Release Announcement: McAfee Drive Encryption 7.2

Version 1

    Announcing the availability of McAfee Drive Encryption 7.2.

     

    This release contains several important new product enhancements that are detailed in the Release Notes PD26652

     

    The DE 7.2 release package contains ePO extensions and client components. The DE 7.2 extensions are compatible with previous DE 7.1.x clients.

     

    New Features

     

    SGX Support

    Intel® Software Guard Extensions (Intel® SGX) is an Intel® Architecture extension, introduced with 6th Generation Intel® Core™ processor platforms, that is designed to increase the security of software through an "inverse sandbox" mechanism. In this approach, rather than attempting to identify and isolate all the potential threats or attack surfaces on the platform, legitimate software can be sealed inside an enclave and protected from such threats, irrespective of the privilege level of the threat.

     

    Leveraging Intel SGX with Drive Encryption further improves protection against memory-based attacks (such as the cold-boot attack) without affecting performance on systems which support SGX and with suitable policy applied.

     

    In-place upgrade support for Windows 10 Anniversary Update

    Microsoft have included a new feature within Windows 10 Anniversary Update that allows for OS in-place upgrade via ISO and SCCM using /Reflectdrivers option.
    This replaces the use of scripts to inject DE drivers for the update process that has to be used for versions of Windows 10 releases prior to the Windows 10 Anniversary Update release.

    Please refer to McAfee KnowledgeBase article KB87909 for further information and documentation around in-place upgrade to Windows 10 with DE installed.

     

    Compatibility with 3rd party credential providers

    3rd party Credential Providers can leverage a Drive Encryption SDK and new ePO policy settings to override the default DE 7.2 Credential Provider, allowing a seamless integration, login and password synchronization experience.

     

    Dashboard and reports for activation failures

    Rolling out and deploying software to endpoints can provide challenges and introduce additional overhead. DE 7.2 includes additional reporting and a new dashboard entry so that administrators can quickly and intuitively check to see if there are any encryption (activation) failures including detection of incompatible products within their estate and target these systems for follow up action, where appropriate.

     

    McAfee SSO shield (toggle on/off option)

    From DE 7.1.3 we display the McAfee shield not just at the first Windows logon but also on subsequent logons indicating the “Capture Logon” feature is enabled. We now provide the ability to remove the shield from being displayed, which is particularly useful for customers that choose to use their own custom themes at Windows logon.

     

    Support for additional tokens

    Support has been added for the following tokens in this release:

    • Gemalto MD830
    • Safenet eToken 5110

     

    Please refer to the McAfee KnowledgeBase article KB79787 for further information.

     

    This package is now available from McAfee Downloads Webpage with a valid grant number, via ePolicy Orchestrator (ePO) software manager and via the McAfee Service Portal.

     

     

    Best Regards

     

    Stuart Bayliss

    Group Product Manager McAfee Drive Encryption (MDE)

    Management of Native Encryption (MNE)