Endpoint Encryption v7.0 introduces a new self-healing feature to the pre-boot environment that allows Mac OS/X Lion and Mountain Lion users to easily remediate issues that can prevent a machine from properly booting. Not to be confused with the password self-recovery that Endpoint Encryption has had for several years, this new feature was designed to assist with those issues that had typically required the user to either send their machine in to the corporate lab to be fixed or boot the machine to recovery tools stored on USB drives or ISO images.

 

Overview

EE Mac 7.0 will now include 2 additional options to the boot options menu, the menu that gets displayed when the user holds down the Option key upon booting. These 2 options are:

 

1.) McAfee Preboot

2.) McAfee Recovery

 

McAfee Preboot

Some early adopters of full-disk encryption solutions for Mac platforms may be familiar with certain firmware updates breaking the boot sequence, specifically those that clear the NVRAM and PRAM variables. Some Mac power users may also be used to clearing these variables themselves which would result in the same behavior whereby the Endpoint Encryption environment would no longer be the first in the boot sequence which means the OS would also not boot. Because the Mac OS cannot boot the user would typically be presented with the built-in capability to completely re-install the OS.

 

With EE 7.0 in the event the PRAM / NVRAM variables get cleared the user can easily recover themselves by following this procedure:

 

1. Shut down the machine

2. Power on the machine while holding down the Option key

3. Upon being presented with the options, select "McAfee Preboot"

4. Authenticate to Endpoint Encryption per normal

 

The last thing Endpoint Encryption will do before booting the operating system is ensure the preboot environment is again placed first in the boot sequence from now on. Going forward the user will see the preboot environment they are used to.

 

McAfee Recovery

 

EETech is the name of the recovery tools included with the purchase of McAfee Endpoint Encryption. Among other features of the toolset, EETech provides the ability to perform an "Emergency Boot" that can correct a corrupted Pre-Boot File System (PBFS). EE 7.0 now includes this specific capability built in as a bootable option which means you no longer need to boot the machine to EETech on a USB drive.

 

In the event the PBFS becomes corrupted a user can easily recover their machine by following this procedure:

 

1. Shut down the machine

2. Power on the machine while holding down the Option key

3. Upon being presented with the options, select "McAfee Recovery"

4. Once the recovery partition has booted authenticate with 'Token' (Password)

    a.) Optionally you can authenticate with the key for that specific machine which must be exported from ePO.

5. Click "Emergency Boot"

6. Once booted allow the machine to sync with ePO to rebuild the PBFS

 

For more information on the Mac Self-Recovery feature in Endpoint Encryption v7.0 please visit the FAQ: https://community.mcafee.com/docs/DOC-4377