Reference Guide

Security Management Server v10.2.10 AdminHelp

No Policy - Initial policy has not been received so the plugin is not actively enforcing any policy.

This is only relevant the very first time you install the Manager client. Manager does not start a

plugin until an initial policy is received from the Dell Server, versus starting the plugin with some

default policy placed on the client during install. After an initial policy has been received from the

Dell Server, via the activation process, plugins are always started with the last policy the client is

aware of.

Waiting For Escrow - Manager is waiting for keys to escrow

Waiting For Server Public Key - Manager is waiting for public key to proceed with activation

No Opal Drive Present - Manager did not detect an OPAL drive

Plugin Version - The version of the plugin, which is taken from the plugin's version information

Vendor version - The version of the underlying framework. For example, BitLocker is Microsoft’s

technology, therefore Vendor Version is Microsoft's version for BitLocker.

Threat Protection Detail (Windows only)

Scan Engine Version - Lists the version of the engine that performed the last scan.

DAT File Version - Lists the version of the DAT file.

Last Scan Started - Date/time stamp that the last scan was started.

Last Scan Completed - Date/time stamp that the last scan was completed.

Advanced Threat Prevention Detail

Device ID - Lists the identifier of the device as it pertains to Advanced Threat Prevention.

Agent Version - Lists the version of the agent.

Update Date - Date/time stamp that the agent was updated.

Provisioned Date - Date/time stamp that the client was provisioned.

FDE Device Control (Windows only)

Current State of the Endpoint - Unlocked or Locked

Commands:

PBA commands for a specific endpoint are carried out in the PBA Device Control area. Each command

has a priority ranking. A command with a higher priority rank cancels commands of lower priorities in the

enforcement queue. For a list of command priority rankings, see

Priority of Commands for Self-

Encrypting Drives.

Lock - Locks the PBA screen and prevents any user from logging into the computer.

Unlock - Unlocks the PBA screen after it has been locked on this endpoint, either by sending a Lock

command or by exceeding the maximum number of authentications attempts allowed by policy.

Remove Users - Removes all users from the PBA.

Bypass Login - Bypasses the PBA screen one time to allow a user into the computer without

authenticating. The user will still need to login to Windows after PBA has been bypassed.

Wipe - The Wipe command functions as a “restore to factory state” for the FDE drive. The Wipe

command can be used to re-purpose a computer or, in an emergency situation, wipe the computer,

making the data permanently unrecoverable. When the wipe command is consumed by the client, all

history and details about this endpoint are removed from the Dell Server. Ensure that this is the desired

behavior before invoking this command.