2 Replies Latest reply on Sep 6, 2012 3:45 AM by biiro

    De-crypting disk

    biiro

      Hi All,

       

      Testing out the McAfee Disk encryption as a potential replacement of our current solution.  I've got it all linked into ePO nicely, created the policies and assigned it to the various machines etc.  I'm currently running through some Support Desk scenarios such as password resets, user account unlocks, machine recoveries etc.  However I'm stuck on one bit.

       

      For arguments sake, we need to de-crypt the machine to get data off.  So, currently what I do is run a bootable USB with the seed key on and decrypt that way.  Thats on our current solution.  In McAfee I see it suggests either creating Safetech disks, which is used with the Encryption manager and no ePO.

       

      The other option is BartPE/Wintech CD's ...which is for XP only it seems.

       

      I found this in the Disk encryption best practises KB here...

       

      https://kc.mcafee.com/corporate/index?page=content&id=KB66433

       

      And the subequent KB's in that article I've read through.

       

      All of our laptops/Desktops are Windows 7 64-bit images, and I'm not exactly 100% sure how to go about it.  Was hoping someone here might be able to point me in the right direction.

       

      Ta

        • 1. Re: De-crypting disk
          alexn

          Hi,

           

          In EEPC6.xx version(managed with ePO) you can encrypt or decrypt a drive just by setting policy for that machine.

          But for some reasons if your machine becomes unresponsive,and you want emergency System Recovery, for this McAfee provides you the following options:

           

          Emergrncy system Recovery with EEtech 6.xx

           

          1.Creat a EEtech Standalone boot disk

          a.download EEtech.zip and place standalone folder in desiredlocation.

          b.insert floppy and pointe to the standalone folder with this command

          Run the command Bootdisk.exeEETech.RTB a: fromthe command prompt. This creates the bootable floppy.

          c.Creat CD/DVD with this floppy

           

          OR

           

          Download EETech.iso file and burn a CD

           

          2.Boot unrecoverable system with EETech(standalone) boot CD/DVD the McAfee interface appears

           

          3.Authorize with daily authentication code.(this code is available on download site under your Granted downloads)

          a.download EETech code generate with your Grant number fromMcafee Portal.

          b.Run it and get 4 digit Daily authorization code.

           

          4.Click Authrize under authentication, type the code >OK(Now status would be  Authorized)

           

          5.Action>Enable USB>OK.

           

          6.Authentication>File> Browse>Select Recovery InfoFile(.xml) exported from epo server.

          >OK >Now status would be Authentoicated.

           

          7.Action>Emergency Boot>OK.

           

          Note:Now secrypet your system changing policy from ePO server andencrypt it again.

          Exporting XML file from ePO server.

          Menu>System Tree.>select desiredsystem>Action>EE>Export Recovery info>yes save this file.

           

          XP and W7 both are supported;

          Follow these links for supported environments for both 5.xx and 6.xx versions:

           

          https://kc.mcafee.com/corporate/index?page=content&id=KB75649&actp=search&viewlo cale=en_US&searchid=1346770336487

           

          https://kc.mcafee.com/corporate/index?page=content&id=KB68053&actp=search&viewlo cale=en_US&searchid=1346770336487#Supported_OS_EEPC_Windows

           

          Message was edited by: alexn on 9/4/12 10:27:37 AM CDT

           

          Message was edited by: alexn on 9/4/12 10:32:24 AM CDT

           

          Message was edited by: alexn on 9/4/12 10:33:36 AM CDT

           

          Message was edited by: alexn on 9/4/12 10:34:28 AM CDT
          • 2. Re: De-crypting disk
            biiro

            Alex,

             

            Thanks very much.  Works a treat!  Knew it would be on there somewhere but just couldn't see anything.