| • | About this document | ||
| • | About this product | ||
| • | New features | ||
| • | Known issues | ||
| • | Find product documentation
|
This document contains important information about the current release. We strongly recommend that you read the entire document.
McAfee® Drive Encryption provides full disk encryption, thereby protecting data for desktops, laptops, and tablets. It is installed on client systems to prevent the loss of sensitive data, especially from lost or stolen devices. It protects data with strong access control using Pre-Boot Authentication (PBA) and a powerful encryption engine.
The installation of the McAfee Drive Encryption extension, deployment of the software packages, policy enforcement, and recovery are performed using McAfee® ePolicy Orchestrator® (McAfee® ePO™) , which is a management console used to manage and monitor all client systems that are connected to the server. It is necessary to install the extensions and check in the software packages to the McAfee ePO server before deploying the product and configuring the policy settings that determines how encryption functions on the client systems.
| Before you begin, make sure that you remove any competitor's encryption products from your client system. Also, do not install any other encryption products after installing Drive Encryption. |
This release supports new installations, and upgrading EEPC 7.0.x and Drive Encryption 7.1.x installed systems to Drive Encryption 7.2. For more information about upgrading EEPC 7.0.x and Drive Encryption 7.1.x installed systems to Drive Encryption 7.2, see McAfee Drive Encryption 7.2 Product Guide.
The McAfee Drive Encryption 7.2 Product Guide now includes a Quick Start Guide, with a quick start diagram and pre-requisite checklist. For latest information about pre-requisites, please refer to the McAfee KnowledgeBase article KB88142.
| For the latest information on supported platforms, environments, and operating systems, see KB79422. |
This release of the product includes these new features.
Intel® Software Guard Extensions (Intel® SGX) is an Intel Architecture extension, introduced with 6th Generation Intel CoreTM processor platforms, that is designed to increase the security of software through an "inverse sandbox" mechanism. In this approach, rather than attempting to identify and isolate all the potential threats or attack surfaces on the platform, legitimate software can be sealed inside an enclave and protected from such threats, irrespective of the privilege level of the threat.
Leveraging Intel SGX with Drive Encryption further improves protection against memory-based attacks (such as the cold-boot attack) without affecting performance.
For further information, please refer to the Drive Encryption FAQs KB79784.
Third party Credential Providers can leverage a Drive Encryption SDK and new McAfee ePO policy settings to override the default Drive Encryption 7.2 Credential Provider, allowing a seamless integration and login experience.
Rolling out and deploying software to endpoints can provide challenges and introduce additional overhead. Drive Encryption 7.2 includes additional reporting and a new dashboard entry so that administrators can quickly and intuitively check to see if there are any encryption (activation) failures including detection of incompatible products within their estate and target these systems for follow up action, where appropriate.
Microsoft have included a new feature within Windows 10 Anniversary Update that allows for OS in-place upgrade through ISO and SCCM using /Reflectdrivers option.
This replaces the use of scripts to inject Drive Encryption drivers for the update process that has to be used for versions of Windows 10 releases prior to the Windows 10 Anniversary Update release.
Please refer to Intel KnowledgeBase article KB87909 for further information and documentation about in-place upgrade to Windows 10 with Drive Encryption installed.
From Drive Encryption 7.1.3 we display the Intel shield not just at the first Windows logon but also on subsequent logons indicating the "Capture Logon" feature is enabled. We now provide the ability to remove the shield from being displayed, which is particularly useful for customers that choose to use their own custom themes at Windows logon.
Support has been added for the following tokens in this release:
| • | Gemalto MD830 |
| • | Safenet eToken 5110 |
Please refer to the Intel KnowledgeBase article KB79787 for further information.
For a list of known issues in this product release, refer to the Intel KnowledgeBase article KB84502.
Privacy Notice
The Data Protection Self Service Portal (DPSSP) collects users' login names, system names, IP addresses, and audit data. Access to this information is available in DPSSP reports within McAfee ePO. Make sure that access to these reports is authorized and appropriately managed.
On the ServicePortal, you can find information about a released product, including product documentation, technical articles, and more.
| 1 | Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab. |
| 2 | In the Knowledge Base pane under Content Source, click Product Documentation. |
| 3 | Select a product and version, then click Search to display a list of documents. |
This release of Drive Encryption 7.2 includes the following documentation set.
| • | McAfee Drive Encryption 7.2 Release Notes (this document) |
| • | McAfee Drive Encryption 7.2 Product Guide |
| • | McAfee Drive Encryption 7.2 Help Extension |
| • | McAfee Drive Encryption 7.2 Client Transfer Guide |
| • | McAfee Drive Encryption7.2 Scripting Guide |
| • | McAfee Drive Encryption 7.2 DETech User Guide |
For any frequently asked questions about McAfee Drive Encryption, please refer to the KnowledgeBase article KB79784.
© 2016 Intel Corporation
Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others.