Symantec Endpoint Encryption 7.0.8 Full Disk Release Notes
About Symantec Endpoint Encryption Full Disk
Symantec Endpoint Encryption Full Disk protects data on laptops and PCs from the threat of theft or loss with
strong, centrally managed encryption, auditing, and policy controls for full disks and partitions, ensuring that the
loss of a machine and its data does not result in disclosure required by corporate policy or government regulation.
Symantec Endpoint Encryption Full Disk provides the industry’s most robust and comprehensive integration with
Microsoft Active Directory for fast, simple deployment of endpoint data protection controls in a familiar
Symantec Endpoint Encryption Framework 7.0.8 is only compatible with Symantec Endpoint Encryption Full Disk
7.0.8 and Symantec Endpoint Encryption Removable Storage 7.0.8. If you are running Symantec Endpoint
Encryption Removable Storage and plan to upgrade to Symantec Endpoint Encryption Full Disk 7.0.8, you must
upgrade to Symantec Endpoint Encryption Removable Storage 7.0.8 also.
MA22145, MA22572, MA22608, MA22536 MA22726: The following Fujitsu models no longer fail to boot following the installation of Symantec Endpoint Encryption Full Disk: Lifebook E780, Lifebook E8310, Lifebook E8420, LifeBookT900, and T730 Tablet PC.
MA22182: The HP Z800 Workstation no longer fails to boot following the installation of Symantec Endpoint Encryption Full Disk.
MA22543, MA22333, MA22181, MA22172: The following Panasonic Toughbook models no longer fail to boot following the installation of Symantec Endpoint Encryption Full Disk: CF-52GCMHPAM, CF-52GGNHE2M, and CFT8EWETZ2M.
MA22131: Updating the BIOS to version A02 or later resolves issues preventing the Dell Latitude E6410 from booting following the installation of Symantec Endpoint Encryption Full Disk.
MA21952: Dell Studio 1440 machines with Windows 7 no longer fail to boot following the installation of Symantec Endpoint Encryption Full Disk.
MA22772, MA22767: The following HP models no longer blue screen following the selection of the option: EliteBook 8440p and EliteBook 8730w.
MA22114, MA22281, MA22228: Keyboards, mice, and smart card readers connected via USB can now be used during Pre-Windows authentication on the following Dell models: Latitude E4310, Latitude E6410, and Latitude E6510.
MA22353, MA2238, MA22209, MA22454: Keyboards and mice connected via USB can now be used during Pre-Windows authentication on the HP EliteBook 2540p, HP EliteBook 8440p, Lenovo ThinkPad X201, and Panasonic Toughbook CF-31ATABX2M.
MA22126: The embedded Broadcom Corp. 5880 readers (revision 5802) included in newer Dells are now recognized in Pre-Windows.
Users can now avail of the
Safe Mode Reboot option.
Third Party Compatibility—Hardware
MA21992: HP Mini 2102 The HP Mini 2102 may fail to boot up following disk encryption. Do not encrypt the HP Mini 2102.
MA21929: Dell XPS 1320 If Windows 7 is installed, the computer will fail to boot into Windows following the installation of Symantec Endpoint Encryption Full Disk. Do not deploy Symantec Endpoint Encryption Full Disk to the Dell XPS 1320 if Windows 7 is installed.
MA21884, MA21864: HP Compaq dc5700 and dc5100 If multiple USB devices are inserted at boot time, the computer will fail to boot into Windows. Remove USB devices and try again.
MA21327, MA22221: Panasonic Toughbook CF-U1AQB1GAM & HP EliteBook 8740w. Users will be unable to use USB devices such as keyboards and mice during pre-Windows authentication. Users should open laptop and use the internal keyboard and mouse pad to complete pre-Windows authentication.
MA21514: Dell Latitude D631and D531. Following the removal of the CD/DVD drive, the computer will fail to boot into Windows. Uninstall Symantec EndpointEncryption Full Disk before removing the CD/DVD drive.
MA20752: SanDisk 4GB Cruzer Micro USB Flash Drive and HP Compaq dc7700 A SanDisk 4GB Cruzer Micro USB Flash Drive inserted at startup will cause HP Compaq dc7700 computers to hang after Pre-Windows authentication. Remove SanDisk devices before powering on.
MA19704: SanDisk Cruzer Micro 512 MB USB 2.0 Flash Drive (SDCZ4-512-A10). If the SanDisk Cruzer Micro 512 MB USB 2.0 Flash Drive (SDCZ4-512-A10) device is inserted at startup, users may experience slow boot times. Remove SanDisk devices before powering on.
Third Party Compatibility—Software
— Roxio 6.2 The Framework client package will fail to install due to a missing drive letter in
the primary partition. Ensure that the following Registry key has the value HKEY_LOCAL_MACHINE\
MA15919: Symantec Endpoint Protection 11. Following the installation of Symantec Endpoint Encryption Full Disk on the Client Computer, a
Open Symantec Endpoint Protection and click Network Threat Protection
MA12457: RSA SecurIDNetwork Threat Protection message may be displayed, alerting the end user to a change in the EAFRCliADSI application.area. Select Configure Firewall Rules from the pop-up menu. Highlight Block IPv6 over IPv4 and click Edit. Select the Allow this traffic option button on the General tab. Open the Ports and Protocols tab. Select All IP Protocols from the Protocol drop-down list box. ® 800 If a second certificate is added to the token and the first certificate is deleted, the user will be unable to register with the token. Remove all certificates from the token and add the certificate gain.
MA22161: If a custom destination folder was chosen during the installation of SEE Management Server 9.2.2, 9.2.1, or 9.2.0, the default path shown in the Folder
MA20747 If a local instance is selected during the installation of the Symantec Endpoint Encryption Management Server, Symantec Endpoint Encryption Management Server uninstallation will fail with the message, “Could not connect to Microsoft SQL Server.” Locate the GEServerConfig.xml file on the Symantec Endpoint Encryption Management Server
page during the upgrade to 7.0.7 will be missing the final subdirectory. For example, if you chose C:\GuardianEdge\Management Server\ for your original installation files, C:\GuardianEdge will be the default. Click Change and navigate to the desired destination of the Symantec Endpoint Encryption Management Server files.(local). Replace with the computer name of the Symantec Endpoint Encryption Management Server machine. Save and close the file. Try the uninstall again.
MA15465 If power is lost during an upgrade or migration of the clientmachine, a blue screen may occur and the machine mayloop continuously in an effort to boot into Windows.Run Recover /d. If Recover /d fails, try Recover /b. If the Recover Program completes successfully, back up important files, then uninstall Encryption Plus Hard Disk or reinstallSymantec Endpoint Encryption Full Disk. If this fails, you will need to reinstall Windows or reimage the machine.
MA12748 If password authentication is selected during the installation of Symantec Endpoint Encryption Framework Manager console, but token authentication is specified by policy, users will be unable to register.
MA16499 Following the successful application of a SymantecEndpoint Encryption migration package to an Encryption Plus Hard Disk 7.0.23, 7.1.0, or 7.1.1 workstation, users will need to log on to Encryption Plus Hard Disk one last time.
MA19987, MA20673: Tokens cannot be used for Pre-Windows authentication on the Acer Aspire 5515.
MA21516 The GemPC Express reader cannot be used for Pre-Windows authentication on an HP Compaq 6535b.
Number Description Workaround
MA21057 The following error message is displayed on the first reboot after installation, “EPHD BIOS Translation Driver: heap allocation error.” One or more drives are severely fragmented. Decrypt all drives. Uninstall Symantec Endpoint Encryption Full Disk. Defragment the drive(s). Reinstall Symantec Endpoint Encryption Full Disk.
Windows Power Management
MA21816: Autologon may not succeed on Windows 7 endpoints following hibernation of the endpoint—if the autologon if machine is powered down for more than 10 minutescheck box is selected. To achieve successful Autologon on Windows 7 endpoints, ensure that only complete shut downs or restarts are performed for the duration of the Autologon GPO policy—if the Suspend autologon if machine is powered down for more than 10 minutes check box is selected.
MA18851: Following the installation of Symantec Endpoint Encryption Full Disk, Vista computers missing the Sleep power option will go into hibernation on a schedule that does not correspond to the Windows power plan. Apply all of the latest Vista updates.
Safe Mode Reboot Option
MA21491: The Safe Mode reboot option may fail to allow administrators to access safe mode on certain machines, such as the HP Compaq dc5800. Reboot. Provide Client Administrator credentials and select the Safe Mode Reboot check box. Click OK. Click
closely. As soon as “Starting SEE Full Disk…” displays, press F8. Select Safe ModeRestart Computer. Watch screenagain.
MA21502: Additional hard disks on Windows 7 computers will be listed erroneously within the SEE
Reboot.area of the User/Administrator Client Console following a successful Recover /D or /B operation.
MA21307: If an XPS print job is cancelled, the following error may be displayed, “The data area passed to a system call is too small.”
MA20559 After clicking a column heading to sort by the column, the sort arrow will be displayed to the left of the column heading if the operating system is Vista or Server 2008.
MA16623 Deploying an Active Directory policy that contains a change to the Client Administrator settings from a Symantec Endpoint Encryption 6.1.0 or later Manager to Symantec Endpoint Encryption 6.0.0 or earlier and/or GuardianEdge Framework 8.5.3 or earlier clients will result in a failure of the new Client Administrator policy to be applied, a deletion of all existing Client Administrator policies, and a return to the Client Administrators specified in the original installation settings. When deploying an Active Directory policy from a 6.0.0 or earlier Manager, add the following WMI filter: Select * FROM Win32_Product WHERE (name=“Symantec Endpoint Encryption Framework Client” AND Version <= “6.0.0”) OR (name=“GuardianEdge Framework Client” OR name=“Encryption Anywhere Framework Client”) AND version <= “8.5.3”
When deploying an Active Directory policy from a 6.1.0 or later Manager, add the following WMI filter: Win32_Product WHERE (name = “Symantec Endpoint Encryption Framework Client” AND version > "6.1.0") OR (name = “GuardianEdge Framework Client” AND version > "9.0.0")
MA19021: Users may be unable to combine the ^ (Circumflex), ¨ (Diaeresis), ` (Grave) and ´ (Acute) dead keys with l (0131), I (0049), Shift+i (0069) or Shift+I (0130) from the Turkish Q keyboard.
MA19019 The Turkish Q character
MA16958 Users will be unable to enter the following characters from Canadian French keyboards in Pre-Windows: á ç
MA18893 The CAPSLOCK key will behave like the SHIFTLOCK key for non-alphabet characters in Pre-Windows for the Belgian (Period), French, and German keyboards.
MA19067 The character
MA19335 CTRL+ALT combinations do not produce the expected special characters in Pre-Windows.İ; (0130) may display as I in pre-Windows.ł (0142) displays as Ł (0141) in pre-Windows when the Hungarian keyboard is used.
MA15304, MA15302: If a user presses CRTL+ALT+DEL in Windows Vista, clicks password causing an error or is prevented from changing their password due to Windows policies, and then cancels out, that user will be unregistered from Symantec Endpoint Encryption. Visit http://support.microsoft.com/.kb/936183 hotfix
Pre-Windows Help and Keyboard Layout Windows
MA18231 Users will not be able to utilize the Keyboard Layout window if Help is open. Close the Help window and try again.
MA16937 JAWS does not always announce all of the information displayed within the Registration wizard and User Client consoles.
Users should follow these steps:
1. Press INSERT+F9.
2. Select the frame that is of interest from the resultant Frames List
4. Press P.
If this doesn’t work, restart JAWS and try the steps again.dialog.OK.
Imported Document Id