Symantec Encryption Desktop For Windows

1y ago
9 Views
1 Downloads
2.38 MB
278 Pages
Last View : Today
Last Download : 5m ago
Upload by : Macey Ridenour
Transcription

Symantec Encryption Desktopfor WindowsUser's Guide10.5.1

Documentation Legal NoticeThis Documentation, which includes embedded help systems and electronically distributed materials,(hereinafter referred to as the “Documentation”) is for your informational purposes only and is subject to changeor withdrawal by Broadcom at any time. This Documentation is proprietary information of Broadcom and may notbe copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior writtenconsent of Broadcom.If you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwisemake available a reasonable number of copies of the Documentation for internal use by you and your employeesin connection with that software, provided that all Broadcom copyright notices and legends are affixed to eachreproduced copy.The right to print or otherwise make available copies of the Documentation is limited to the period during whichthe applicable license for such software remains in full force and effect. Should the license terminate for anyreason, it is your responsibility to certify in writing to Broadcom that all copies and partial copies of theDocumentation have been returnedto Broadcom or destroyed.TO THE EXTENT PERMITTED BY APPLICABLE LAW, BROADCOM PROVIDES THISDOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION,ANY IMPLIED WARRANTIES OFMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ORNONINFRINGEMENT. IN NO EVENT WILL BROADCOM BE LIABLE TO YOU OR ANY THIRD PARTYFOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT,FROM THE USE OF THIS DOCUMENTATION,INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESSINTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF BROADCOM IS EXPRESSLY ADVISED INADVANCE OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.The use of any software product referenced in the Documentation is governed by the applicable licenseagreement and such license agreement is not modified in any way by the terms of this notice.The manufacturer of this Documentation is Broadcom Inc.Provided with “Restricted Rights.” Use, duplication or disclosure by the United States Government is subject tothe restrictions set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section252.227-7014(b) (3), as applicable, or their successors.Copyright 2005-2022 Broadcom. All Rights Reserved. The term “Broadcom” refers to BroadcomInc. and/or its subsidiaries. All trademarks, trade names, service marks, and logos referenced hereinbelong to their respectivecompanies.

ContentsAbout Symantec Encryption Desktop for WindowsWhat's New in Symantec Encryption Desktop for WindowsUsing this Guide“Managed” versus “Unmanaged” UsersConventions Used in This GuideWho Should Read This DocumentAbout Symantec Encryption Desktop LicensingLicensing Symantec Encryption Desktop for WindowsChecking License DetailsIf Your License has ExpiredTechnical SupportSymantec Encryption Desktop BasicsSymantec Encryption Desktop TerminologyProduct ComponentsTerms used in Symantec Encryption DesktopConventional and Public Key CryptographyUsing Symantec Encryption Desktop for The First TimeInstalling Symantec Encryption Desktop1112244456699910111215Before You Install15Installing and Configuring Symantec Encryption Desktop15Installing the Software15Upgrading the Software16Licensing Symantec Encryption Desktop17Running the Setup Assistant18Uninstalling Symantec Encryption Desktop18Moving Your Symantec Encryption Desktop Installation from One Computer to Another19The Symantec Encryption Desktop User Interface21Accessing Symantec Encryption Desktop FeaturesThe Symantec Encryption Desktop Main ScreenUsing the PGP Tray IconUsing Shortcut Menus in Windows ExplorerUsing the Start MenuNotifier alertsNotifications on Windows 8.1/10 systemsNotifier for MessagingNotifier for Disk featuresEnabling or Disabling NotifiersViewing the PGP Log2122232426262626282930

iiContentWorking with PGP KeysViewing KeysCreating a KeypairPasswords and PassphrasesProtecting Your Private KeyProtecting Keys and KeyringsBacking up Your Private KeyWhat if You Lose Your Key?Distributing Your Public KeyPlacing Your Public Key on a KeyserverIncluding Your Public Key in an Email MessageExporting Your Public Key to a FileCopying from a Smart Card Directly to Someone’s KeyringGetting the Public Keys of OthersGetting Public Keys from a KeyserverGetting Public Keys from Email MessagesWorking with KeyserversUsing Master KeysAdding Keys to the Master Key ListDeleting Keys from the Master Key ListManaging PGP KeysExamining and Setting Key PropertiesWorking With Photographic IDsManaging User Names and Email Addresses on a KeyTo delete a name/email adress from your keyImporting Keys and X.509 CertificatesUsing the Import Certificate AssistantImporting X.509 Certificates Included in S/MIME Email MessagesChanging Your PassphraseDeleting Keys, User IDs, and SignaturesDisabling and Enabling Public KeysVerifying a Public KeySigning a Public KeyRevoking Your Signature from a Public KeyGranting Trust for Key ValidationsWorking with SubkeysUsing Separate SubkeysViewing SubkeysCreating New SubkeysSpecifying Key Usage for SubkeysRevoking SubkeysRemoving SubkeysWorking with ADKsAdding an ADK to a KeypairUpdating an ADKRemoving an ADKWorking with RevokersAppointing a Designated RevokerRevoking a 2

ContentSplitting and Rejoining KeysCreating a Split KeyRejoining Split KeysIf You Lost Your Key or PassphraseReconstructing Keys with Symantec Encryption ServerCreating Key Reconstruction DataReconstructing Your Key if You Lost Your Key or PassphraseProtecting your KeysSecuring Email MessagesHow Symantec Encryption Desktop Secures Email MessagesIncoming MessagesVerifying Signatures on Incoming MessagesUnderstanding Annotations on Incoming MessagesOutgoing MessagesSecuring Sent Items on IMAP Email ServersSending MAPI Email with Microsoft OutlookUsing the Sign and Encrypt Buttons in Microsoft OutlookUsing Offline PolicyServices and PoliciesViewing Services and PoliciesCreating a New Messaging ServiceEditing Messaging Service PropertiesDisabling or Enabling a ServiceDeleting a ServiceMultiple ServicesTroubleshooting PGP Messaging ServicesCreating a New Security PolicyRegular Expressions in PoliciesSecurity Policy Information and ExamplesWorking with the Security Policy ListEditing a Security PolicyEditing a Mailing List PolicyDeleting a Security PolicyChanging the Order of Policies in the ListSymantec Encryption Desktop and SSL/TLSKey ModesDetermining Key ModeChanging Key ModeEncoding FormatsViewing the PGP LogViewing Email with PGP ViewerOverview of PGP ViewerCompatible Email ClientsOpening an Encrypted Email Message or FileCopying Email Messages to Your InboxExporting Email MessagesSpecifying Additional OptionsSpecifying Options in PGP ViewerSecurity Features in PGP 106107107108108109iii

ivContentProtecting Disks with Symantec Drive EncryptionAbout Symantec Drive EncryptionHow does Symantec Drive Encryption Differ from PGP Virtual Disk?Licensing Symantec Drive EncryptionPrepare Your Disk for EncryptionSupported Disk TypesSupported KeyboardsSupported Input Method Editors (IME)Ensure Disk Health Before EncryptionHow to Determine if Your Windows System is Running in UEFI ModeCalculate the Encryption DurationMaintain Power Throughout EncryptionRun a Pilot Test to Ensure Software CompatibilityDetermining the Authentication Method for the DiskPassphrase and Single Sign-On AuthenticationPublic Key AuthenticationToken-Based AuthenticationTrusted Platform Module (TPM) AuthenticationSetting Encryption OptionsPartition-Level EncryptionPreparing a Smart Card or Token to Use For AuthenticationUsing Symantec Drive Encryption OptionsEncrypting a Disk or PartitionSupported Characters for Symantec Drive Encryption PassphrasesEncrypting the DiskEncountering Disk Errors During EncryptionUsing a Symantec Drive Encryption-Encrypted DiskAuthenticating at the PGP BootGuard ScreenSelecting Keyboard LayoutsUsing Symantec Drive Encryption Single Sign-OnPrerequisites for Using Single Sign-OnEncrypting the Disk to Use Single Sign-OnUsing the 'Fast Startup' Option with Single Sign-On on Windows 8.1/10Multiple Users and Single Sign-OnLogging in with Single Sign-OnChanging Your Passphrase With Single Sign-OnDisplaying the Windows Login dialog boxMaintaining the Security of Your DiskGetting Disk or Partition InformationAdding Other Users to an Encrypted Disk or PartitionDeleting Users From an Encrypted Disk or PartitionChanging User PassphrasesRe-Encrypting an Encrypted Disk or PartitionIf You Forgot Your PassphraseBacking Up and RestoringUninstalling Symantec Encryption Desktop from Encrypted Disks or PartitionsWorking with Removable DisksEncrypting Removable DisksUsing Locked (Read-Only) Disks as Read-OnlyMoving Removable Disks to Other 8149150

ContentReformatting an Encrypted Removable Disk150Using Symantec Drive Encryption in a Symantec Encryption Server-Managed Environment 151Symantec Drive Encryption Administration151Accessing an Encrypted Device Using a Whole Disk Recovery Token152Creating a Recovery Token in a Managed Environment152Creating a Recovery Token in a Standalone Environment153Using a Recovery Token153Recovering Data From an Encrypted Drive154Creating and Using a Recovery Disc154Creating and Using a Recovery USB Drive155Decrypting a Symantec Drive Encryption-Encrypted Disk156Special Security Precautions Taken by Symantec Encryption Desktop157Passphrase Erasure157Virtual Memory Protection158Hibernation vs Standby (Sleep)158Memory Static Ion Migration Protection158Other Security Considerations158Using the Windows Preinstallation Environment159Using PGP Virtual DiskAbout PGP Virtual DiskCreating a New PGP Virtual DiskViewing the Properties of a PGP Virtual DiskFinding PGP Virtual DisksUsing a Mounted PGP Virtual DiskMounting a PGP Virtual DiskUnmounting a PGP Virtual DiskCompacting a PGP Virtual DiskRe-Encrypting PGP Virtual DisksWorking with Alternate UsersAdding Alternate User Accounts to a PGP Virtual DiskDeleting Alternate User Accounts from a PGP Virtual DiskDisabling and Enabling Alternate User AccountsChanging Read/Write and Read-Only StatusGranting Administrator Status to an Alternate UserChanging User PassphrasesDeleting PGP Virtual DisksMaintaining PGP Virtual DisksMounting PGP Virtual Disk Volumes on a Remote ServerBacking up PGP Virtual Disk VolumesExchanging PGP Virtual DisksThe PGP Virtual Disk Encryption AlgorithmsSpecial Security Precautions Taken by PGP Virtual DiskPassphrase ErasureVirtual Memory ProtectionHibernationMemory Static Ion Migration ProtectionOther Security ConsiderationsUsing Symantec File Share v

viContentAbout Symantec File Share Encryption177Symantec File Share Encryption Roles179Integrating with Symantec Data Loss Prevention180Licensing Symantec File Share Encryption182Authorized User Keys183Using a Group Key183Establishing a Symantec File Share Encryption Admin (Owner)184"Blacklisted" and "Whitelisted" Files, Folders, and Applications185“Blacklisted” and Other Files You Cannot Protect185"Blacklisted" and "Whitelisted" Folders Specified by Symantec Encryption Server185Application-based Encryption and Decryption Bypass Lists186Working with Protected Folders187Choosing the Location for a Protected Folder187Creating a New Symantec File Share Encryption Protected Folder188Using Files in a Symantec File Share Encryption Protected Folder190Unlocking a Protected Folder191Determining the Files in a Protected Folder191Adding Subfolders to a Protected Folder192Checking Folder Status192Copying Protected Folders to Other Locations193Working with Symantec File Share Encryption Users193Adding a Symantec File Share Encryption User194Changing a User's Role195Deleting a User from a Protected Folder195Importing Symantec File Share Encryption Access Lists196Working with Active Directory Groups196Setting up Symantec File Share Encryption to Work with Groups197Adding an Active Directory Group to a Protected Folder197Refreshing Groups198Decrypting Symantec File Share Encryption-Protected Folders198Re-Encrypting a Folder199Clearing a Passphrase200Protecting Files Outside of a Protected Folder200Backing Up Symantec File Share Encryption-Protected Files202Accessing Symantec File Share Encryption Features using the Shortcut Menu203Symantec File Share Encryption in a Symantec Encryption Server-managed Environment203Accessing the Properties of a Protected File or Folder204Using the Symantec File Share Encryption Menus in Symantec Encryption Desktop204The File Menu205The Edit Menu205The Symantec File Share Encryption Menu205

ContentUsing PGP ZipOverviewCreating PGP Zip ArchivesEncrypting to Recipient KeysEncrypting with a PassphraseCreating a PGP Self-Decrypting Archive (SDA)Creating a Sign Only ArchiveOpening a PGP Zip ArchiveOpening a PGP Zip SDAEditing a PGP Zip ArchiveVerifying Signed PGP Zip ArchivesShredding Files with PGP ShredderUsing PGP Shredder to Permanently Delete Files and FoldersShredding Files using the PGP Shredder Icon on Your DesktopShredding Files From Within Symantec Encryption DesktopShredding Files in Windows ExplorerUsing the PGP Shredder Free Space AssistantScheduling Free Space ShreddingStoring Keys on Smart Cards and TokensAbout Smart Cards and TokensRecognizing Smart CardsExamining Smart Card PropertiesGenerating a PGP Keypair on a Smart CardCopying your Public Key from a Smart Card to a KeyringCopying a Keypair from Your Keyring to a Smart CardWiping Keys from Your Smart CardUsing Multiple Smart CardsSetting Symantec Encryption Desktop OptionsAccessing the PGP Options dialog boxGeneral OptionsKeys OptionsMaster Keys OptionsMessaging OptionsProxy OptionsSymantec File Share Encryption OptionsDisk OptionsNotifier OptionsAdvanced OptionsWorking with Passwords and PassphrasesChoosing whether to use a password or passphraseThe Passphrase Quality 43245247247249250253253254vii

viiiCreating Strong PassphrasesWhat if You Forget Your Passphrase?Using Symantec Encryption Desktop with Symantec Encryption ServerOverviewFor Symantec Encryption Server AdministratorsManually binding to a Symantec Encryption ServerIndex255256257257258259267

1About Symantec Encryption Desktopfor WindowsSymantec Encryption Desktop, Powered by PGP Technology is a security tool that usescryptography to protect your data against unauthorized access.Symantec Encryption Desktop protects your data while being sent by email. It lets youencrypt your entire hard drive or hard drive partition—so everything is protected all thetime—or just a portion of your hard drive, via a virtual disk on which you can securelystore your most sensitive data. You can use it to share your files and folders securelywith others over a network. It lets you put any combination of files and folders into anencrypted, compressed package for easy distribution or backup. Finally, use SymantecEncryption Desktop to shred (securely delete) sensitive files—so that no one canretrieve them—and shred free space on your hard drive, so there are no unsecuredremains of any files.Use Symantec Encryption Desktop to create PGP keypairs and manage both yourpersonal keypairs and the public keys of others.To make the most of Symantec Encryption Desktop, you should be familiar withSymantec Encryption Desktop Terminology (on page 9). You should also understandconventional and public-key cryptography, as described in Conventional and Public KeyCryptography (on page 11).In This ChapterWhat's New in Symantec Encryption Desktop for Windows. 1Using this Guide. 1Who Should Read This Document . 4About Symantec Encryption Desktop Licensing . 4Technical Support . 6What's New in Symantec Encryption Desktop for WindowsBuilding on Symantec ’s proven technology, Symantec Encryption Desktopfor Windows includes numerous improvements and new features. For moreinformation on what's new in Symantec Encryption Desktop for Windows, seeSymantec Encryption Desktop 10.5.1 for Windows Release Notes.Using this GuideThis Guide provides information on configuring and using the components withinSymantec Encryption Desktop. Each chapter of the guide is devoted to one of thecomponents of Symantec Encryption Desktop.

2About Symantec Encryption Desktop forWindows Using this Guide“Managed” versus “Unmanaged” UsersA Symantec Encryption Server can be used to control the policies and settings used bycomponents of Symantec Encryption Desktop. This is often the case in enterprisesusing PGP software. Symantec Encryption Desktop users in this configuration areknown as managed users, because the settings and policies available in their SymantecEncryption Desktop software are pre-configured by a Symantec Encryption Serveradministrator and managed using a Symantec Encryption Server. If you are part of amanaged environment, your company may have specific usage requirements. Forexample, managed users may or may not be allowed to send plaintext email, or may berequired to encrypt their disk with Symantec Drive Encryption.Users not under the control of a Symantec Encryption Server are called unmanaged orstandalone users.This document describes how Symantec Encryption Desktop works in both situations;however, managed users may discover while working with the product that some of thesettings described in this document are not available in their environments. For moreinformation, see Using Symantec Encryption Desktop with Symantec Encryption Server(on page 257).Features Customized by Your Symantec Encryption Server AdministratorIf you are using Symantec Encryption Desktop as a "managed" user in a SymantecEncryption Server-managed environment, there are some settings that can be specifiedby your administrator. These settings may change the way features are displayed inSymantec Encryption Desktop. Disabled features. Your Symantec Encryption Server administrator can enable ordisable specific functionality. For example, your administrator may disable theability to create PGP Zip archives, or to create Symantec File Share Encryptionprotected folders (on Windows systems).When a feature is disabled, the control item in the left side is not displayed and themenu for that feature is not available. The Symantec Encryption Desktop interfacemay look different if your administrator has customized the features available. Customized BootGuard. If you are using Symantec Encryption Desktop in aSymantec Encryption Server-managed environment, your Symantec EncryptionServer administrator may have customized the Symantec Drive EncryptionBootGuard screen to include additional text or a custom image such as yourorganization's logo. Your actual login screen may look different if youradministrator has customized the screen.Conventions Used in This GuideNotes, Cautions, and Warnings are used in the following ways.Notes: Notes are extra, but important, information. A Note calls your attention toimportant aspects of the product. You will be able to use the product better if youread the Notes.Cautions: Cautions indicate the possibility of loss of data or a minor security breach.A Caution tells you about a situation where problems could occur unless precautionsare taken. Pay attention to Cautions.

About Symantec Encryption Desktop forWindowsWarnings: Warnings indicate the possibility of significant data loss or a majorsecurity breach. A Warning means serious problems are going to happen unless youtake the appropriate action. Please take Warnings very seriously.Conventions Used on Microsoft Windows 8.1/10 SystemsIf you are using Symantec Encryption Desktop on a Microsoft Windows 8.1/10system, the following sections provide information on how to access basic tasks in theWindows 8.1/10 style interface:NamingConventionsUse the following table to interpret the terms used in this document in a Windows8.1/10 environment:Term used in this DocumentIn Windows 8.1/10Start MenuAvailable as Start ScreenWindows ExplorerAvailable as File ExplorerAdd or Remove ProgramsAvailable as Programs and FeaturesClick or SelectWhen using a touch screen system, means tapUse the following table to learn how to perform the basic tasks of Symantec EncryptionDesktop on Windows 8.1/10 systems:Basic TasksToDoOpen Symantec Encryption DesktopDo one of the following: On the Start screen, type SymantecEncryption Desktop and press Enter. On the Start screen, select the SymantecEncryption Desktop tile.Open System TrayOn the Start screen, click the Desktop tile.Open File ExplorerOn the Start screen, type File Explorer and pressEnter.Open PGP TrayOn the Start screen, click the Desktop tile,then clickthe Symantec Encryption Desktop icon located at theright side of the task bar. (If you have combined taskbar items you may need to click the arrow to displayhidden items.)Uninstall Symantec Encryption Desktop In the Control Panel, select Programs andFeatures, select Symantec Encryption Desktopand click Uninstall.3

4About Symantec Encryption Desktop forWindows Who Should Read This DocumentWho Should Read This DocumentThis document is for anyone who is going to be using the Symantec Encryption Desktopfor Windows software to protect their data.About Symantec Encryption Desktop LicensingA license is used within the PGP software to enable the functionality you purchased,and sets the expiration of the software. Depending on the license you have, some or allof the Symantec Encryption Desktop family of applications will be active. Once youhave entered the license, you must then authorize the software with Symantec, either manually or online.There are three types of licenses: Evaluation: This type of license is typically time-delimited and may not include allSymantec Encryption Desktop functionality. Subscription: This type of license is typically valid for a subscription period of oneyear. During the subscription period, you receive the current version of PGPsoftware and all upgrades and updates released during this period. Perpetual: This type of license allows you to use Symantec Encryption Desktopindefinitely. With the addition of the annual Software Insurance policy, whichmust be renewed annually, you also receive all upgrades and updates releasedduring the policy term.Licensing Symantec Encryption Desktop for WindowsTo license Symantec Encryption DesktopDo one of the following: If you are a managed user, you are most likely already using a licensed copy ofSymantec Encryption Desktop. Check your license details as described in CheckingLicense Details (on page 5). If you have questions, please contact your SymantecEncryption Server administrator. If you are an unmanaged user, or a Symantec Encryption Server administrator,check your license details as described in Checking License Details (on page 5). Ifyou need to authorize your copy of Symantec Encryption Desktop, do so asdescribed in Authorizing Symantec Encryption Desktop for Windows (on page 5).

About Symantec Encryption Desktop forWindows About Symantec EncryptionChecking License DetailsTo see the details of your Symantec Encryption Desktop license1Double-click the Symantec Encryption Desktop icon in the system tray.2Select Help License. The Symantec Encryption Desktop License dialog boxdisplays the following details:ItemDescriptionLicense TypeThe name of the licensed product.License SeatsThe number of seats available for this license.License ExpirationThe date when the license will expire.Product InformationThe components that are active in your license. Move yourcursor over the product name to see information about theproduct and to find out if you are currently licensed to useit.Note: If you do not authorize your copy of Symantec Encryption Desktop, onlylimited features will be available to you (PGP Zip and PGP Keys).Authorizing Symantec Encryption Desktop for WindowsIf you need to change to a new license number, or if you skipped the licenseauthorization process during configuration, follow these instructions to authorize yoursoftware.To authorize Symantec Encryption Desktop for WindowsIf you purchased Symantec Encryption Desktop, you received an order confirmationwith licensing information.1Double-click the Symantec Encryption Desktop icon in the System Tray.2Select Help License. The Symantec Encryption Desktop License dialog box isdisplayed.3Click Change License. The PGP Licensing Assistant dialog box is displayed.4Do one of the following: Type your 28-character license number in the provided fields (for example,DEMO1-DEMO2-DEMO3-DEMO4-DEMO5-ABC).Note: To avoid typing errors and make the authorization easier, copy the entirelicense number, put the cursor in the first “License Number” field, and paste.Your license number will be correctly entered into all six “License Number”fields. To use Symantec Encryption Desktop without a license, select Use without alicense and disable most functionality. The only feature of SymantecEncryption Desktop you can use without a license is PGP Zip and PGP Keys.5

6About Symantec Encryption Desktop forWindows Technical Support5Click Next to authorize.6When PGP is authorized, the features enabled by your license will be displayed.Click Next, and then click Finish to complete the process.If Your License has ExpiredIf your Symantec Encryption Desktop license has expired, you will receive a PGPLicense Expiration message when you launch Symantec Encryption Desktop. See thefollowing sections for information on how an expired license affects the functionality ofSymantec Encryption Desktop.Symantec Desktop Email Outgoing email messages are no longer sent encrypted.Symantec File Share EncryptionPGP VirtualDisk Symantec File Share Encryption protected folders can be accessed however theprotected files remain encrypted. (To view the encrypted files, manually decryptthe folders and files.) New Symantec File Share Encryption protected folders cannot be created. Files moved into a protected folder are not encrypted. Keys cannot be added or removed from Symantec File Share Encryption protectedfolders. PGP Virtual Disks are still accessible in Read-Only mode. Read-Only allows data tobe copied from a PGP Virtual Disk, however no data can be copied to a PGP VirtualDisk.Symantec Drive Encryption Any fixed disks that have been encrypted with Symantec Encryption Desktopusing an evaluation license are automatically decrypted 90 days after theexpiration of the evaluation.Technical SupportFor information about Symantec Enterprise Security support offerings, you can visitour website at the following URL:https://support.broadcom.com/security

2Symantec Encryption Desktop BasicsThis section describes the Symantec Encryption Desktop terminology and providessome high-level conceptual information on cryptography.In This ChapterSymantec Encryption Desktop Terminology. 9Conventional and Public Key Cryptography . 11Using Symantec Encryption Desktop for The First Time . 12Symantec Encryption Desktop TerminologyTo make the most of Symantec Encryption Desktop, you should be familiar with theterms in the following sections.Product ComponentsSymantec Encryption Desktop and its components are described in the following list.Depending on your license, you may not have all functionality available. For moreinformation, see Licensing Symantec Encryption Desktop for Windows (on page 4). Symantec Encryption Desktop: A software tool that uses cryptography to protectyour data against unauthorized access. Symantec Encryption Desktop is availablefor Mac OS X and Windows. Symantec Drive Encryption: Symantec Drive Encryption is a feature ofSymantec Encryption Desktop that encrypts your entire hard drive orpartition, including your boot record, thus protecting all your files when youare not using them. You can use Symantec Drive Encryption and PGP VirtualDisk volumes on the same system. On Windows systems, you can protectwhole disk encrypted drives with a passphrase or with a keypair on a USBtoken for added security. PGP Messaging: A feature of Symantec Encryption Desktop thatautomatically and transparently supports all of your email clients throughpolicies you control. Symantec Encryption Desktop accomplishes this using anew proxy technology; the older plug-in technology is also available. Symantec File Share Encryption: A feature of Symantec Encryption Desktopfor Windows with which you can securely and transparently share files andfolders among selected individuals. Symantec File Share Encryption userscan protect their files and folders simply by placing them within a folder thatis designated as protected. PGP Keys: A feature of Symantec Encryption Desktop that gives youcomplete control over both your own PGP keys, and the keys of thosepersons with whom you are securely exchanging email messages.

10Symantec Encryption Desktop BasicsSymantec Encryption Desktop PGP Virtual Disk volumes: PGP Virtual Disk volumes are a feature ofSymantec Encryption Desktop that let you use part of your hard drive spaceas an encrypted virtual disk. You can protect a PGP Virtual Disk volume wi

Establishing a Symantec File Share Encryption Admin (Owner) 184 "Blacklisted" and "Whitelisted" Files, Folders, and Applications 185 "Blacklisted" and Other Files You Cannot Protect 185 "Blacklisted" and "Whitelisted" Folders Specified by Symantec Encryption Server185.

Related Documents:

About Symantec Encryption Desktop 10.4 for Windows 1 What's New in Symantec Encryption Desktop Version 10.4 for Windows 1 Using this Guide 1 "Managed" versus "Unmanaged" Users 2 . Securing Email Messages 69 How Symantec Encryption Desktop Secures Email Messages 69 Incoming Messages 70

Symantec Endpoint Encryption Policy Administrator Guide Version 11.3.1 Introduction About Symantec Endpoint Encryption Symantec Endpoint Encryption v11.3.1 provides full disk encryption, removable media protection, and centralized management. Powered by PGP technology, the drive encryption client renders data at rest inaccessible to unauthorized

Endpoint Encryption Management Server computer. If you use Microsoft SQL authentication, Symantec Endpoint Encryption uses this account to create and configure the Symantec Endpoint Encryption Management Server database during installation. Symantec Endpoint Encryption does not store the credentials for this Microsoft SQL account.

SYMANTEC VISION 2012 SYMANTEC ENCRYPTION 16 Mobile email encryption for iOS and Android Protects confidential data and sets user access policies on file sharing services, Dropbox Symantec File Share Encryption, Powered by PGP Technology Access encrypted data on iPhone and iPad while keeping info protected Symantec O 3 #ITTRENDS

What is Symantec Encryption Management Server? 1 Symantec Encryption Management Server Product Family 1 Who Should Read This Guide 2 Common Criteria Environments 2 Using the Symantec Encryption Management Server with the Command Line 2 Symbols 3 Getting Assis

For Symantec Encryption Management Server to create the SMSA, you must configure your mail server correctly. In this placement, your Symantec Encryption Management Server sits between your email users and their email server. 1 Symantec Encryption Management Server internally placed 2 Exampl

Symantec Endpoint Encryption Policy Administrator Guide Version 11.4.0 Introduction Getting Started with Symantec Endpoint Encryption This topic provides an overview of Symantec Endpoint Encryption, including the key features and the feature benefits.

the Symantec Encryption Desktop Pre boot environment of your enroled Windows 7 PC. (We'll come back to this in a few minutes.) 11. Write the token down for later use here: Client1 WDRT: _ 12. Close the WDRT window and log out of Symantec Encryption Server management console 13. Now, we need to reset Alice's Windows Active Directory .