Reference Guide
Manage Policies
124
Policy Default Setting
Description
Full Disk Encryption (FDE)
This technology manages drives using software-based Full Disk Encryption. Authentication by users through a
Pre-Boot Authentication environment (before the operating system has booted) is required to unlock the
drive.
Full Disk Encryption (FDE) Off
On
Off
Toggle to ON to enable all full
disk encryption policies. If this
policy is toggled to OFF, no fu
ll
disk encryption takes place,
regardless of other policy values.
On means that all Full Disk
Encryption policies are enabled.
Changing the value of this policy
triggers a new sweep to
encrypt/decrypt files.
Encryption Algorithm AES 256
AES 256, AES 128,
FIPS AES 256,
FIPS AES 128
Encryption algorithm used for
Full Disk Encryption.
Encryption Mode CBC
CBC, XTS
Encryption mode used for Full
Disk Encryption.
Enable FDE Plugin Selected
The plugin must remain selected.
To deactivate the PBA and
disable full
disk encryption,
toggle the
Full Disk Encryption
policy to OFF.
Self-Encrypting Drive (SED)
This technology manages self-encrypting drives (SEDs). Authentication by users through a Pre-Boot
Authentication environment (before the operating system has booted) is required to unlock the drive.
Self-Encrypting Drive (SED) Off
On
Off
Toggle On to provision the PBA. If
toggled Off after the PBA is
provisioned, the PBA is de
-
provisioned and the PBA database
is deleted. Re
-toggling to On re-
provisions the PBA and
re-
creates
the PBA database.
See advanced settings
Policy Default Setting
Description
Policy-Based Encryption
This technology uses Dell's proprietary data centric encryption to allow user data and computer encryption.
This allows greater protection over individual data than traditional full disk encryption, by limiting access on
a computer to only what a user is authorized to view.
Policy-Based Encryption Off
On
Off
Toggle to ON to enable
all policy-
based encryption policies. If this