Dell Endpoint Security Suite Enterprise for Mac Technical Advisories v2.9 December 2020 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2012-2020 Dell Inc. All rights reserved.
Contents Chapter 1: Endpoint Security Suite Enterprise for Mac Technical Advisories................................. 5 Contact Dell ProSupport....................................................................................................................................................5 Technical Advisories and Documentation...................................................................................................................... 5 New Features and Functionality v2.9..........................
Resolved Technical Advisories v1.0............................................................................................................................... 16 Technical Advisories v1.0................................................................................................................................................. 18 Previous Technical Advisories.........................................................................................................................................
1 Endpoint Security Suite Enterprise for Mac Technical Advisories Endpoint Security Suite Enterprise for Mac offers advanced threat prevention at the operating system and memory layers and encryption, all centrally-managed from the Dell Server. With centralized management, consolidated compliance reporting, and console threat alerts, businesses can easily enforce and prove compliance for all of their endpoints.
Encryption Client v10.9 ● The issue has been resolved where, during installation when using mobile device management (MDM) deployment, a warning states a helper tool is required. [DDPSUS-2750] ● The issue has been resolved where, during an upgrade, a warning states a helper tool and administrator password are required. [DDPSUS-2861, DDPMS-2024] Technical Advisories v2.9 Advanced Threat Prevention v2.9 ● No technical advisories exist. Encryption Client v10.9 ● No technical advisories exist.
New Features and Functionality v2.6 ● macOS Catalina 10.15.3 and 10.15.4 are now supported. ● In System Preferences > Dell Encryption Enterprise > System Volumes, a Collect Logs button at the bottom right allows an administrator to pre-generate logs for support. This action may impact performance while logs are collected. ● ATP agent version 1551 and later can be installed on macOS Catalina 10.15 to 10.15.4. Technical Advisories v2.6 Advanced Threat Prevention v2.6 ● No technical advisories exist.
New Features and Functionality v2.3 ● ATP agent version 1495 and later can be installed on macOS Mojave 10.4 or 10.14.1. However, Memory Protection and Script Control features are automatically disabled and are not currently supported. Resolved Technical Advisories v2.3 Advanced Threat Prevention v2.3 ● No resolved technical advisories exist. Encryption Client v10.3 ● No resolved technical advisories exist. New Features and Functionality v2.2 ● macOS Mojave 10.14.3 is now supported.
Resolved Technical Advisories v2.1 Advanced Threat Prevention v2.1 ● No resolved technical advisories exist. Encryption Client v10.1 ● No resolved technical advisories exist. Technical Advisories v2.1 Advanced Threat Prevention v2.1 No technical advisories exist. Encryption Client v10.1 ● Typically, for APFS on macOS Mojave 10.14.4, any user accounts on the computer at the time of conversion to APFS FileVault will be able to boot the computer. [DDPMS-1926] New Features and Functionality v2.0.
Encryption Client v10.0.1 ● No technical advisories exist. New Features and Functionality v2.0 ● The Preference Panel lists the disk status for missing security tokens from the user when FileVault cannot be initiated. For more information on granting a security token to the user, follow procedures for Apple in: https://www.dell.com/support/ article/us/en/04/sln309192/mobile-users-unable-to-activate-dell-encryption-enterprise-for-mac-on-macos-high-sierra? lang=en. ● macOS High Sierra 10.13.5 -10.13.
Resolved Technical Advisories v1.5 Advanced Threat Prevention v1.5 ● No resolved technical advisories exist. Encryption Client v8.18 ● APFS FileVault 2 is able to add users with v10.13.2 and above. [DDPMS-1659] ● The recovery tool allows customers to decrypt APFS volumes on macOS High Sierra 10.13.2. [DDPMS-1689] ● When a user enters the recovery key through the Disk Utility with FileVault recovery of *iMac Pro, it mounts the drive. [DDPMS-1709, DDPMS-1722] Technical Advisories v1.
Technical Advisories v1.4.1 Advanced Threat Prevention v1.4 Technical Advisories No Technical Advisories exist. Encryption Client v8.17.2 No Technical Advisories exist. New Features and Functionality v1.4 ● ● ● ● ● Encryption client is compatible as a 64-bit application Inventory information sent to Dell Server is now encrypted. EMS Explorer indicates encrypted files with lock icon. Advanced Threat Prevention 1451 is supported with High Sierra 10.13.3.
New Features and Functionality v1.3 ● macOS High Sierra 10.13.1 is now supported. ● With macOS High Sierra, only FileVault encryption is supported, which Encryption Enterprise for Mac will manage. After an upgrade to v8.16 and then to High Sierra with the Dell Volume Encryption policy set to On and Encrypt Using FileVault for Mac set to Off, a policy conflict message displays on the Encryption client. The administrator must set both policies to On.
For instructions on how to enroll for Agent Auto Update on the Dell Server, refer to AdminHelp, accessible from the Remote Management Console. Encryption Client v8.15 Resolved Customer Issues ● Non-encrypted NTFS media can now successfully mount with Encryption External Media. [DDPSUS-1781] Technical Advisories v1.2 Advanced Threat Prevention v1.
Resolved Technical Advisories v1.1 Advanced Threat Prevention v1.1 Resolved Customer Issues ● An issue is resolved that resulted in the client computer status, "Management disabled by policy." [DDPU-29] Resolved Technical Advisories - Auto-Updates For information about periodic Advanced Threat Prevention updates for enterprises enrolled for Agent Auto Update on the Dell Server, see http://www.dell.
Encryption Client v8.13 ● Encryption does not begin after the client activates and receives Server policy. To work around this issue, click Restart or restart the computer. [DDPMS-1332] ● A restart is required for each drive on the computer when the Server policy, Volumes Targeted for Encryption, is changed from System Volume Only to All Fixed Volumes after the system drive is encrypted. [DDPMS-1384] ● With FileVault encryption, a policy update may result in an error, Invalid Element of Type.
● Fixed an issue with the event log on a Windows device to include the device serial number for iOS devices. ● Fixed an issue with the Application Control folder exclusions to prevent portable executable (PE) files from manually being moved on a Windows device. ● Fixed an issue that was causing threat files to be quarantined from a macOS Samba SMB mounted drive. ● Fixed an issue with the ability to recognize a trailing backslash in Application Control folder exclusions on a Windows device.
● Fixed an issue to ensure Auto-Update properly updates both the Agent and Optics. ● Resolved an issue where the Agent was not updating Optics with the Device ID if Optics was installed prior to Agent registration with the Management Console. ● Fixed an issue to ensure that Local models are fully loaded before scanning files. ● Fixed an issue to ensure that USB devices encrypted with BitLocker can be accessed.
Previous Technical Advisories This section includes previous Technical Advisories for the Encryption client v7.7 - v8.11. Depending on the Endpoint Security Suite Enterprise deployment and operating systems of client computers, some issues are not applicable. Technical Advisories v8.7 ● Dell Encryption is not supported with System Integrity Protection (SIP), which Apple has introduced in Mac OS X El Capitan v10.11.0. To use Dell Encryption, SIP must be disabled.
● Hard drives with 4k block size (standard block size is 512 bytes) are not supported on Mac OS X Snow Leopard or earlier, due to a defect in the OS partition resize command. This defect has been fixed in Mac OS X Lion and later. [24726] ● Using Mac OS X Lion (32- or 64-bit/Standard or Admin User) and performing a copy operation of a large number of files (about 2000 in our tests) via Finder using EMS Service causes Finder to crash.
2 Workarounds Before you begin, be aware of the following workarounds that have been identified during testing. ● Modifying the system RAM configuration will invalidate the security protection profile of an encrypted volume. This will prevent the computer from booting on the following restart. To validate the new configuration and restore the bootability of the encrypted system volume, apply the Accept new system configuration operation in the Dell Recovery Utility. See the Online Help for instructions.