Users Guide
Technical Advisories v7.2.1
Enterprise Edition for Windows
● When using a desktop computer and attempting to block SD card ports by using the "Port: SD" policy, blocking SD ports will
not be successful. For desktop computers, the "Storage Class: External Drive Control" policy must be used to effectively
block SD ports. The use of the "Storage Class: External Drive Control" policy blocks access to all external storage devices
irrespective of what bus they are on. When using a laptop computer, SD ports can be blocked using the "Port: SD" policy.
[23530]
● The F8 "discard the hibernation data" option MUST be used on the first system restart after software HCA decryption (using
the recovery tool/bundle) is performed on a system drive that contains a valid hibernation file. HCA maintains a drive state
value that identifies what drives are encrypted. Because of this, during hibernation resume, HCA attempts to decrypt data
that is read from the disk and encrypt data that is written to the disk (this transition in the hibernation file causes disk
corruption). Instructions: 1. Allow HCA decryption to complete. 2. During the first reboot after HCA decryption, before the
operating system loads, press F8 and select "discard the hibernation data". The user can now resume normal operation of
the computer.
● When using a computer equipped with a Hardware Crypto Accelerator, the Preboot Password Requirement dialog that is
displayed is misleading regarding Hardware Crypto Accelerator usage. The message will be changed in the next major release
to display: "A recent policy update requires the initial setup of the preboot authentication system. To enter the BIOS setup,
reboot and click F2 during the Dell splash screen. Go to the "Security" option and select Preboot Authentication > Set
System Password. Enter a password and exit the BIOS setup." [23205]
● When the Hardware Crypto Accelerator has used all of its lifecycles, the Shield erroneously asks the user for their Hardware
Crypto Accelerator Password and Preboot Password. The message should notify the user that the computer does not have
any remaining lifecycles and to contact their Administrator to get a replacement Hardware Crypto Accelerator. We expect
this scenario to rarely occur. [22492]
● Amended 01/2014 - When using VMware, if the host computer is Shielded (essentially meaning that the port control drivers
are installed on the host), when a user connects a USB device to their computer, and forces it to connect to the OS running
on the VMware computer instead of the host OS, the VMware OS will not be able to access the files on the USB. The Dell
port control driver is a filter driver running on USB stack. VMware is not compatible with USB filter drivers. For more
information, see VMware KB article: http://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1016809. [20280, 22820, 28522]
● When using Windows Vista (x86 or x64), the Shield failed to load the user's profile. To workaround this issue, reboot the
computer. [23496]
● The Encryption Removal Agent can decrypt files with path lengths up to 256 characters. Files paths longer than 256
characters result in a decryption failure. To work around this issue, shorten the path length to less than 256 characters and
re-initiate the Encryption Removal Agent. [23474, 23510]
Technical Advisories v7.2
Enterprise Edition for Windows
● When scanning very large files on removable media, there is a slight screen refresh delay between the local console and the
External Media Edition dialog that displays the files name that are being processed. No loss of functionality is experienced.
[23453]
● When ejecting removable storage without clicking the "safely removing devices" option in the system tray, the local console
status line briefly flashes the "Not Attached to the Encryption System" message. The status resolves to the correct status
within a second or two. This is slight screen refresh delay between the local console and External Media Edition. No loss of
functionality is experienced. [23454]
● Repeatedly switching between multiple users and using fast user switching will eventually result in Dell Data Protection |
Encryption becoming unmanaged. To identify if you are experiencing this issue, you will get a message from the local console
stating the "Connecting to Dell Data Protection | Encryption..." message, however, the connection will never be made. A
computer restart corrects the issue. [23448]
● System Restore is not a full backup/restore utility. Only the following are restored when using System Restore:
Registry
Profiles
COM+ DB
86
Technical Advisories