Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise
21222324252627282930
6. Click OK.
NOTE:
Keys in the recovery bundle for this drive are now obsolete. You must download a new recovery bundle from the
Management Console.
User Experience
For maximum security, the client software disables the Automatic Login feature of Mac OS X computers.
Additionally, the client software automatically enforces the Mac OS X feature require password after sleep or screen saver
begins. Also, a configurable amount of time is allowed in sleep/screen saver mode before enforcing authentication. The client
software allows a user to set a value up to five minutes before authentication is enforced.
Users can use the computer normally as the encryption sweep progresses. All data on the currently booted system volume is
being encrypted, including the operating system, while the operating system continues to operate.
If the computer is restarted or enters system sleep, the encryption sweep pauses and then automatically resumes after the
restart or wake.
The client software does not support the use of hibernation images, which the Mac OS X Safe Sleep feature uses to wake the
computer if the battery is fully discharged during sleep.
To reduce user impact, the client software automatically updates the system sleep mode to disable hibernation and enforces this
setting. The computer can still enter sleep, but the current system state is maintained only in memory. Therefore, the computer
is fully restarted if completely shut down during sleep, which could occur if the battery runs down or is replaced.
Copy whitelist rule
A hidden menu item allows a user to copy a whitelist rule for removable media.
1. Launch System Preferences and click Dell Encryption Enterprise.
2. Select the Removable Media tab.
3. Right-click a drive row, and simultaneously press the command key.
A hidden menu item displays.
4. Click Copy whitelist rule for the current removable media. The whitelist rule is copied to the Clipboard.
5. Access the Clipboard, copy the whitelist rule, and send it to your administrator.
If the Mac Media Encryption policy is toggled On, data is encrypted, including Thunderbolt drives.
To exclude a device or group of devices to prevent writing encrypted data to the Thunderbolt drive or to Encryption External
Media, use the whitelist rule to modify the values.
Use the complete rule to specify a particular drive for whitelisting, for example:
bus=USB;fstype=HFS+;tbolt=0;size=4006608896;USBPRODUCTNUM=5669;USBPRODNAME=DT101
II;USBVENDORNAME=Kingston;USBVENDORNUM=2385;USBSERNUM=001CC0EC3447AA308699119F
NOTE:
Be sure to replace the sample values with the information for your drive.
NOTE:
You must enable HFS Plus. See Enable HFS Plus.
To exclude SATA devices from Mac Media Encryption policy enforcement when connected via Thunderbolt:
tbolt=1;bus=SATA
You can also whitelist or exclude media from Encryption External Media based on:
Media size
Whitelist rule to exclude large media from Encryption External Media protection:
24
Tasks for the Encryption Client