Manualshelf

Users Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise
41424344454647484950
Technical Advisories v1.5
Advanced Threat Prevention v1.5
To block all PowerShell scripts with Advanced Threat Prevention, both the PowerShell and PowerShell Console policies must
be set to Block in the Dell Server Remote Management Console. When both policies are set to Block, no scripts can be run,
either through the PowerShell console or the Cmd console. This ensures that PowerShell one-line scripts are not vulnerable
to execution. To allow approved scripts to run through the Cmd console, select the Enable Approve Scripts in Folders (and
Subfolders) policy, and add the approved scripts to the Approve Scripts in Folders (and Subfolders) policy.
NOTE: The PowerShell Console policy applies to PowerShell v3 and later. Windows 7 includes PowerShell v2, by default.
To upgrade to PowerShell v3 on Windows 7, see www.microsoft.com/en-us/download/details.aspx?id=34595.
[CYL-619]
After Auto-Update to v2.0.1441, the Advanced Threat Prevention tile may no longer display in the Dell Data Security Console.
To work around this issue, run the following command:
MSIEXEC.EXE /I "ATP_CSF_Plugins_x64.msi" APPFOLDER="C:\Program Files\Dell\Dell Data
Protection\Advanced Threat Protection\Plugins" /l*v "C:\ProgramData\Dell\Dell Data
Protection\Installer Logs\ATP_CSF_Plugins_x64.msi.log"
The .msi file can be found in the following folder, extracted from the installation package: \Advanced Threat
Prevention\WinXXr\
If the issue persists, contact ProSupport. [CYL-626]
Windows 10 Creators Update is not yet supported with the optional Web Protection and Firewall features.
Technical Advisories - Auto-Updates
For information about periodic Advanced Threat Prevention updates for enterprises enrolled for Agent Auto Update on the Dell
Server, see http://www.dell.com/support/article/us/en/19/SLN305419/dell-data-protection-endpoint-security-suite-
enterprise-and-dell-data-protection-threat-defense-release-notes?lang=EN. Select the Saas Updates tab.
For instructions on how to enroll for Agent Auto Update on the Dell Server, refer to AdminHelp, accessible from the Remote
Management Console.
Encryption Client v8.15
Encryption is not supported on servers that are part of distributed file systems (DFS). [DDPC-6130]
If the CmgHiber.sys or CmgHiber.dat file is missing from C:\windows\system32\drivers on a computer that
hibernates, the computer will not resume. Ensure that disk cleaner and optimization tools do not delete these files.
[DDPC-6211]
When removable media is connected to a computer running Windows 7, 8, or 8.1 with the Subclass Storage: External Drive
Control policy set to Blocked, the device name is not included in the access-blocked message or in the Local Management
Console. [DDPC-6503]
Encrypted user and common data on a computer with an HCA card is unrecoverable if the user clears HCA ownership, even
though the computer is not HCA-encrypted, because the user and common keys are wrapped in the GPE (HCA) key.
[DDPC-6505, DDPC-6535]
Advanced Authentication v8.15
SSL is no longer supported. TLS 1.0, 1.1, or 1.2 should be used rather than SSL.
Preboot Authentication v8.15
A few keys on a Brazilian Portuguese keyboard behave differently than expected on the Dell Precision M4800 running in
UEFI mode. [DDPC-5975]
A delay in display of the PBA login screen has been observed on the following Dell computers: Optiplex 5055, Precision
5820T, Precision 7820T, and Precision 7920T. [DDPC-6375]
Technical Advisories
45