Dell Data Security Console User Guide v2.9 December 2020 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2012-2020 Dell Inc. All rights reserved.
Contents Chapter 1: Introduction................................................................................................................. 4 Contact Dell ProSupport....................................................................................................................................................4 Chapter 2: Navigation................................................................................................................... 5 Chapter 3: Advanced Threat Prevention...............
1 Introduction The Data Security Console provides access to applications that ensure security for all users of the computer, to view and manage encryption status of the computer's drives and partitions, and to easily enroll their PBA password and recovery questions.
2 Navigation To access an application, click the appropriate tile. Title bar To return to the home page from within an application, click the back arrow in the left corner of the title bar, next to the name of the active application. To navigate directly to another application, click the down arrow next to the active application name, and select an application. To minimize, maximize, or close the Data Security Console, click the appropriate icon in the right corner of the title bar.
To restore the Data Security Console after minimizing, double-click its notification area icon. To open Help, click the ? on the title bar. Data Security Console Details To view details about the Data Security Console, policies, running services, and logs, click the gear icon on the left side of the title bar. This information might be necessary for an administrator to provide technical support. Select an item from the menu. Menu Item Purpose About Contains version information.
3 Advanced Threat Prevention Advanced Threat Prevention protects your computer against malware by monitoring all processes attempting to execute on your computer or within memory space, and flagging any that are deemed abnormal or unsafe. Advanced Threat Prevention is installed by default with Endpoint Security Suite Enterprise. Firewall and Web Protection are optionally installed as part of Endpoint Security Suite Enterprise.
Protection Status The Protection Status indicates whether the computer is Protected (indicated by a green check mark) or Not Protected (indicated by a red X), based on whether the Advanced Threat Prevention service is running and Advanced Threat Prevention is On (Enabled) in the Dell Server. ● Advanced Threat Prevention - Indicates whether Advanced Threat Prevention is On (Enabled) in the Dell Server. ● Memory Protection - Indicates whether Memory Protection is On (Enabled) in the Dell Server.
Select one of the following options to display verbose Advanced Threat Prevention details: ● Show Threats The Show Threats option displays threats that were mitigated by Advanced Threat Prevention and the following details: File Hash ID - Displays the SHA256 hash information for the threat. File MD5 - The MD5 hash. Currently Running? - Is the threat currently running on the device? Running or Not Running. File Path - The path where the threat was found. Includes the file name. Score - Ranking of the threat.
The displayed list of events is collected when that Data Security Console session is launched. To retrieve new events, close the Data Security Console then re-launch. Firewall and Web Protection Status Access the Firewall and Web Protection Status page through the Firewall and Web Protection tile in the Data Security Console. Overall Status The Overall Status indicates whether the computer is Protected or Vulnerable, based on Firewall and Web Protection policy settings in the Dell Server.
● Protected - Overall Status is Protected if Web Protection or Client Firewall policies are On (Enabled). ● Vulnerable - Overall Status is Vulnerable if Web Protection and Client Firewall policies are Off (Disabled).
4 Encryption Status The Encryption page displays the encryption status of the computer. If a disk, drive, or partition is not encrypted, its status reads Unprotected. A drive or partition that is encrypted shows the status Protected. To update encryption status, right-click the appropriate disk, drive, or partition, and select Refresh.
5 Sign-in Access Sign-in Access lets you enroll, modify, and check enrollment status, based on policy set by the administrator. After initial enrollment, you can click the Sign-in Access tile to add or modify credentials. NOTE: The Sign-in Access tile will display only if the PBA is active. Enroll Credentials for the First Time To enroll credentials for the first time: 1. On the Data Security Console home page, click the Sign-In Access tile. 2.
Password To change your Windows password: 1. Click the Password tab. 2. Enter the current Windows password. 3. Enter the new password and enter it again to confirm it, and click Change. Password changes are effective immediately. 4. At the Successful Enrollment dialog, click OK. NOTE: You should only change your Windows password in the Data Security Console rather than in Windows.
Recovery Questions The Recovery Questions page allows you to create, delete, or change your recovery questions and answers. Recovery Questions provide a question and answer-based method for you to access your Windows accounts if, for example, the password is expired or forgotten. NOTE: Recovery questions are used to recover access to a computer only. The questions and answers cannot be used to log on. If you have no previous PBA recovery questions enrolled: 1. Click the Recovery Questions tab. 2.
6 Glossary Credential - A credential is something that proves a person’s identity, such as their Windows password. Preboot Authentication (PBA) - Preboot Authentication serves as an extension of the BIOS or boot firmware and guarantees a secure, tamper-proof environment external to the operating system as a trusted authentication layer. The PBA prevents anything being read from the hard disk, such as the operating system, until the user has confirmed they have the correct credentials.