Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

151

152

153

154

155

156

157

158

159

160

Security Management Server Virtual v10.2.11 AdminHelp

• Encrypt Temporary Internet Files

• Encrypt User Profile Documents (except \All Users\Shared

Documents)

Select:

• Common for User Encrypted Folders to be accessible by all

managed users on the computer where they were created (the

same level of access as Common Encrypted Folders), and

encrypted with the Common encryption algorithm.

More...

The Common encryption algorithm controls the encryption

algorithm for all User Encrypted Folders and overrides any

encryption algorithm selected, including the default User

encryption algorithm. For example, if the Common encryption

algorithm is set to AES 256, all Common and User Encrypted

Files/Folders is encrypted with the AES 256 algorithm.

All other encryption parameters can be selected to override

default settings. For example, if the Encrypt Temporary Files

policy is set to Not Selected, you can override this setting

for any managed user by setting this value to Selected.

Designated User Encrypted Folders use the Common Key,

resulting in all managed users having the key to access any

encrypted files stored in these folders as permitted by

security settings on the operating system.

• User for these files to be accessible only to the user who

created them, only on the computer where they were created

(the same level of access as User Encrypted Folders), and

encrypted with the User Encryption Algorithm.

• User Roaming for these files to be accessible only to the

user who created them, on any encrypted Windows computer, and

encrypted with the User encryption algorithm.

When incorporating an encryption policy to encrypt entire disk

partitions, Dell recommends using the default SDE policy,

rather than Common or User. This ensures that any operating

system files that are encrypted are accessible during times

when the managed user is not logged in.

Policy Proxy

Connections

String

String - maximum of 1500 characters

List fully qualified Policy Proxy hostnames, or IP addresses,

separated by carriage returns. Ports cannot be specified in

this policy.

More...

Once a valid entry is found, the remainder of the Policy

Proxies listed are ignored.

Entries are processed in the following order:

1. GKConnections Override (this registry entry overrides all

other entries)

2. GKConnections (this r

egistry entry is set automatically by

the client, based on the this policy)

3. GK

To override this policy and specify ports via the registry

key, set HKLM\Software\Microsoft\WindowsNT\CurrentVersion\

Winlogon\CMGShield\GKConnectionsOverride.

The client communicates with Policy Proxies using the GKPORT

(the default is 8000).

If necessary, change that port via the registry key

HKLM\SOFTWARE\Microsoft\WindowsNT\Current

Version\Winlogon\CMGShield\GKPort.

Inherited values for this policy accumulate.

For the clie

nt to connect to a Policy Proxy specified in this

policy, it must be in the same group as the Policy Proxy

specified during client installation.

Because the

client supports up to 255 users per computer, this

policy is available only at the Enterprise policy level.

Policy Proxy

360

1-1440 minutes

139