Manualshelf

Install Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise
21222324252627282930
Windows Operating Systems (32- and 64-bit)
Applications and installation packages signed with SHA1 certificates will function but an error will display on the
endpoint during installation or execution of the application without these updates installed
Windows 8.1: Enterprise, Pro
Windows 10: Education, Enterprise, Pro v1803-v20H2 (April 2018 Update/Redstone 4 - October 2020 Update/20H2)
Note: Windows 10 v2004 (May 2020 Update/20H1) does not support 32-bit architecture. For more information, see
https://docs.microsoft.com/windows-hardware/design/minimum/minimum-hardware-requirements-overview
Windows 10 2016 LTSB
Windows 10 2019 LTSC
SED Manager
The computer must have a wired network connection to successfully install SED Manager.
The computer must have a wired network connection for a smart card user to log in through pre-boot authentication for the
first time.
Third-party credential providers will not function with SED Manager installed and all third-party credential providers will be
disabled when the PBA is enabled.
IPv6 is not supported.
SED Manager is not supported with multi-drive configurations.
SED Manager is not currently supported within virtualized host computers.
Dell Encryption utilizes Intel's encryption instruction sets, Integrated Performance Primitives (IPP). For more information,
see KB article SLN301500.
Be prepared to shut down and restart the computer after you apply policies and are ready to begin enforcing them.
Computers equipped with self-encrypting drives cannot be used with HCA cards. Incompatibilities exist that prevent the
provisioning of the HCA. Dell does not sell computers with self-encrypting drives that support the HCA module. This
unsupported configuration would be an after-market configuration.
If the computer targeted for encryption is equipped with a self-encrypting drive, ensure that the Active Directory option,
User Must Change Password at Next Logon, is disabled. Pre-boot authentication does not support this Active Directory
option.
Dell recommends that you do not change the authentication method after the PBA has been activated. If you must switch to
a different authentication method, you must either:
Remove all the users from the PBA.
or
Deactivate the PBA, change the authentication method, and then re-activate the PBA.
NOTE:
Due to the nature of RAID and SEDs, SED Manager does not support RAID. The issue with RAID=On with SEDs is that
RAID requires access to the disk to read and write RAID-related data at a high sector not available on a locked SED from
start and cannot wait to read this data until after the user is logged on. Change the SATA operation in the BIOS from
RAID=On to AHCI to resolve the issue. If the operating system does not have the AHCI controller drivers pre-installed,
the operating system will crash when switched from RAID=On to AHCI.
Configuration of self-encrypting drives for SED Manager differ between NVMe and non-NVMe (SATA) drives, as follows.
Any NVMe drive that is being leveraged for SED:
The BIOS SATA operation must be set to RAID ON, as SED Manager does not support AHCI on NVMe drives.
The BIOS's boot mode must be UEFI and Legacy option ROMs must be disabled.
Any non-NVMe drive that is being leveraged for SED:
The BIOS SATA operation must be set to AHCI, as SED Manager does not support RAID with non-NVMe drives.
RAID ON is not supported because access to read and write RAID-related data (at a sector that is not available on a
locked non-NVMe drive) is not accessible at start-up, and cannot wait to read this data until after the user is logged
on.
Requirements
21