|
|
|
|
|
|
Features / Enhancements
|
Description
|
|---|---|
|
Supported Platforms
|
Endpoint Encryption supports agent installation on the
following platforms:
|
|
In-place Windows Upgrade
|
Endpoint Encryption supports upgrading devices encrypted by
Full Disk Encryption to Windows 8.1 and Windows 10 without decrypting the boot device.
To perform an in-place Windows upgrade, you will need to modify the Windows ISO file.
|
|
Wi-Fi Settings Enhancements
|
To prevent users from unintentionally modifying Wi-Fi settings, the Wi-Fi settings
have
been enhanced as follows:
|
|
Active Directory Fine-Grained Password Policy Support
|
Endpoint Encryption supports fine-grained password and
account lockout policies for Windows Server 2008 and Windows Server 2012 Active Directory
servers. To enable this feature, add the PolicyServer computer to the Password Setting
object (PSO) Security list on the Active Directory server.
|
|
Usability Enhancement
|
The Full Disk Encryption preboot logon screen now displays indicators if Caps Lock
or Num
Lock are enabled.
|
|
New Feature
|
Description
|
|---|---|
|
Active Directory Synchronization across Multiple OUs
|
Endpoint Encryption now supports policy enforcement,
authentication, and synchronization across multiple organizational units (OUs). This
enhancement allows administrators to manage users with the same policy over different
security groups, cross-functional groups, or regional groups. Endpoint Encryption requires that separate OUs must be within the
same Active Directory tree.
|
|
Simplified Active Directory Integration
|
The process for enabling automatic account synchronization from Active Directory has
been
streamlined. When managing Endpoint Encryption from Control Manager, administrators no longer need to access
PolicyServer MMC in addition to the Control Manager web
console.
In addition, when configuring Active Directory from PolicyServer MMC, administrators
no
longer need to use the AD Synchronization Configuration Tool to complete configuration.
|
|
Supported Platforms
|
Endpoint Encryption supports PolicyServer installation on the
following operating systems:
Endpoint Encryption supports the following database
management systems for PolicyServer:
Endpoint Encryption supports Encryption Management for Apple
FileVault installation on the following operating system:
|
|
Automated Deployment of Encryption Management for Apple FileVault
|
Endpoint Encryption supports automated deployments of
Encryption Management for Apple FileVault agents. The process uses the same parameters
and
Command Line Helper tool for automated deployments of Full Disk Encryption, File Encryption,
and Encryption Management for Microsoft BitLocker agents.
|
|
SanDisk Self-Encrypting SSD Support
|
Endpoint Encryption supports enabling and disabling of
hardware-based full disk encryption of SanDisk™ self-encrypting
solid-state drives (SSDs).
|
|
New Feature
|
Description
|
|---|---|
|
Control Manager License
Management
|
Endpoint Encryption PolicyServer integrates with Control Manager License Management.
Control Manager supports the
following features with Endpoint Encryption:
|
|
Control Manager User-Centered
Visibility
|
Endpoint Encryption integrates with Control Manager User-Centered
Visibility. The status logs sent to Control Manager include the user information for the following Endpoint Encryption
agents:
|
|
NIC and Wi-Fi adapter Support
|
Endpoint Encryption supports the following groups of network
interface controllers (NIC):
Endpoint Encryption also supports the Intel Dual Band AC 7260
Wi-Fi adapter.
|
|
New Feature
|
Description
|
|---|---|
|
New Communication Interface
|
Endpoint Encryption 5.0 introduces a new communication
interface (Endpoint Encryption Service) that all Endpoint Encryption 5.0 agents and management consoles use to
communicate with PolicyServer. Endpoint Encryption Service uses
a Representational State Transfer web API (RESTful) with an AES-GCM encryption algorithm.
Endpoint Encryption Service has three key features:
|
|
Control Manager Integration
|
Endpoint Encryption 5.0 integrates Control Manager for PolicyServer management.
For information about Control Manager, see About Control Manager Integration.
|
|
OfficeScan Integration
|
Endpoint Encryption 5.0 provides support for OfficeScan deployments. Use the new Endpoint Encryption Deployment
Tool plug-in to centrally deploy or uninstall Endpoint Encryption agents to any endpoint currently managed by OfficeScan.
|
|
License Management
|
Endpoint Encryption 5.0 integrates with the Trend Micro licensing
portal. As in previous product versions, you can try Endpoint Encryption free for 30 days. After the trial license expires, an
Activation Code is required.
For information about licensing, see Maintenance Agreement.
|
|
Support for Apple FileVault™ and Microsoft
BitLocker™
|
Endpoint Encryption 5.0 advances Full Disk Encryption by integrating with encryption solutions built
into the host operating system through two new Endpoint Encryption
agents:
PolicyServer centrally manages both agents with policy
controls to remotely wipe or kill the Endpoint Encryption device.
|
|
FileArmor Name Change and Move to Common Framework
|
Endpoint Encryption 5.0 renames the FileArmor agent to File Encryption to better match the Endpoint Encryption agent's new functionality. File Encryption has the benefits from FileArmor 3.1.3,
including improved
support for removable media.
File Encryption is also now better aligned with Full Disk Encryption for improved
password and policy management.
|
|
Maintenance, Log, and Report Enhancements
|
Endpoint Encryption 5.0 has several improvements to product
maintenance, logs and reports.
|
|
Smart Card Enhancements
|
Endpoint Encryption 5.0 provides the following smart card
enhancements:
|
) to access Wi-Fi settings.