Glossary

The following table explains the terminology used throughout the Endpoint Encryption documentation.

Table 1. Endpoint Encryption Terminology

Term

Description

Agent

Software installed on an endpoint that communicates with a management server.

Authentication

The process of identifying a user.

ColorCode™

The authentication method requiring a color-sequence password.

Command Builder

A Trend Micro tool to generate scripts used to install PolicyServer and Endpoint Encryption agents for automatic or mass deployments.

Command Line Helper

A Trend Micro tool for creating encrypted values to secure credentials used by Endpoint Encryption agent installation scripts.

Control Manager

Trend Micro Control Manager is a central management console that manages Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels.

Device

Any computer, laptop, or removal media (external drive, USB drive) managed by Endpoint Encryption.

Domain authentication

The authentication method for single sign-on (SSO) using Active Directory.

DriveTrust™

Hardware-based encryption technology by Seagate™.

Encryption Management for Microsoft BitLocker

The Endpoint Encryption Full Disk Encryption agent for Microsoft Windows environments that simply need to enable Microsoft BitLocker on the hosting endpoint.

Use the Encryption Management for Microsoft BitLocker agent to secure endpoints with Trend Micro full disk encryption protection in an existing Windows infrastructure.

Encryption Management for Apple FileVault

The Endpoint Encryption Full Disk Encryption agent for Mac OS environments that simply need to enable Apple FileVault on the hosting endpoint.

Use the Encryption Management for Apple FileVault agent to secure endpoints with Trend Micro full disk encryption protection in an existing Mac OS infrastructure.

Endpoint Encryption Service

The PolicyServer service that securely manages all Endpoint Encryption 5.0 Patch 4 agent communication.

For Endpoint Encryption 3.1.3 and below agent communication, see Legacy Web Service.

Enterprise

The Endpoint Encryption Enterprise is the unique identifier about the organization in the PolicyServer database configured during PolicyServer installation. One PolicyServer database may have multiple Enterprise configurations. However, Endpoint Encryption configurations using Control Manager may only have one Enterprise.

File Encryption

The Endpoint Encryption agent for file and folder encryption on local drives and removable media.

Use File Encryption to protect files and folders located on virtually any device that appears as a drive within the host operating system.

Fixed password

The authentication method for using a standard user password consisting of letters and/or numbers and/or special characters.

Full Disk Encryption

The Endpoint Encryption agent for hardware and software encryption with preboot authentication. Full Disk Encryption secures data files, applications, registry settings, temporary files, swap files, print spoolers, and deleted files on any Windows endpoint. Strong preboot authentication restricts access vulnerabilities until the user is validated.

Legacy Web Service

The PolicyServer service that securely manages all Endpoint Encryption 3.1.3 and below agent communication. For details, see About PolicyServer.

For Endpoint Encryption 5.0 Patch 4 communication, see Endpoint Encryption Service.

OfficeScan

OfficeScan protects enterprise networks from malware, network viruses, web-based threats, spyware, and mixed threat attacks. An integrated solution, OfficeScan consists of an agent that resides at the endpoint and a server program that manages all agents.

OPAL

Trusted Computing Group's Security Subsystem Class for client devices.

Password

Any type of authentication data used in combination with a user name, such as fixed, PIN, and ColorCode.

PIN

The authentication method for using a Personal Identification Number, commonly used for ATM transactions.

PolicyServer

The central management server that deploys encryption and authentication policies to the Endpoint Encryption agents.

Remote Help

The authentication method for helping Endpoint Encryption users who forget their credentials or Endpoint Encryption devices that have not synchronized policies within a pre-determined amount of time.

Recovery Console

The Full Disk Encryption interface to recover Endpoint Encryption devices in the event of primary operating system failure, troubleshoot network issues, and manage users, policies, and logs.

Recovery Tool

A bootable disk used to repair a device if the device is unable to boot. The Recovery Tool is distributed as an ISO file in the Full Disk Encryption installation package.

SED

A self-encrypting drive. SEDs provide "hardware-based encryption", as opposed to the type of encryption that Full Disk Encryption provides, which is referred to as "software-based encryption".

Self Help

The authentication method for helping Endpoint Encryption users provide answers to security questions instead of contacting Technical Support for password assistance.

Smart card

The authentication method requiring a physical card in conjunction with a PIN or fixed password.