user-defined but must match the setup name in the messages.properties
file. (See
step 3 in Configure the Security Server to Allow Data Guardian Client Downloads.)
6. Save and close the file.
7. Add the binaries to this folder.
8. If using IIS, restart IIS.
9. As a Dell administrator, log in to the Management Console.
10. In the left pane, click Populations > Enterprise, and the Security Policies tab displays.
11. In the Data Guardian technology group, click Cloud Encryption > Show advanced settings.
12. Scroll to the Software Update Server URL policy and enter https://<YOUR HOST URL > /DataGuardianUpdate.
NOTE:
DataGuardianUpdate is only an example to match the example above.
13. Click Save to store the policy modification in the queue to commit.
14. Click Management > Commit.
15. Enter a comment and click Commit Policies.
Re-image a Computer with Data Guardian Installed
If a computer needs to be re-imaged and has Data Guardian installed, ask the user if they have worked offline and created any protected
Office documents while offline. If so, offline keys were generated for those documents and those keys have not been escrowed to the Dell
Server.
1. For information on recovering Data Guardian offline-generated keys that were not escrowed to the Dell Server, see the Recovery
Guide.
2. Check for an offline keys folder before a re-image of the computer.
When the first escrow keys are created, a Data Guardian folder is added to C:\Program Files\Dell. Navigate to the Data Guardian >
OfflineKeys folder. If no OfflineKeys folder exists, check the user’s My Documents folder.
Allow/Deny Users on Full Access List/Blacklist
You can determine which external users can register with the Dell Server or Hosted Dell Security Center to use Data Guardian. For
adequate security, be sure to carefully set up and manage these lists.
• An internal user is within the domain.
• An external user is a non-domain user, either a person from another organization with whom an internal user wants to share business-
sensitive documents or an internal user who wants to access their computer from a non-domain device.
To allow a user who is not in the organization's domain to register to use Data Guardian:
1. In the left pane of the Management Console or Dell Security Center, click Management > External User Management.
2. Click Add.
3. Select Registration Access Type:
Blacklist - Blocks registration for a user or a domain. User cannot open a protected Office document or protected file.
14
Configure and Install Data Guardian on Windows