Jump to content


ESET Staff
  • Posts

  • Joined

  • Last visited

About JPritchard

  • Rank

Profile Information

  • Location

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello, EFDE does not utilize/manage Bitlocker. EFDE performs the encryption itself and is managed by ESET Protect. Let me know if you have any further questions
  2. Hello there, What version of the EEE Server do you have installed currently? The latest available to download is version 3.2.2. If you are using an older version, please upgrade and try again and let me know if the issue still occurs. Please refer to this knowledgebase article for guidance on upgrading your EEE Server: https://support.eset.com/en/kb7402
  3. Good afternoon! The behavior you describe is normal - Policies applied by the installer do not show in the console. However, where EFDE is concerned, you will see the encryption status information on the computer panel here: If you want to update the Policy details in the ESET Protect console, then you can press the "REQUEST CONFIGURATION" button. Once processed, you will see the currently applied policies. Here's an example: Before After It might be possible to automate this process, however I don't know enough about ESET Protect to assist you further with this. You may want to ask for further help in the ESET Protect forum or contact support. I hope this helps out!
  4. Hello there! After reading through your post, it's unclear to me what the issue is exactly. When you say: If the computer started encryption after the installation, then an EFDE Policy was included in the installer. EFDE does NOT perform any kind of encryption unless the EFDE Policy specifically enables encryption. If the Policy included in your installer isn't encrypting in the way that you expect, then I suggest you amend the installer's settings and then generate a new MSI. Regarding this statement: It is not possible to change the FDE mode (TPM/OPAL/Software based encryption) without decrypting the computer first. After decrypting the computer, you can apply the desired EFDE Policy. It should be noted that the computer details shown in ESET Protect do not show the currently applied EFDE Policy if the Policy was established as part of the install. You may be able to request the computer details in order to update the computer details to show this information. If I have misunderstood the issue, then please may you provide more information on the problem. Thank you
  5. Hello there! While we haven't tested on the Surface Laptop 3 model specifically, you should be able to install EEE and encrypt the machine with no foreseeable problems. We routinely test the software on other Surface models without any issues, so the Surface Laptop 3 should in theory be okay too. However, we recommend you install the latest version of EEE, which is currently, not 5.01. This is available from ESET's website. As with all things, we recommend you maintain backups of important data regardless of whether or not encryption is in place.
  6. Good morning, Self Enrolment is separate from the cloud proxy, take care not to confuse them. Self Enrolment is a feature which automates the EEE user activation process by communicating on the local network to licence users. This is not essential, as you can activate users manually by email instead. You can see the EEES process for user activation here: KB7157 - Activate ESET Endpoint Encryption Client using ESET Endpoint Encryption Server EFDE and EEE are separate products entirely. Depending on your requirements, perhaps EFDE is more suitable for your needs? It only offers Full Disk Encryption, but it's managed and deployed from your existing ESMC which may be more convenient for you.
  7. Good afternoon, I am a technical support engineer for ESET's Encryption product family. You have mentioned a few things that I feel need clarifying, some of which may require in-depth explanations in order for you to come to your own conclusion on how best to deploy ESET Endpoint Encryption in your own environment. First I feel I need to address an important concept regarding ESET Endpoint Encryption. EEE uses a "cloud proxy", which is our patented technology which simply acts as a pigeonhole (or middleman) for communicating commands/client updates between the EEE server and EEE client workstations. If your environment has an Internet proxy to control traffic, then you will need to add your proxy details to your EEE Server. For complete details on this, please read our article here: KB7607 - Add internet proxy server settings to ESET Endpoint Encryption Server Providing everything is configured correctly, your EEE client workstations will be able to communicate with your EEES (through the cloud proxy) as normal. Regarding your questions about deployment, I am not familiar with deploying EEE from ESMC itself, but I know there isn't a repository for EEE, so it cannot be installed that way. However, the EEE Server has a "Push Install" feature which allows you to install the EEE client (MSI) on clients across the network. Sadly this may not be suitable, as you said your users never connect to your internal network. In which case I would ask, how do you currently manage software deployments for users off your network? Regardless, EEE's installer is an MSI file, which can be easily deployed through 3rd party tools. Just ensure your Workstation Policy is configured correctly before generating the MSI for the endpoints, as the Workstation Policy is bundled into the MSI itself. Additionally, depending on your requirements you may need to create a separate Merged Installer for each Workstation Team you have set-up in your EEES. I hope this sheds some light on your situation and what you can do to deploy EEE in your environment.
  8. I'm pleased to hear that has resolved your issue. Have a nice evening 🙂 -JP
  9. Good afternoon, I'm sorry to hear about this issue. I suspect you are encountering a known issue with the latest version of Windows 10 2004 (OS build 19042). You can check what Windows version you are running by typing 'winver' into the Run dialog. I have attached an example: If your computer IS running Windows 10 2004 (OS build 19042), then please check to see if you are missing the UseNullDerivedOwnerAuth registry value found in: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPM\WMI If it is missing, then you can create it manually by opening an elevated command prompt and entering the following command: reg add hklm\system\currentcontrolset\services\tpm\wmi -v UseNullDerivedOwnerAuth -t REG_DWORD -d 0x01 -f After running this command, reboot your computer before trying FDE again. This should allow the TPM to be used for encryption. Let me know how you get on. - JP
  10. Hi Jock Once the machine is fully decrypted, please refer to the section titled "Removing ESET Endpoint Encryption with Managed Uninstall" from this knowledgebase article here: KB288 - ESET Endpoint Encryption Windows Installer (MSI) However if it's only one machine, then you may find it quicker to access the machine itself and click "Change" from Add/Remove Programs and follow the on-screen steps to remove the software as shown in this article: KB7617 - Using Managed Uninstall in ESET Endpoint Encryption
  11. Good afternoon, When the FDE command is received by the endpoint, does the machine reboot to perform Safe Start? I also noticed you are using an older version of EEE. Please upgrade to v5.0.7.3 and try again.
  • Create New...