We are happy to announce the availability of McAfee Management of Native Encryption (MNE) 3.0 for Apple FileVault and Microsoft BitLocker management via ePolicy Orchestrator (ePO). Details of the new features in this release are listed in the section below.


#1 Define and Report on Security Posture (Windows)

Many organizations implement a companywide Endpoint security posture based on criteria around regulatory compliance, which can entail adherence to laws, regulations, guidelines and specifications relevant to line of business. 


MNE 3.0 enables roles such as a Compliance Officer to define via ePO the Company Security Posture and then is able to run reports to identify systems that meet or fall short of such criteria. Areas such as BitLocker parameters, User or TPM Authentication, FIPS compliance as well as encryption algorithms can form part of such reports.


#2 Automated Rotation of Revealed Recovery Keys (Windows)

In order to ensure that keys used to recover a system cannot be used again in the future, any keys obtained via the recovery mechanisms available to MNE 3.0 such as the Self Service Portal or Administrator recovery options will be automatically rotated from the moment the client re-establishes connectivity with ePO.


#3 Automated Removal of non-MNE Recovery Keys (Windows)

This feature will allow for the automated removal of recovery keys generated before a system was managed by MNE. This is particularly relevant to environments that include BYOD machines ensuring that only MNE recovery keys exist on the device, eliminating the risk of functioning legacy recovery keys unknown to IT/Security.

#4 Maintenance Mode Option (Windows)

It is now possible for the Administrator to temporarily suspend BitLocker protection for operational reasons such as installation of patches, performing network backups, and forensic activities. This feature adds the ability to suppress BitLocker Preboot Authentication for a specified number of reboots.


#5 Support for Windows Server 2012 (R2/non R2)

The MNE client now supports deployments on Windows Server 2012 extending the reach of MNE and protection profiles for server based platforms.


#6 Windows 10 Ready

With the release of MNE 3.0 we are pleased to announce that this will be provide support for Microsoft Windows 10. This will enable our customers to seamlessly move to Microsoft Windows 10 whist enjoying the uninterrupted benefits of MNE. Please refer to KB84419 for additional details.