![]() When the "nonadmin" user reboots the machine, the normal PGP Preboot screen will be displayed. This is the current registered user on the disk. Next, you will notice the "User Access" list has a user called "nonadmin" for this scenario. When a user has the PGP Desktop client installed, you will see the following available in their client:Īs shown in the screenshot above, you will notice the "PGP Disk" has "Encrypt Disk" on the left side of the shelf. User Experience Information During the Migration from PGP to SEE for Drive Encryption ![]() For more information on this Pending Reboot functionality, see the following article:Ģ14719 - Symantec Endpoint Encryption Pending Reboot Feature The SEE client performs a "Pending Reboot" check on the system, such as if a Windows update was applied and has not yet been rebooted. Once the installation is finished, reboot the system Msiexec /i SEEClientInstaller.msi CONDITION_NOUI=1 To be able to do a silent install, you can add the "CONDITION_NOUI=1" option to your MSI command, such as the following example: ![]() To migrate from PGP to SEE for Drive Encryption, simply install the SEE Client MSI on the PGP-encrypted machine. Refer to the S EE Upgrade Guide for detailed information on the migration from PGP to SEE. If, for some reason you would like to reencrypt the drive there is a reencrypt command available. The new SEE client will be able to seamlessly read the encrypted sectors going forward. *Post migration, the Drive is not reencrypted. The machine can then be rebooted, and Authentication will then take place at the PBA. Once the migration occurs, have the users login to their Windows profile and wait at least 15 minutes for the automatic user registration to take place. *PGP Drive Encryption users are not preserved. *PGP Email Encryption, File Share Encryption, PGP Virtual Disk, PGP Shredder, PGPViewer, and PGPZip will remain installed on the machine post migration to SEE. The USB drive can be reencrypted with SEE RME (Or access the PGP-encrypted USB drive from a PGP machine) If you are using PGP to encrypt USB drives, SEE has a similar feature called SEE Removable Media Encryption.ĭecrypt your USB drives if you still need to access them. *Symantec Encryption Desktop 10.3.2 MP4 or above is installed.*Removable Drives, such as USB drives are not migrated from PGP to SEE. ![]() The following considerations should be reviewed before you can migrate from PGP to SEE for Drive Encryption: TIP: See the attached article for a downloadable version of this KB. This article will go over the steps needed to do this migration, which is very easy and straightforward. If Drive Encryption is the only component being used, and you would like a "machine-based" experience, rather than a "user-based" experience, you can consider migrating from the PGP client to the SEE Client. Symantec Encryption Desktop (PGP) being user based requires a connection to the server for initial enrollment and recovery keys.įor a comprehensive list of all the product differences between SEE and PGP, see the following article:ġ51074 - Symantec Endpoint Encryption and PGP Encryption Solutions Comparison Symantec Endpoint Encryption (SEE) offers "Connectionless" recovery, meaning even if the client never communicates with the server, a recovery key must be present. Symantec Endpoint Encryption (SEE) is machine based, where Symantec Encryption Desktop (PGP) is user based. Both the Symantec Encryption Desktop (PGP) and Symantec Endpoint Encryption (SEE) provide Drive Encryption and offer a Preboot Authentication (PBA) screen, meaning before a system will boot up, a passphrase must be entered successfully. Symantec Enterprise Division provides two encryption technologies to cover many scenarios and in one area where these two technologies overlap is Drive Encryption. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |