Manualshelf

Install Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise
21222324252627282930
Windows Operating Systems (32- and 64-bit)
NOTE:
NVMe self-encrypting drives are not supported with Windows 7.
Windows 8.1: Enterprise, Pro
Windows 10: Education, Enterprise, Pro v1803-v20H2 (April 2018 Update/Redstone 4 - October 2020 Update/20H2)
Note: Windows 10 v2004 (May 2020 Update/20H1) does not support 32-bit architecture. For more information, see
https://docs.microsoft.com/windows-hardware/design/minimum/minimum-hardware-requirements-overview
Windows 10 2016 LTSB
Windows 10 2019 LTSC
Localization
SED Manager is a multilingual user interface compliant and is localized the following languages. UEFI mode and PBA advanced
authentication are supported in the following languages:
Language Support
EN - English JA - Japanese
FR - French KO - Korean
IT - Italian PT-BR - Portuguese, Brazilian
DE - German PT-PT - Portuguese, Portugal (Iberian)
ES - Spanish
BitLocker Manager
Consider reviewing Microsoft BitLocker requirements if BitLocker is not yet deployed in your environment,
Ensure that the PBA partition is already set up. If BitLocker Manager is installed before the PBA partition is set up, BitLocker
cannot be enabled and BitLocker Manager will not be operational. See Pre-Installation Configuration to Set Up a BitLocker
PBA Partition.
A Dell Server is required to use BitLocker Manager.
Ensure a signing certificate is available within the database. For more information, see KB article SLN307028.
The keyboard, mouse, and video components must be directly connected to the computer. Do not use a KVM switch to
manage peripherals as the KVM switch can interfere with the computer's ability to properly identify hardware.
Turn on and enable the TPM. BitLocker Manager takes ownership of the TPM and does not require a reboot. However, if a
TPM ownership already exists, BitLocker Manager begins the encryption setup process (no restart is required). The point is
that the TPM must be owned and enabled.
The BitLocker Manager uses the approved AES FIPS validated algorithms if FIPS mode is enabled for the GPO security
setting "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" on the device and you
manage that device via our product. BitLocker Manager does not force this mode as default for BitLocker-encrypted clients
because Microsoft now suggests customers not use their FIPS validated encryption due to numerous issues with application
compatibility, recovery, and media encryption: http://blogs.technet.com.
BitLocker Manager is not supported with Encryption of server operating systems or Advanced Threat Prevention on a server
operating system.
When using a Remote Desktop connection with an endpoint leveraging BitLocker Manager, Dell recommends running any
Remote Desktop sessions in console mode to avoid any UI interaction issues with the existing user session via the following
command:
mstsc /admin /v:<target_ip_address>
The master installer installs these components if not already installed on the target computer. When using the child
installer, you must install these components before installing the clients.
24
Requirements