Endpoint Encryption devices are Endpoint Encryption agents that have registered with
PolicyServer. Installing any Endpoint Encryption agent automatically registers the
endpoint with PolicyServer as a new Endpoint Encryption device. Since multiple Endpoint
Encryption agents may protect a given endpoint, a single endpoint may appear as more
than one Endpoint Encryption device on PolicyServer.
The Endpoint Encryption Devices
widget provides Endpoint Encryption device management capability directly from the
Apex Central
dashboard. Use the Endpoint Encryption Devices widget to
monitor activity, search for Endpoint Encryption devices, or secure endpoint data
by initiating
lock or kill commands when an endpoint is lost or stolen.
|
Options
|
Description
|
|
Show
|
Select which devices to display: all devices in the Enterprise, or devices in a specific
policy.
|
|
Search (
 ) |
Click the
icon
to select the Security Agent and filter the devices shown in the table. Use the search
field
to specify parameters to search against. Any attributes listed in devices attributes
can be
searched. |
|
Settings (
 )Right-click a device
|
Select a device and click the
icon or right-click a device
to view device attributes or to perform actions on the selected device. |
|
Number of devices
|
View the total number of devices in the entire Enterprise, selected policy, or specified
search.
|
Device Actions
Select a device and click the icon or right-click a device
to perform the following actions:
icon or right-click a device
to perform the following actions:|
Action
|
Description
|
||
|
Delete device
|
Deleting any Apex Central device from the Enterprise
also removes the device from all policy groups. The deleted Apex
Central device continues functioning as long as connectivity and
password policies are current on the device. The agent will be
unable to synchronize its policy with PolicyServer.
|
||
|
Soft token
|
Generating a
software tokencreates a unique string that you can use to unlock Apex Central devices and to remotely help Apex Central users reset forgotten passwords. The software token is only
available in the full version of Full Disk Encryption, not
Encryption Management for Apple FileVault or Encryption
Management for Microsoft BitLocker.
|
||
|
Recovery key
|
Generating a
recovery keyallows the user to decrypt a hard disk when the user has forgotten the original password or key. The recovery key is only available to Encryption Management for
Apple FileVault and Encryption Management for Microsoft
BitLocker agents because they do not use the other recovery
methods available in Full Disk Encryption.
|
||
|
Device attributes
|
View a current snapshot of the selected device.
|
||
|
Kill device
|
Initiating a
killcommand deletes all Apex Central device data. The deleted data is different depending on the scope of data that the associated Security Agent manages. For example, initiating a killcommand to a Full Disk Encryption device deletes all data from the endpoint, while initiating a killcommand to a File Encryption device deletes all files and folders in local or removable storage protected by the File Encryption agent. The killcommand is issued when the Security Agent communicates with PolicyServer.
|
||
|
Lock device
|
Initiating a
lockcommand to the Apex Central device prevents Apex Central user access until after performing a successful Remote Help authentication. Locking a device reboots the endpoint and forces it into a state that requires Remote Help. The lock command is issued when the Security Agent communicates with PolicyServer. |
||
|
Soft reset
|
Initiating a
soft resetcommand reboots the endpoint. The command issues the next time that the agent communicates with PolicyServer. |
Device Attributes
The following table describes the Apex Central device attributes.
|
Attribute Name
|
Example
|
Description
|
|
AD NetBIOS Name
|
Enterprise
|
The name assigned to the AD NetBIOS.
|
|
AD Object GUID
|
6629bdeb-99a8-456b-b7c5-dbbc50ad13d0
|
The GUID assigned to the AD object.
|
|
Battery Count
|
2
|
The number of batteries installed.
|
|
.NET Version
|
2.0.50727.3620
|
The version and build number for the installed .NET framework.
|
|
Common Framework Build Number
|
5.0.0.84
|
The Security Agent uses a common framework for encryption. The build
number is used to tell whether the agent is up-to-date.
|
|
Disk Model
|
VMware Virtual IDE
|
The hard disk model.
|
|
Disk Name
|
\\.\PHYSICALDRIVE0 |
The name of the hard disk.
|
|
Disk Serial Number
|
The serial number of the hard disk.
|
|
|
Disk Partitions
|
1
|
The number of partitions on the disk with the agent installed.
|
|
Disk Size
|
10733990400
|
The total capacity of the hard disk (in bytes).
|
|
Domain Name
|
WORKGROUP
|
The domain that the endpoint is a member.
|
|
Endpoint ID
|
85b1e3e2a3c25d882540ef6e4818c3e4
|
The unique ID of the endpoint used for Apex Central integration.
|
|
File Encryption Version
|
6.0.0.1039
|
The version of File Encryption installed on the endpoint.
|
|
Hostname
|
TREND-4136D2DB3
|
The endpoint's host name.
|
|
IP Address
|
10.1.152.219 |
The endpoint's IP address.
|
|
Language
|
English (United States)
|
The language used by the endpoint.
|
|
Locale
|
en-US
|
The regional settings used by the endpoint.
|
|
MAC Address
|
00-50-56-01-xx-xx
|
The endpoint's MAC address.
|
|
Machine Name
|
TREND-4136D2DB3
|
The computer name that the endpoint used.
|
|
Manufacturer
|
VMware, Inc.
|
The manufacturer of the hard disk.
|
|
Model
|
VMware Virtual Platform
|
The model of the hard disk.
|
|
Operating System
|
Microsoft Windows NT 5.1.2600 Service Pack 3
|
The operating system installed on the same hard disk as the agent.
|
|
Operating System Name
|
Microsoft Windows XP Professional
|
The common name of the operating system installed on the same hard disk as the
agent.
|
|
Operating System Service Pack
|
Service Pack 3
|
The service pack number of the operating system installed on the same hard disk
as the agent.
|
|
Operating System Version
|
5.1.2600.196608
|
The version number of the operating system installed on the same hard disk as the
agent.
|
|
Partition Scheme
|
Classical MBR
|
The partition scheme for the hard disk.
|
|
Processor
|
x86 Family 6 Model 30 Stepping 5, Genuine Intel
|
The processor make and model of the endpoint.
|
|
Processor Count
|
2
|
The number of processors in the endpoint.
|
|
Processor Revision
|
1e05
|
The processor revision number.
|
|
Time Zone
|
Taipei Standard Time
|
The time zone that the endpoint resides.
|
|
Total Physical Memory
|
2047MB
|
The total RAM installed in or allocated to the endpoint.
|
|
Type
|
X86-based PC
|
The endpoint processor type.
|
|
Windows User Name
|
TREND-4136D2DB3\admin
|
The user name of the Windows account that last logged on the endpoint.
|
|
<Agent> User
|
john_smith
|
The user name for the last logged on used.
|
|
<Agent> Version
|
5.0.0.260
|
The version and build number for the agent installation.
|