1 Reply Latest reply on Jan 25, 2017 6:14 PM by hhoang

    Drive encryption 7.1.3 System State

    haran92

      Hi All,

      Am new to DE. We are working to automatically move systems using a sorting criteria(TAG) to a group which has DE task enabled. Before i proceed i took the list of all Laptops from manged system query and then a list of all Laptops from "Drive encryption-disk status" query. this gives variation in total count.

      Say i have total managed laptops - 750

      total laptops from drive encryption query is only 650 ( what does this difference 100 machines mean ? are they not encrypted or does not have DE policy ?)

       

      also among this 750 when i checked for system(state) i could see below Data.

      1. Active

      2. Inactive

      3. Unknown

       

      What does these status mean ? kindly someone explain me each status and its role in DE.

        • 1. Re: Drive encryption 7.1.3 System State
          hhoang

          The Drive Encryption product settings policy has a "Enabled" checkbox.  This box determines whether the system is in an 'active' or 'inactive' state based on whether it is checked or not.

           

          Active = The system has completed policy enforcement and currently has a policy set to enabled (checked).  An active system can be encrypted or decrypted depending on policy settings.

          Inactive = The system has completed policy enforcement and currently has a policy set to disabled (unchecked).  This also means the system is decrypted.

          unknown = Either MDE is not installed on the system or it is installed and policy enforcement has not yet completed.