Users Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

● Forensic key retrieval now proceeds as expected when one or more key_id instances is invalid. [DDPS-4689]

Resolved Customer Issues

● Enabling non-domain activations in the server_config.xml file now succeeds as expected, without regard to case sensitivity

of the value entered for the property, accountType.nonActiveDirectory.enabled. Also, Compatibility Server logs now indicate

when enabling non-domain activation fails due to case-sensitivity issues with the property name, itself. [DDPS-4068]

● An issue is resolved that resulted in a Security Server Java instance failure with the following error message:

EXCEPTION_ACCESS_VIOLATION. [DDPS-4245]

● An issue is resolved that resulted in uncommitted policies that were not initiated by the administrator. [DDPS-4761]

● Added 05/2018- Dell Security Management Server selects policies based on the group in which endpoints are in no longer

instead of arbitrated policies. The group with the highest precedence value succeeds, and no other groups are considered.

[DDPS-5377]

Technical Advisories v9.6

● If the ProgramData folder is open during an upgrade, an error displays: "C:\ProgramData\Del\GateKeeper is unavailable...."

To work around this issue, close the ProgramData folder and click OK in the error dialog. [DDPS-4573]

● When running Compliance Reporter with Google Chrome, the date selection calendar does not display in the Value column

when the Created * field is selected in Filter Fields area of the Report Layout. [DDPS-4691]

● Added 4/2017 - Threat Protection Status categories differ between Remote Management Console Dashboard Notifications

and Email Notification Summaries. Dashboard Notification categories are Critical, Major, Minor, and Warning. Corresponding

email notification categories are Critical, High, Medium, and Low. [DDPS-4802]

New Features and Functionality v9.5

● Added 8/28 - A new policy is added that enables administrators to force Policy-Based Encryption when a SED is detected.

● Dell Enterprise Server now supports Secure Lifecycle. Secure Lifecycle provides data security, wherever it goes - data at

rest, data in motion and data in use - through encryption. Data Loss Prevention (DLP) ensures no data is lost in motion or in

flight, while Data Rights Management (DRM) defines access and usage control. Additionally, file monitoring provides detailed

data usage visibility to support forensics needs. Secure Lifecycle provides security, authority, visibility, and cross-platform

compatibility - all through a single solution - with the following features:

○ Auditing and reporting on file activity, files synced, files accessed by whom, where and when, and compliance reporting.

○ Geolocation with map visualization as well as multiple filtering options for audit events.

○ Enforcement of whitelists/graylists/blacklists of email domains and addresses for control over file sharing.

○ Enforcement of policies for access to cloud services, folders, and applications.

○ Management of key expirations and polling periods.

○ Ability of administrators to monitor all known IP addresses for cloud service providers and match them with the

application process to centrally manage encryption, encryption keys, data recovery, policies and forensics.

Secure Lifecycle Protected Office mode offers enhanced security on Office documents (Word, PowerPoint, and Excel) for

internal users.

○ Files remain encrypted for unauthorized users, for example, when files are attached in email, moved in a web browser or

File Explorer, or stored on removable media.

○ A callback beacon can be inserted into every protected Office file, when the beacon server is installed as part of the

Front End server installation.

● As of v9.4.1.6,Dell Enterprise Server supports Advanced Threat Prevention on Mac computers. Advanced Threat Prevention

provides real-time threat detection by analyzing potential file executions for malware in both the operating system and

memory layers to prevent the delivery of malicious payloads. Control of execution at the endpoint allows for accurate and

effective detection of malicious threats - even those that have never been seen before. Advanced Threat Prevention uses

machine learning techniques that allow detection of new malware, viruses, bots and unknown future variants, where

signatures and sandboxes fail. Memory protection strengthens basic operating system protection features by providing an

additional layer to detect and deny certain behaviors that are commonly used by exploits.

● As of v9.5, Cloud Edition is no longer supported.

Dell Security Management Server Technical Advisories