Product guide
Table Of Contents
Table 3-1 Recommended Product Settings Policies (continued)
Policy
Options
Recommendations
Boot Options
Tab
(Windows
only)
• Enable Boot Manager — Leave this option unchecked (disabled). Enabling this option
activates the built in pre‑boot partition manager. This allows you to select the primary
partition on the hard disk that you wish to boot. Naming of the partition is also
possible with the boot manager. The time out for the booting to start can also be set.
• Always enable pre‑boot USB support — Leave this option checked only when needed.
(enabled).
Forces the Endpoint Encryption Pre‑Boot code to always initialize the USB stack. USB
audio functionality allows the visually impaired users to listen to an audio signal
(spoken word) as a guidance when the user moves the cursor from one field to the
next, in the Pre‑Boot environment. The USB speakers and headphones can be used to
listen to the audio signal.
You will notice an improper synchronization of the mouse cursor and the stylus on USB
connected Wacom pen digitizers. To avoid this, make sure to enable this option.
• Always enable pre‑boot PCMCIA support — Leave this option unchecked (disabled) unless you
require support for PCMCIA devices in Pre‑Boot.
• Graphics mode — Automatic. Allows you to select the screen resolution for a system or a
system group.
Theme Tab
It is better to have the default option enabled as it is simple to deploy and manage.
Out‑of‑Band
Tab
(Windows
only)
Enable at PBA— Enable this option to enable the EEPC out‑of‑band management features
through policies and then perform actions on Intel
®
AMT provisioned client systems.
You can enable this option only if you have installed the Endpoint Encryption : Out Of Band
Management extension in McAfee ePO.
3
Software configuration and policies
Recommended Product Settings Policy
26
McAfee Endpoint Encryption 7.0 Patch 1 Software Best Practices Guide