I've been tasked with finally moving us from the post-Safeboot acqusition version of McAfee Endpoint Encryption 5.2.3 to the latest versions available. We have a few questions going forward that I was hoping to get some insight on.
First off let me detail our environment a little. We have roughly 1,200 machines that need to be encrypted by the software. These machines are mostly out of our network and sent abroad to employees that work remotely. Because of this, they are not connected to our internal domain and they use local windows users on the machines.
With Endpoint Encryption 6 I know McAfee imposed a must integrate with Active DIrectory policy regarding machines and users. We avoided this because we did not want to add in 1200 users and machines to our AD at the time.
I know EEPC 7.x has an offline activation mode, but the way I read it from the FAQ that means there is no remote management of the machine. Is this correct? Meaning we would not be able to remotely wipe a machine, or reset passwords while the computer is not in our hands?
Is there any control at all for offline activation beyond just a "Set and Forget" sort of installation?
If we do need to integrate with ePO we will be standing up a seperate domain just for this case, so the only users and machines in that AD are from our remote users.
Any advice would be greatly appreciated. Looking forward to finally upgrading our software.