3 Replies Latest reply on Jul 17, 2012 11:03 AM by dwebb

    EEPC 6.2 increased false detection events for Wave Trusted Drive Manager

    pierce

      Hey,

       

      Anyone else noticing an increase in the amount of false detection events for Wave Trusted Drive manager?

       

      Seems to come pre-installed on most of our new dells and we have to remove before EEPC kicks in due to this detection rule:

      <!-- Define Wave Systems Trusted Drive Manager on Dell -->

                <products xsi:type="ns1:PDProduct">

                          <name>Wave Trusted Drive Manager</name>

                          <osType>Windows</osType>

                          <rules xsi:type="ns1:PDRule">

                                    <fileEntries xsi:type="ns1:PDFileEntry">

                                              <path>[Program Files]\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe</path>

                                    </fileEntries>

                          </rules>

                          <rules xsi:type="ns1:PDRule">

                                    <fileEntries xsi:type="ns1:PDFileEntry">

                                              <path>[Program Files x64]\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe</path>

                                    </fileEntries>

                          </rules>

                </products>

       

      thanks,

      Pierce

        • 1. Re: EEPC 6.2 increased false detection events for Wave Trusted Drive Manager
          dwebb

          Hi,

           

          This was added to the incompatible product rules for V6.2 because there is a conflict between the Wave driver and the EEPC driver, which would cause sporadic BSODs even when the Wave product was not actually activated.

           

          I hope this explains the reason behind this rule being introduced in 6.2.

           

          In general, McAfee recommends that no third party encryption products are installed onto the endpoint when EEPC is installed as these conflictss are common due to the nature of the product requiring low-level access to devices on the endpoint.  The incompatible product rules are specifically designed to prevent EEPC activating when there is the risk of system instability being introduced following activation due to the presence of other encryption products.

          • 2. Re: EEPC 6.2 increased false detection events for Wave Trusted Drive Manager
            pierce

            Do you know when EEGO will be updated to map to that? I have my helpdesk team rely on that to look for issues and now I need to re-train them to look through the eePE log files to see this error instead.

             

            Also there needs to be more options around this, while i agree you need to protect the system from users where possible there is no fool proof way to check some software is activated like truecrypt which we use to encrypt harddrives that we send externally which causes issues with having to remove and add software.

             

            Thanks,

            Pierce

            • 3. Re: EEPC 6.2 increased false detection events for Wave Trusted Drive Manager
              dwebb

              We are looking to update the compatible product rules in the V7 release of EEPC. However, I will also alert the product manager to this issue.

               

              Thanks for this valuable feedback.

              1 of 1 people found this helpful