Endpoint Encryption devices are Endpoint Encryption agents that have registered with PolicyServer.
Installing any Endpoint Encryption agent automatically registers
the endpoint with PolicyServer as a new Endpoint Encryption
device. Since multiple Endpoint Encryption agents may protect a
given endpoint, a single endpoint may appear as more than one Endpoint Encryption device on PolicyServer.
The
Endpoint Encryption Devices widget provides Endpoint Encryption device management capability directly from the Control Manager dashboard. Use the Endpoint Encryption
Devices widget to monitor activity, search for Endpoint Encryption devices, or secure endpoint data by initiating lock
or kill commands when an endpoint is lost or stolen.
 |
NoteFor information about adding Endpoint Encryption devices to a
policy, see Specifying Policy Targets.
|
|
Options
|
Description
|
|
Show
|
Select which devices to display: all devices in the Enterprise, or devices in a specific
policy.
|
|
Search (
 ) |
Click the
icon to select the Endpoint Encryption agent and filter the devices shown in the
table. Use the search field to specify parameters to search against. Any attributes
listed
in devices attributes can be searched. |
|
Settings (
 )Right-click a device
|
Select a device and click the
icon or right-click a device
to view device attributes or to perform actions on the selected device.See Device Actions.
|
|
Number of devices
|
View the total number of devices in the entire Enterprise, selected policy, or specified
search.
|
Device Actions
Select a device and click the icon or right-click a device
to perform the following actions:
icon or right-click a device
to perform the following actions:|
Action
|
Description
|
||
|
Delete device
|
Deleting any Endpoint Encryption
device from the Enterprise also removes the device from all
policy groups. The deleted Endpoint Encryption device
continues functioning as long as connectivity and password
policies are current on the device. The agent will be unable to
synchronize its policy with PolicyServer.
|
||
|
Soft token
|
Generating a
software tokencreates a unique string that you can use to unlock Endpoint Encryption devices and to remotely help Endpoint Encryption users reset forgotten passwords. The software token is only available in the full
version of Full Disk Encryption, not Encryption Management for Apple FileVault
or Encryption Management for Microsoft BitLocker.
For information about resetting passwords or unlocking a user
account, see Remote Help Assistance.
|
||
|
Recovery key
|
Generating a
recovery keyallows the user to decrypt a hard disk when the user has forgotten the original password or key. The recovery key is only available to Encryption Management for
Apple FileVault and Encryption Management for Microsoft
BitLocker agents because they do not use the other recovery
methods available in Full Disk Encryption.
For information about resetting passwords or unlocking a user
account, see Remote Help Assistance.
|
||
|
Device attributes
|
View a current snapshot of the selected device.
See Device Attributes.
|
||
|
Kill device
|
Initiating a
killcommand deletes all Endpoint Encryption device data. The deleted data is different depending on the scope of data that the associated Endpoint Encryption agent manages. For example, initiating a killcommand to a Full Disk Encryption device deletes all data from the endpoint, while initiating a killcommand to a File Encryption device deletes all files and folders in local or removable storage protected by the File Encryption agent. The killcommand is issued when the Endpoint Encryption agent communicates with PolicyServer.
|
||
|
Lock device
|
Initiating a
lockcommand to the Endpoint Encryption device prevents Endpoint Encryption user access until after performing a successful Remote Help authentication. Locking a device reboots the endpoint and forces it into a state that requires Remote Help. The lock command is issued when the Endpoint Encryption agent communicates with PolicyServer. |
||
|
Soft reset
|
Initiating a
soft resetcommand reboots the endpoint. The command issues the next time that the agent communicates with PolicyServer. |
Device Attributes
The following table describes the Endpoint Encryption device attributes.
|
Attribute Name
|
Example
|
Description
|
|
AD NetBIOS Name
|
Enterprise
|
The name assigned to the AD NetBIOS.
|
|
AD Object GUID
|
6629bdeb-99a8-456b-b7c5-dbbc50ad13d0
|
The GUID assigned to the AD object.
|
|
Battery Count
|
2
|
The number of batteries installed.
|
|
.NET Version
|
2.0.50727.3620
|
The version and build number for the installed .NET framework.
|
|
Common Framework Build Number
|
5.0.0.84
|
The Endpoint Encryption agent uses a common framework for encryption. The build number is used to tell whether
the agent is up-to-date.
|
|
Disk Model
|
VMware Virtual IDE
|
The hard disk model.
|
|
Disk Name
|
\\.\PHYSICALDRIVE0 |
The name of the hard disk.
|
|
Disk Serial Number
|
The serial number of the hard disk.
|
|
|
Disk Partitions
|
1
|
The number of partitions on the disk with the agent installed.
|
|
Disk Size
|
10733990400
|
The total capacity of the hard disk (in bytes).
|
|
Domain Name
|
WORKGROUP
|
The domain that the endpoint is a member.
|
|
Endpoint ID
|
85b1e3e2a3c25d882540ef6e4818c3e4
|
The unique ID of the endpoint used for Control Manager integration.
|
|
File Encryption Version
|
6.0.0.1039
|
The version of File Encryption installed on the endpoint.
|
|
Hostname
|
TREND-4136D2DB3
|
The endpoint's host name.
|
|
IP Address
|
10.1.152.219 |
The endpoint's IP address.
|
|
Language
|
English (United States)
|
The language used by the endpoint.
|
|
Locale
|
en-US
|
The regional settings used by the endpoint.
|
|
MAC Address
|
00-50-56-01-xx-xx
|
The endpoint's MAC address.
|
|
Machine Name
|
TREND-4136D2DB3
|
The computer name that the endpoint used.
|
|
Manufacturer
|
VMware, Inc.
|
The manufacturer of the hard disk.
|
|
Model
|
VMware Virtual Platform
|
The model of the hard disk.
|
|
Operating System
|
Microsoft Windows NT 5.1.2600 Service Pack 3
|
The operating system installed on the same hard disk as the agent.
|
|
Operating System Name
|
Microsoft Windows XP Professional
|
The common name of the operating system installed on the same hard disk as the
agent.
|
|
Operating System Service Pack
|
Service Pack 3
|
The service pack number of the operating system installed on the same hard disk
as the agent.
|
|
Operating System Version
|
5.1.2600.196608
|
The version number of the operating system installed on the same hard disk as the
agent.
|
|
Partition Scheme
|
Classical MBR
|
The partition scheme for the hard disk.
|
|
Processor
|
x86 Family 6 Model 30 Stepping 5, Genuine Intel
|
The processor make and model of the endpoint.
|
|
Processor Count
|
2
|
The number of processors in the endpoint.
|
|
Processor Revision
|
1e05
|
The processor revision number.
|
|
Time Zone
|
Taipei Standard Time
|
The time zone that the endpoint resides.
|
|
Total Physical Memory
|
2047MB
|
The total RAM installed in or allocated to the endpoint.
|
|
Type
|
X86-based PC
|
The endpoint processor type.
|
|
Windows User Name
|
TREND-4136D2DB3\admin
|
The user name of the Windows account that last logged on the endpoint.
|
|
<Agent> User
|
john_smith
|
The user name for the last logged on used.
|
|
<Agent> Version
|
5.0.0.260
|
The version and build number for the agent installation.
|