Users Guide
Table Of Contents
- Dell Endpoint Security Suite Enterprise Technical Advisories v3.0
- Contents
- Technical Advisories
- Contact Dell ProSupport
- New Features and Functionality v3.0
- Resolved Security Advisories v3.0
- Resolved Technical Advisories v3.0
- Technical Advisories v3.0
- New Features and Functionality v2.9
- Resolved Security Advisories v2.9
- Resolved Technical Advisories v2.9
- Technical Advisories v2.9
- New Features and Functionality v2.8
- Resolved Security Advisories v2.8
- Resolved Technical Advisories v2.8
- Technical Advisories v2.8
- New Features and Functionality v2.7
- Resolved Technical Advisories v2.7
- Technical Advisories v2.7
- New Features and Functionality v2.5
- Resolved Technical Advisories v2.5
- Technical Advisories v2.5
- New Features and Functionality v2.4
- Resolved Technical Advisories v2.4
- Technical Advisories v2.4
- New Features and Functionality v2.3
- Resolved Technical Advisories v2.3
- Technical Advisories v2.3
- New Features and Functionality v2.2.1
- Resolved Technical Advisories v2.2.1
- Technical Advisories v2.2.1
- New Features and Functionality v2.2
- Resolved Technical Advisories v2.2
- Technical Advisories v2.2
- New Features and Functionality v2.1
- Resolved Technical Advisories v2.1
- Technical Advisories v2.1
- New Features and Functionality v2.0.1
- Resolved Technical Advisories v2.0.1
- Technical Advisories v2.0.1
- New Features and Functionality v2.0
- Resolved Technical Advisories v2.0
- Technical Advisories v2.0
- New Features and Functionality v1.8
- Resolved Technical Advisories v1.8
- Technical Advisories v1.8
- New Features and Functionality v1.7.2
- Resolved Technical Advisories v1.7.2
- Technical Advisories v1.7.2
- New Features and Functionality v1.7.1
- Resolved Technical Advisories v1.7.1
- Technical Advisories v1.7.1
- New Features and Functionality v1.7
- Resolved Technical Advisories v1.7
- Technical Advisories v1.7
- New Features and Functionality v1.6
- Resolved Technical Advisories v1.6
- Technical Advisories v1.6
- New Features and Functionality v1.5
- Resolved Technical Advisories v1.5
- Technical Advisories v1.5
- New Features and Functionality v1.4
- Resolved Technical Advisories v1.4
- Technical Advisories v1.4
- New Features and Functionality v1.3
- Resolved Technical Advisories v1.3
- Technical Advisories v1.3
- Resolved Technical Advisories v1.2
- Technical Advisories v1.2
- New Features and Functionality v1.1.1
- Resolved Technical Advisories v1.1.1
- Technical Advisories v1.1.1
- New Features and Functionality v1.1
- Resolved Technical Advisories v1.1
- Technical Advisories v1.1
- Resolved Technical Advisories v1.0.1
- Technical Advisories v1.0.1
- New Features and Functionality v1.0
- Technical Advisories v1.0
- Previous Technical Advisories
- Workarounds
- Software and Hardware Compatibility
● On some Dell platforms, the desktop background turns black after the computer wakes from a sleep state. To work around
this issue, go to display settings and reset the desktop background. [24574]
BitLocker Manager
● Encryption Status Reports will not exactly match the Windows BitLocker encryption dialog window. BitLocker Manager
updates encryption status every 30 seconds, therefore there will be a 30 second delay in BitLocker Manager encryption
status.
● If a user with local Admin rights uses the Microsoft Control Panel to turn off BitLocker encryption before the volume has
been completely encrypted, the preset user authentication (PIN or Startup key) will be removed and the system will revert
back to TPM only. To avoid this issue, local Admin users should not use the Microsoft Control Panel to change encryption
status when two-factor authentication is set by policy.
Technical Advisories v7.2.1
Encryption Client
● When using a desktop computer and attempting to block SD card ports by using the "Port: SD" policy, blocking SD ports
will not be successful. For desktop computers, the "Storage Class: External Drive Control" policy must be used to effectively
block SD ports. The use of the "Storage Class: External Drive Control" policy blocks access to all external storage devices
irrespective of what bus they are on. When using a laptop computer, SD ports can be blocked using the "Port: SD" policy.
[23530]
● The F8 "discard the hibernation data" option MUST be used on the first system restart after software HCA decryption (using
the recovery tool/bundle) is performed on a system drive that contains a valid hibernation file. HCA maintains a drive state
value that identifies what drives are encrypted. Because of this, during hibernation resume, HCA attempts to decrypt data
that is read from the disk and encrypt data that is written to the disk (this transition in the hibernation file causes disk
corruption). Instructions: 1. Allow HCA decryption to complete. 2. During the first reboot after HCA decryption, before the
operating system loads, press F8 and select "discard the hibernation data". The user can now resume normal operation of
the computer.
● When using a computer equipped with a Hardware Crypto Accelerator, the Preboot Password Requirement dialog that is
displayed is misleading regarding Hardware Crypto Accelerator usage. The message will be changed in the next major release
to display: "A recent policy update requires the initial setup of the preboot authentication system. To enter the BIOS setup,
reboot and click F2 during the Dell splash screen. Go to the "Security" option and select Preboot Authentication > Set
System Password. Enter a password and exit the BIOS setup." [23205]
● When the Hardware Crypto Accelerator has used all of its lifecycles, the Shield erroneously asks the user for their Hardware
Crypto Accelerator Password and Preboot Password. The message should notify the user that the computer does not have
any remaining lifecycles and to contact their Administrator to get a replacement Hardware Crypto Accelerator. We expect
this scenario to rarely occur. [22492]
● When using VMware, if the host computer is Shielded (essentially meaning that the port control drivers are installed
on the host), when a user connects a USB device to their computer, and forces it to connect to the OS running
on the VMware computer instead of the host OS, the VMware OS will not be able to access the files on the
USB. The Dell port control driver is a filter driver running on USB stack. VMware is not compatible with USB
filter drivers. For more information, see VMware KB article: http://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1016809. [20280, 22820, 28522]
● The Encryption Removal Agent can decrypt files with path lengths up to 256 characters. Files paths longer than 256
characters result in a decryption failure. To work around this issue, shorten the path length to less than 256 characters and
re-initiate the Encryption Removal Agent. [23474, 23510]
Technical Advisories v7.2
Encryption Client
● When scanning very large files on removable media, there is a slight screen refresh delay between the local console and the
External Media Shield dialog that displays the files name that are being processed. No loss of functionality is experienced.
[23453]
● When ejecting removable storage without clicking the "safely removing devices" option in the system tray, the local console
status line briefly flashes the "Not Attached to the Encryption System" message. The status resolves to the correct status
within a second or two. This is slight screen refresh delay between the local console and External Media Shield. No loss of
functionality is experienced. [23454]
● Repeatedly switching between multiple users and using fast user switching will eventually result in the Dell Data Protection |
Encryption client becoming unmanaged. To identify if you are experiencing this issue, you will get a message from the local
Technical Advisories
77