Endpoint Encryption devices are Endpoint Encryption agents that have registered with PolicyServer. Installing any Endpoint Encryption agent automatically registers the endpoint with PolicyServer as a new Endpoint Encryption device. Since multiple Endpoint Encryption agents may protect a given endpoint, a single endpoint may appear as more than one Endpoint Encryption device on PolicyServer.
The Endpoint Encryption Devices widget provides Endpoint Encryption device management capability directly from the Control Manager dashboard. Use the Endpoint Encryption Devices widget to monitor activity, search for Endpoint Encryption devices, or secure endpoint data by initiating lock or kill commands when an endpoint is lost or stolen.
For information about adding Endpoint Encryption devices to a policy, see Specifying Policy Targets.
|
Options |
Description |
|---|---|
|
Show |
Select which devices to display: all devices in the Enterprise, or devices in a specific policy. |
|
Search ( |
Click the |
|
Settings ( Right-click a device |
Select a device and click the See Device Actions. |
|
Number of devices |
View the total number of devices in the entire Enterprise, selected policy, or specified search. |
)Device Actions
Select a device and click the 
icon or right-click a device
to perform the following actions:
Action |
Description |
|---|---|
|
Delete device |
Deleting any Endpoint Encryption device from the Enterprise also removes the device from all policy groups. The deleted Endpoint Encryption device continues functioning as long as connectivity and password policies are current on the device. The agent will be unable to synchronize its policy with PolicyServer. Warning:
Before deleting a Full Disk Encryption device, decrypt your disk, and uninstall the Full Disk Encryption agent. If you delete a Full Disk Encryption device without deleting the agent, the Full Disk Encryption preboot may be unable to authenticate with PolicyServer and the data may become inaccessible. |
Soft token |
Generating a "software token" creates a unique string that you can use to unlock Endpoint Encryption devices and to remotely help Endpoint Encryption users reset forgotten passwords. The software token is only available in the full version of Full Disk Encryption, not Encryption Management for Apple FileVault or Encryption Management for Microsoft BitLocker. For information about resetting passwords or unlocking a user account, see Remote Help Assistance. |
|
Recovery key |
Generating a "recovery key" allows the user to decrypt a hard disk when the user has forgotten the original password or key. The recovery key is only available to Encryption Management for Apple FileVault and Encryption Management for Microsoft BitLocker agents because they do not use the other recovery methods available in Full Disk Encryption. For information about resetting passwords or unlocking a user account, see Remote Help Assistance. |
Device attributes |
View a current snapshot of the selected device. See Device Attributes. |
Kill device |
Initiating a "kill" command deletes all Endpoint Encryption device data. The deleted data is different depending on the scope of data that the associated Endpoint Encryption agent manages. For example, initiating a "kill" command to a Full Disk Encryption device deletes all data from the endpoint, while initiating a "kill" command to a File Encryption device deletes all files and folders in local or removable storage protected by the File Encryption agent. The "kill" command is issued when the Endpoint Encryption agent communicates with PolicyServer. Warning:
Killing a device cannot be undone. Back up all the data before initiating a kill command. |
Lock device |
Initiating a "lock" command to the Endpoint Encryption device prevents Endpoint Encryption user access until after performing a successful Remote Help authentication. Locking a device reboots the endpoint and forces it into a state that requires Remote Help. The lock command is issued when the Endpoint Encryption agent communicates with PolicyServer. |
Soft reset |
Initiating a "soft reset" command reboots the endpoint. The command issues the next time that the agent communicates with PolicyServer. |
Device Attributes
The following table describes the Endpoint Encryption device attributes.
|
Attribute Name |
Example |
Description |
|---|---|---|
|
AD NetBIOS Name |
Enterprise |
The name assigned to the AD NetBIOS. |
|
AD Object GUID |
6629bdeb-99a8-456b-b7c5-dbbc50ad13d0 |
The GUID assigned to the AD object. |
|
Battery Count |
2 |
The number of batteries installed. |
|
.NET Version |
2.0.50727.3620 |
The version and build number for the installed .NET framework. |
|
Common Framework Build Number |
5.0.0.84 |
The Endpoint Encryption agent uses a common framework for encryption. The build number is used to tell whether the agent is up-to-date. |
|
Disk Model |
VMware Virtual IDE |
The hard disk model. |
|
Disk Name |
\\.\PHYSICALDRIVE0 |
The name of the hard disk. |
|
Disk Serial Number |
The serial number of the hard disk. |
|
|
Disk Partitions |
1 |
The number of partitions on the disk with the agent installed. |
|
Disk Size |
10733990400 |
The total capacity of the hard disk (in bytes). |
|
Domain Name |
WORKGROUP |
The domain that the endpoint is a member. |
|
Endpoint ID |
85b1e3e2a3c25d882540ef6e4818c3e4 |
The unique ID of the endpoint used for Control Manager integration. |
|
File Encryption Version |
6.0.0.1039 |
The version of File Encryption installed on the endpoint. |
|
Hostname |
TREND-4136D2DB3 |
The endpoint's host name. |
|
IP Address |
10.1.152.219 |
The endpoint's IP address. |
|
Language |
English (United States) |
The language used by the endpoint. |
|
Locale |
en-US |
The regional settings used by the endpoint. |
|
MAC Address |
00-50-56-01-xx-xx |
The endpoint's MAC address. |
|
Machine Name |
TREND-4136D2DB3 |
The computer name that the endpoint used. |
|
Manufacturer |
VMware, Inc. |
The manufacturer of the hard disk. |
|
Model |
VMware Virtual Platform |
The model of the hard disk. |
|
Operating System |
Microsoft Windows NT 5.1.2600 Service Pack 3 |
The operating system installed on the same hard disk as the agent. |
|
Operating System Name |
Microsoft Windows XP Professional |
The common name of the operating system installed on the same hard disk as the agent. |
|
Operating System Service Pack |
Service Pack 3 |
The service pack number of the operating system installed on the same hard disk as the agent. |
|
Operating System Version |
5.1.2600.196608 |
The version number of the operating system installed on the same hard disk as the agent. |
|
Partition Scheme |
Classical MBR |
The partition scheme for the hard disk. |
|
Processor |
x86 Family 6 Model 30 Stepping 5, Genuine Intel |
The processor make and model of the endpoint. |
|
Processor Count |
2 |
The number of processors in the endpoint. |
|
Processor Revision |
1e05 |
The processor revision number. |
|
Time Zone |
Taipei Standard Time |
The time zone that the endpoint resides. |
|
Total Physical Memory |
2047MB |
The total RAM installed in or allocated to the endpoint. |
|
Type |
X86-based PC |
The endpoint processor type. |
|
Windows User Name |
TREND-4136D2DB3\admin |
The user name of the Windows account that last logged on the endpoint. |
|
<Agent> User |
john_smith |
The user name for the last logged on used. |
|
<Agent> Version |
5.0.0.260 |
The version and build number for the agent installation. |