We are currently within the initial phases of deploying McAfee EEPC v6.1.3 for Windows XP and Windows 7 devices. We are struggling to find an easy workflow process for our PC techs when they have to work/recover the encrypted devices. Is anyone willing to share their workflow processes for their IT PC techs who work on encrypted machines? Any and all information is greatly appreciated. Troubleshooting tips, steps to recover the easiest way possible, etc.
The best way for you to do this is unfortunately, to start at the beginning and create your own set of recovery documentation for your organisation. This will be based on your current version of ePO, and EEPC and also boot media (i.e. BartPE /WinPE). Different versions have different features so actions and options will be different for everyone.
Get a spare machine or virtual machine to encrypt so you can take screen shots of the process and test the decryption and play about with the settings.
First start with notes for a normal decrypt of a machine on the network that is working - this would be controlled by changing the policies with PO (create a new group and move the machine in there)
Then recovery for machines that need decrypted via EETech and create a FAQ of new problems and the solutions you encounter. i.e if PBA screen doesn't show or is corrupt. etc
I've found some great nuggets of information looking through a lot of posts - even for EEPC v5 when i began this journey. oh- And also from the EETech manual.
It is laborious but has to be taylored for your organisation and is probably the best way to understand the process you are trying to describe.
Someone may have to edit a lot of their documents in order to pass them on in any case.
Sorry- probably not what you wanted to hear.
I created a subcontainer called Decryption, broke inheritence and created a new policy for decryption.
Then created a subcontainer to Decryption called Remove Software and assigned a client task to remote the software.
The great part is that a PC Tech can drag-n-drop a computer into the decryption container and the policies will be applied in about 15 minutes. The bad part is that (so I'm told) you have to have a seperate container to remove the client software, making it a two step process.
Our PC Techs also have access to the manual decryption disk. Unfortunatley, I haven't found an easy way to communicate the code of the day.
Unfortunatley, I haven't found an easy way to communicate the code of the day.
You can download an offline EETech Code of the Day generator from the product downloads section (https://secure.mcafee.com/us/downloads/downloads.aspx) for your Encryption products.
JaneMessage was edited by: jmcleish on 05/08/12 13:28:46 CDT