Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise

151

152

153

154

155

156

157

158

159

160

Manage Policies

of 1s and 0s, then with its complement, and then with random

data.

• Seven-pass Overwrite overwrites it with a standard pattern

of 1s and 0s, then with its complement, and then with random

data five times. This value makes it most difficult to recover

the original files from memory, and yields the most secure

encryption processing.

Secure Windows

Credentials

Not Selected

When this policy is selected, the Windows Credentials are

secured by encrypting the entire registry with the exception

of registry information required for computer boot. The

information required for computer boot includes HKLM/SYSTEM

and all sub-keys..

More...

A reboot is required when a change to this policy is

delivered. To control this reboot, configure the following

policies: Force Reboot on Update, Length of Each Reboot Delay,

and Number of Reboot Delays Allowed.

Block

Unmanaged

Access to

Domain

Credentials

Not Selected

This policy prevents unmanaged users and applications from

accessing the Windows domain credentials when a user is logged

in.

Secure Windows

Hibernation

File

Not Selected

When this policy is selected, the hibernation file is

encrypted only when the computer enters hibernation. The

Encryption client disengages protection when the computer

comes out of hibernation, providing protection without

impacting users or applications while the computer is in use.

Prevent

Unsecured

Hibernation

Not Selected

When this policy is selected, the Encryption client does not

allow computer hibernation if the client is unable to encrypt

the hibernation data.

Scan

Workstation on

Logon

Not selected

When this policy is selected, all current and previously

encrypted folders on the encrypted computer's local hard

driv

es are scanned each time a managed user logs on, ensuring

that all Common Encrypted Folders and User Encrypted Folders

policy values are properly implemented. Abides by the

Workstation Scan Priority policy.

Workstation

Scan Priority

Highest, High, Normal, Low, Lowest

Specifies the relative Windows priority of encrypted folder

scanning. High and Highest prioritize scanning speed over

computer responsiveness, Low and Lowest prioritize computer

responsiveness over scanning speed and favor other resource-

intensive activities, and Normal balances the two.

The client checks for a changed Workstation Scan Priority

before processing the next file.

The scan priority levels are used in two ways.

1. These values correspond with the values used by the

Microsoft SDK to set thread execution priority.

2. The client uses these values to introduce a delay in

the encryption sweep after every single file is

processed.

The values translate to the following millisecond

delay ranges, where the encryption thread will sit

idle and then return full control to the operating

system:

Highest=0 ms / Lowest=100 ms

User Data

Encryption Key

User

Common, User, User Roaming

Choose a key to indicate who can access files encrypted by the

following policies, and where:

• User Encrypted Folders

• Encrypt Outlook Personal folders

• Encrypt Temporary Files

(\Users\<Username>\AppData\Local\Temp only)

140