The Full Disk Encryption agent combines a robust AES256 encryption algorithm and mandatory authentication to make data inaccessible without authentication. Full Disk Encryption prevents data loss by encrypting the whole drive, including operating system, program, temporary, and end user files.

Full Disk Encryption allows for the flexibility to use either software-based encrypted hard drives or hardware-based encrypted hard drives as needed. Seagate DriveTrust™, OPAL, and OPAL2 self-encrypting drives are supported. While hardware-based encryption is simpler to deploy on new hardware, easier to maintain, and offers a higher level of performance, software-based encryption does not require any hardware and is cheaper to deploy to existing endpoints.

Trend Micro PolicyServer controls policies affecting Full Disk Encryption, ensuring complete endpoint security centrally managed across the Enterprise. Full Disk Encryption is network-aware and updates policies before allowing authentication. You can also remotely lock or wipe data on the endpoint before the operating system or any other sensitive data is accessed.

Trend Micro Endpoint Encryption 5.0 Patch 1 advances Full Disk Encryption by integrating with encryption solutions built into the host operating system through two new Endpoint Encryption agents: