Jump to content

ESET Encryption policy


Mr.Gains
 Share

Go to solution Solved by JPritchard,

Recommended Posts

We're using an installer that include both Endpoint Security (v8.0.2028.0) and Full Disk Encryption (v1.2.4.12). I included our custom EFDE policy in the installer but it's not applying to the machines, therefore I had to manually apply the policies after the machines get encrypted. Is there any issues in applying our encryption policy after the system gets encrypted? My thoughts is that the default policy will override my policy that I applied after the system gets encrypted, or will the policy change as long the system checks in?

Thanks,

Edited by Mr.Gains
grammar
Link to comment
Share on other sites

  • ESET Staff

Hello there!

After reading through your post, it's unclear to me what the issue is exactly.

When you say:

12 hours ago, Mr.Gains said:

I included our custom EFDE policy in the installer but it's not applying to the machines, therefore I had to manually apply the policies after the machines get encrypted.

If the computer started encryption after the installation, then an EFDE Policy was included in the installer. EFDE does NOT perform any kind of encryption unless the EFDE Policy specifically enables encryption. If the Policy included in your installer isn't encrypting in the way that you expect, then I suggest you amend the installer's settings and then generate a new MSI.

 

Regarding this statement:

12 hours ago, Mr.Gains said:

Is there any issues in applying our encryption policy after the system gets encrypted?

It is not possible to change the FDE mode (TPM/OPAL/Software based encryption) without decrypting the computer first. After decrypting the computer, you can apply the desired EFDE Policy.

 

It should be noted that the computer details shown in ESET Protect do not show the currently applied EFDE Policy if the Policy was established as part of the install. You may be able to request the computer details in order to update the computer details to show this information. 

If I have misunderstood the issue, then please may you provide more information on the problem.

Thank you

Link to comment
Share on other sites

4 hours ago, JPritchard said:

It should be noted that the computer details shown in ESET Protect do not show the currently applied EFDE Policy if the Policy was established as part of the install. You may be able to request the computer details in order to update the computer details to show this information. 

If I have misunderstood the issue, then please may you provide more information on the problem.

Thank you

Sorry for the confusion, basically I was trying to say that I set a policy in the installer but it doesn't show in computer details (configuration-applied policies) in ESET PROTECT. We have encrypted multiple computers in last couple of days, and none of them are showing any EFDE policy after installing/encrypting with our Endpoint+FDE package.

Is there a way to force the computer to show it's EFDE policy in ESET PROTECT, just a bit confuse on why it wouldn't show the policy in the first place?

Link to comment
Share on other sites

  • ESET Staff
  • Solution
Posted (edited)

Good afternoon!

The behavior you describe is normal - Policies applied by the installer do not show in the console. However, where EFDE is concerned, you will see the encryption status information on the computer panel here:

2021-04-15_15-51-33.png

If you want to update the Policy details in the ESET Protect console, then you can press the "REQUEST CONFIGURATION" button. Once processed, you will see the currently applied policies. Here's an example:

Before

2021-04-15_15-46-06.png

After

2021-04-15_15-50-30.png

It might be possible to automate this process, however I don't know enough about ESET Protect to assist you further with this. You may want to ask for further help in the ESET Protect forum or contact support.

I hope this helps out!

Edited by JPritchard
Link to comment
Share on other sites

23 hours ago, JPritchard said:

Good afternoon!

The behavior you describe is normal - Policies applied by the installer do not show in the console. However, where EFDE is concerned, you will see the encryption status information on the computer panel here:

2021-04-15_15-51-33.png

If you want to update the Policy details in the ESET Protect console, then you can press the "REQUEST CONFIGURATION" button. Once processed, you will see the currently applied policies. Here's an example:

Before

2021-04-15_15-46-06.png

After

2021-04-15_15-50-30.png

It might be possible to automate this process, however I don't know enough about ESET Protect to assist you further with this. You may want to ask for further help in the ESET Protect forum or contact support.

I hope this helps out!

Cheers, it doesn't tell me the policy name but it does give me some relief to see the configuration (same custom policy I applied in the installer). Learned something new today, thank you JPritchard

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...