Install Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise

Table Of Contents

Dell Endpoint Security Suite Enterprise Advanced Installation Guide v3.0
Contents
Introduction
- Before You Begin
- Using This Guide
- Contact Dell ProSupport
Requirements
- All Clients
- Encryption
- Full Disk Encryption
- Encryption on Server Operating Systems
- Advanced Threat Prevention
  - Compatibility
- Client Firewall and Web Protection
- SED Manager
- BitLocker Manager
Registry Settings
- Encryption
- Full Disk Encryption
- Advanced Threat Prevention
- SED Manager
- BitLocker Manager
Install Using the Master Installer
- Install Interactively Using the Master Installer
- Install by Command Line Using the Master Installer
Uninstall the Master Installer
- Uninstall the Endpoint Security Suite Enterprise Master Installer
Install Using the Child Installers
- Install Drivers
- Install Encryption
- Install Full Disk Encryption
- Install Encryption on Server Operating System
- Install Advanced Threat Prevention Client
- Install Client Firewall and Web Protection
- Install SED Manager and PBA Advanced Authentication
- Install BitLocker Manager
Uninstall Using the Child Installers
- Uninstall Web Protection and Firewall
- Uninstall Advanced Threat Prevention
- Uninstall Full Disk Encryption
- Uninstall SED Manager
- Uninstall Encryption and Encryption on Server Operating System
- Uninstall BitLocker Manager
Data Security Uninstaller
Commonly Used Scenarios
- Encryption Client and Advanced Threat Prevention
- SED Manager and Encryption External Media
- BitLocker Manager and Encryption External Media
- BitLocker Manager and Advanced Threat Prevention
Provision a Tenant
- Provision a Tenant
Configure Advanced Threat Prevention Agent Auto Update
Pre-Installation Configuration for SED UEFI, and BitLocker Manager
- Initialize the TPM
- Pre-Installation Configuration for UEFI Computers
- Pre-Installation Configuration to Set Up a BitLocker PBA Partition
Designate the Dell Server through Registry
Extract Child Installers
Configure Key Server
- Services Panel - Add Domain Account User
- Key Server Config File - Add User for Security Management Server Communication
- Services Panel - Restart Key Server Service
- Management Console - Add Forensic Administrator
Use the Administrative Download Utility (CMGAd)
- Use Forensic Mode
- Use Admin Mode
Configure Encryption on a Server Operating System
Configure Deferred Activation
- Deferred Activation Customization
- Prepare the Computer for Installation
- Install Encryption with Deferred Activation
- Activate Encryption with Deferred Activation
- Troubleshoot Deferred Activation
Troubleshooting
- All Clients - Troubleshooting
- All Clients - Protection Status
- Dell Encryption Troubleshooting (client and server)
- Advanced Threat Prevention Troubleshooting
- SED Troubleshooting
- Dell ControlVault Drivers
  - Update Dell ControlVault Drivers and Firmware
- UEFI Computers
- TPM and BitLocker
Glossary

Requirements

All Clients

These requirements apply to all clients. Requirements listed in other sections apply to specific clients.

● IT best practices should be followed during deployment. This includes, but is not limited to, controlled test environments for

initial tests, and staggered deployments to users.

● The user account performing the installation/upgrade/uninstallation must be a local or domain administrator user, which can

be temporarily assigned by a deployment tool such as Microsoft SCCM. A non-administrator user that has elevated privileges

is not supported.

● Back up all important data before beginning installation/uninstallation.

● Do not make changes to the computer, including inserting or removing external (USB) drives during installation.

● Administrators should ensure all necessary ports are available.

● Be sure to periodically check dell.com/support for the most current documentation and Technical Advisories.

● The Dell Data Security line of products does not support Windows Insider Preview releases.

Prerequisites

● Microsoft .Net Framework 4.5.2 (or later) is required for the Endpoint Security Suite Enterprise master and child installer's

clients. The installer does not install the Microsoft .Net Framework components.

● To verify the version of Microsoft .Net installed, follow these instructions on the computer targeted for installation. See

these instructions to install Microsoft .Net Framework 4.5.2.

● If installing Encryption in FIPS mode, Microsoft .Net Framework 4.6 is required.

Hardware

● The following table details the minimum supported computer hardware.

Hardware

○ Intel Pentium or AMD Processor

○ 500 MB available disk space

○ 2 GB RAM

NOTE: Additional free disk space is required to encrypt files on the endpoint. Size varies based on enabled policies and

drive capacity.

Localization

● Dell Encryption, SED Manager, PBA advanced authentication, Advanced Threat Prevention, and BitLocker Manager are

multilingual user interface compliant and are localized in the following languages. Advanced Threat Prevention data displayed

in the Management Console is English only.

Language Support

EN - English IT - Italian KO - Korean

ES - Spanish DE - German PT-BR - Portuguese, Brazilian

8 Requirements