Does anyone know of any alternatives to Deep Command? We are doing an massive deployment to Win 10 systems that are going to be encrypted; the issue is that encryption finishes before the patches are applied and after the systems are rebooted , they then sit at the encrypted login screen thus holding up the build process. Has anyone run into this issue before and if so what was the solution? I think that I could enable an auto login via policy for encryption (I'll have to check, I don't have the policy in front of me) but I am not a fan of this as a solution. Does anyone know if there are any other network aware solutions?
There is another option called Temporary autoboot. When the option in the policy is enabled and the EXE is run on the system, it allows to system to autoboot X number of times or for a specific amount of time. The EXE can be found in the product download package.
The temp autoboot helps as a temporary solution for sure, but it doesn't address the issue of if there will be a replacement for Deep Command.
I was about 90% completed with installing Deep Command in my environment. My team was excited to start using it. Then McAfee announced the product was being discontinued and will become end of life. This forced me to roll back all the installs. So now I am still left without a location aware bypass solution.
The great benefit of having the out of band management with deep command was the ability to NOT have a PBA environment stopping systems from loading to windows while on network. This made it much easier to patch encrypted systems while they are on network. IF a system went off network, we liked that it would force you to use the PBA environment before you could get to Windows.
Will this "Location Aware" ability ever come back? If not, then I think we are going to be looking for other products that have this ability.
Well, location awarnes in conjuction with PBA precence could be controlled by an play of computer properties (IP reported), tags assined and policy assigmnet rules.
However this approach will have sort of inertia and cohesion in policy enforcment. That may result in security holes.