Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
21222324252627282930
1. Launch System Preferences and click Dell Encryption Enterprise.
2. Select the Removable Media tab.
3. Right-click a drive row, and simultaneously press the command key.
A hidden menu item displays.
4. Click Copy whitelist rule for the current removable media. The whitelist rule is copied to the Clipboard.
5. Access the Clipboard, copy the whitelist rule, and send it to your administrator.
If the Mac Media Encryption policy is toggled On, data is encrypted, including Thunderbolt drives.
To exclude a device or group of devices to prevent writing encrypted data to the Thunderbolt drive or to Encryption External
Media, use the whitelist rule to modify the values.
Use the complete rule to specify a particular drive for whitelisting, for example:
bus=USB;fstype=HFS+;tbolt=0;size=4006608896;USBPRODUCTNUM=5669;USBPRODNAME=DT101
II;USBVENDORNAME=Kingston;USBVENDORNUM=2385;USBSERNUM=001CC0EC3447AA308699119F
NOTE:
Be sure to replace the sample values with the information for your drive.
NOTE:
You must enable HFS Plus. See Enable HFS Plus.
To exclude SATA devices from Mac Media Encryption policy enforcement when connected via Thunderbolt:
tbolt=1;bus=SATA
You can also whitelist or exclude media from Encryption External Media based on:
Media size
Whitelist rule to exclude large media from Encryption External Media protection:
size <op> <size specifier>
<op> can be =, <=, >=, <, >
<size specifier> is of the form decimal integer with an optional suffix from {K, M, G, T} aligned on 1000, not 1024. For
example, to exclude media or a drive greater than 500000000 bytes from Encryption External Media, use one of these:
size >= 500000000
size >= 500000K
size >= 500M
File system type
Whitelist rule:
fstype=<fstype>
<fstype> can be ExFAT, FAT, or HFS+
To exclude both, here is an example for 1TB and greater HFS+ media:
size>=1T;fstype=HFS+
Recovery
Occasionally, you may need access to data on encrypted disks. As a Dell administrator, you can access encrypted disks without
decrypting them, saving you valuable time.
You might need to access a user's encrypted data for many reasons, but a few common use cases are as follows:
Someone leaves the company, and no one knows the password.
A user cannot recall the password.
22
Tasks for the Encryption Client