Contacting WinMagic
WinMagic
5600A Cancross Court
Mississauga, Ontario, L5R 3E9
Toll free: 1-888-879-5879
Phone: (905) 502-7000
Fax: (905) 502-7001
Sales: |
sales@winmagic.com |
Supported Operating Systems
SecureDoc CloudVM System Requirements
Platforms | Server | Client |
Public Cloud Private Cloud Hyper-Converged VDI |
SES Server Platforms
|
Windows Versions
|
New Features and Enhancements
Google Cloud support for both Windows and Linux
SecureDoc now supports Google cloud for both Windows and Linux. Users can deploy SecureDoc in Windows and
Linux VM for Google Cloud. Once on http://cloud.google.com, users can create a VM instance and follow the
process to input their name, zone, machine type to create the new VM instance They can then proceed to deploy
SecureDoc packages.
Google cloud supported platforms:
Linux:
- RedHat Enterprise Linux (RHEL) 7.4
- Ubuntu 14.04 (custom image format, see below)
- Ubuntu 16.04
Windows:
- Windows Server 2012 R2
- Windows Server 2016
Limitation: Users are recommended to only create a new custom Linux image and migrate it to Google.
Support for XenDesktop (VDI)
CloudVM can now encrypt persistent VDI (Virtual Desktop Infrastructure).
SD-22624 |
Permanent AutoBoot feature added to SDLinux SDLinux now has a Permanent Autoboot feature. The enhancement permits removal or addition Limitation: Update Profile is not supported for this version. |
SD-23625 |
Newly supported regions have been added to Azure GEO location policies list Enhancement: The newly announced Regions for Africa and Asia Pacific have been added into |
SD-23777 |
SecureDoc can now merge a previously-encrypted Linux volume to a newly encrypted Linux SecureDoc is now enhanced to be able to a Merging a previously encrypted Linux volume to a Note: Does not support the scenario when the new instance OS disk is not encrypted. |
Limitations – Windows
SD-23604 |
Manufacturer info registration not updated properly for Scale Environment Cloud virtual Enhancement: The manufacturer info registration for Scale Environment CloudVM's were not Limitation: This issue existed exists in SES 7.28 |
SD-23720 |
Error 500 when creating Emergency Disk (EMG) Issue: Error 500 is displayed when creating Emergency Disk while client is installing BootLogon. Note: This issue does NOT occur on Linux Client. |
SD-23789 |
SecureDoc Enterprise Server (SES) fails to install SES on Windows Server 2008 SP2 (DotNet 3.5.1) As of version 8.1 you cannot run SES on Windows Server 2008 SP2 because .NET 4.7 cannot be Note: Windows 7 SP1 (x86 and x64) |
SD-23873 |
Users are able to login to SecureDoc Control Center even when the setting “Prevent key file Issue: The user is able to login to SDCC, and SES deploys a User Key File even when the settings Work-around: This issue requires 2 global options to be disabled: |
SD-24201 |
[VDI] Cloned VM's created via the Machine Catalog provisioning are unable to get a network Issue: Where a master image on XenCenter with SecureDoc already deployed and fully encrypted Limitation: This is a limitation in 8.1 CloudVM. |
SD-24252 |
Unable to assign SFE policy to device using SESWeb The SFE policy can be assigned from SES Console Server but not in SES Web. Limitation: Users do not have the option to create SFE Policy on web, it can only be created on |
SD-24299 |
[VDI] USB devices attached to VDI environments with RMCE do not detect and encrypt Limitation: VDI environments encrypted with RMCE packages do not detect USB drives plugged |
SD-24395 |
Failed to clone the VM from parent which was permanently deleted then restored into the This is a pre-existing issue where if Parent VM is deleted from recycle bin completely, and then at This issue is now resolved. A parent VM is necessary and used as template for other Scale Set Note: All descendant scale set |
SD-24575 |
Azure: Fails to create VM scale from parent VM with SecureDoc installed Issue: Creating VM scale machines from a parent VM with SecureDoc installed unsuccessful. The |
SecureDoc CloudVM does not support moving parent folders between two different Organizational Units (OU’s) in the Active Directory Recommendation: Users should avoid the movement of parent folders between Organization units, if at all |
The deployed installation packages (which contains the profile options) created using the SESWeb cannot be Recommendation: At this stage, if a different profile behavior is required for a given device, the device should be decrypted, SecureDoc should be uninstalled, a new profile/package deployed to the device and the device reencrypted. |
Child Virtual Machines fails at registration if the parent machine is permanently deleted from SES The cloned and/or child virtual machines move to the same folder where a parent machine moves. If a parent is Recommendation: The parent virtual devices should either be active or present in the Recycle Bin. |
Self-Help warning messages, such as “Self-Help questions must be answered before continuing” and “Self-Help recover is not available for this user. Please contact your administrator.” are prompted after the user logs into SecureDoc Control Center (SDCC) Recommendation: Users are advised that, though self-help recovery is incongruous in the context of Cloud-hosted servers (since they auto-boot), at this point the standard behavior of the SecureDoc Key File applies, which natively normally requires responses to Self-Help recovery questions, so the User must provide answers to these recovery questions. |
Installation packages cannot be created and prepared in an environment where SES Console and SDConnex are installed on physically separate instances (VM’s or real hardware) The SecureDoc installation package creation fails if SES administrators use a different server (i.e. SDConnex is Recommendation: Users are recommended to ensure that the SES Web (IIS) Server also has been installed with SDConnex and the SES Console (which can be in a non-usable state), but the SES Server when installed brings to the server the Installer executables required for creating installation packages within SESWeb). In case where multiple SDConnex servers have been configured for the SecureDoc CloudVM product to function, make sure that there is at least one SDConnex instance running on the server where SES CloudVM is installed. |
SecureDoc CloudVM offers limited support for Azure Classic VM’s When Azure Classic VM’s are synced into SES Web, the instant state will be reported as “ReadyRole” instead of “Running”. Note: “ReadyRole” actually means the same as a status of “Running” for other devices. This is because the Classic instances, unlike the RM instances, have a different system state label. |
Even where “Prevent KF from being saved locally on the machine at deployment” option in the SESWeb installation package settings is set to Yes, there are scenarios under which users will still have a Key File stored on the device. The key files will still be pushed down to: Recommendation: If it is important in the SES implementation (and where using the “Prevent KF from being |
Encryption progress bar is NOT displayed on some Azure RM Virtual Machines with Standard A1 & A0 size Issue: When the SESWeb package is created and deployed with the "Hide Encryption Progress from User" option set to NO, the encryption progress bar is still not visible after the device restart. Recommendation: Please note that (in this version) in some circumstances you may not see the Encryption |
The remote command “Lock Device” does NOT work The client device fails to engage Screen Lock when SES administrator’s attempts to lock a selected client device by sending a remote “Lock Device” command from SESWeb. Recommendation: In this version, if it is desired to lock the device, we recommend the Administrators seize control of the device’s desktop remotely, and then send it to screen lock. |
New clones cannot be created from the crypto-erased parent machines If a Master virtual machine is crypto-erased, the new child instances using that master image will also be cryptoerased. It is recommended not to crypto-erase a parent virtual machine if you want to create new clones from its image. Recommendation: Do not crypto-erase a parent virtual machine if you want to create new clones from its image. |
SESWeb will NOT support partition encryption and excluding partitions The Encrypt partition only option has been removed from SESWeb. SecureDoc CloudVM installation packages cannot be created and deployed to the client devices with the “encrypt partition only” option. |
Microsoft Azure Classic VMs are not removed to Recycle Bin upon termination from Azure When the Azure Classic VMs are terminated from Azure GUI, they are still visible on the Devices tab in the SESWeb are not moved to the Recycle Bin. The SecureDoc CloudVM license count remains unaffected. Recommendation: If it is confirmed that an Azure Classic VM has been terminated, the SES Administrator should manually delete that VM, sending it to the Recycle Bin. This is another aspect of the limited support available for Azure Classic. |
Auto-Scaled-up and -down cloud instances are not moved to Recycle Bin When the cloud devices are auto-scaled up and then down within the 3-hour interval, the terminated devices Since these devices still exist in the Devices tab, their licenses are not freed up. SES administrators should manually move the terminated (auto-scaled down) devices to Recycle Bin to free up the licenses. Recommendation: Manually move the terminated (auto-scaled down) devices to Recycle Bin to free up the |
Limitations – Linux
SD-20964 |
Contact Technical Support error occurs when sending Crypto erase device to SDLinux devices Issue: SES Console is sending Crypto erase device command to SDLinux device but shows error Note: Pop-up error issue does not occur when sending command from SES Web. Limitation: This issue only occurs in Private cloud (VMWare, Hyper-V and VSphere) but not in |
SD-23307,
SD-23588 |
SDLinux deployment on kernel 4-4.0-1020 of Ubuntu 16.04 LTS (HVM) is not supported Issue: [AWS] Fails to deploy default package on Ubuntu 16.04 LTS (HVM) kernel 4-4.0-1020 (New Kernel). No driver file was found for new kernel version 4.4.0-1020 when deploying package on Ubuntu. This kernel is the special version for AWS: https://launchpad.net/ubuntu/+source/linuxaws/ Work-around: Download the new version of pre-build file for kernel 4.4.0-1020, and add the new
Encryption of the root volume is skipped when performing online fast conversion on kernel Issue: Ubuntu 16.10 kernel 4.8.0-46-generic: Online fast conversion skipped root volume with while other data/swap volumes successfully encrypting/encrypted after deploying the package. Work-around: N/A. |
SD-23879 |
SDLinux: Timeout interval should be disabled or made longer when driver is being downloaded Due to slower network, if it takes over 30 seconds to download the driver, an error will be Limitation: In SES 8.1 |
SD-23957 |
Linux Cloud devices deleted completely (removed from recycle bin) are unable to re-register in OS time Issue: Using Windows as the Client OS, when a device was deleted from SES including being Limitation: For Windows devices, users have special handling to allow re-registration of a |
SD-23958 |
Linux cloud device completely deleted from SES (including from the recycle bin), once restarted, will hang at pre-boot Issue: When Cloud devices (Windows or Linux) deployed with PBN Autoboot enabled, and is Limitation: SecureDoc currently do not support device re-registration at pre-boot time. Windows |
SD-24575 |
Azure: Fails to create VM scale from parent VM with SecureDoc installed Issue: Creating VM scale machines from a parent VM with SecureDoc installed unsuccessful. The This is a limitation. |
SD-24630 |
Ubuntu16.04 Kernel 4.11.0-1013-azure: Fails to boot into Linux OS after the installation Issue: Ubuntu 16.04 with Kernel 4.11.0-1013 or 4.11.0-1014 on Microsoft Azure fails to boot in Linux or hangs at pre-boot. Limitation: This is as existing limitation, where a custom Ubuntu 16.04 image is required for |
SD-24673 |
Unable to deploy SDLinux to default Ubuntu 14.04.3 LTS image on Google Cloud Issue: Deploying SDLinux to default Ubuntu 14.04.3 LTS image on Google Cloud failed while it is This is a known limitation. |
SD-24720 |
RedHat - Offline login with key file on USB is only working if USB with key file was not Issue: This occurred in RedHat in private cloud, the administrator will physically plug in the USB This is a known limitation. |
For conversion, please see the recommendation listed here: i. We highly recommend encrypting a Linux VM using our “Fast” and “Offline” mode set to Yes. ii. Please do not forcibly power off a VM during the encryption process regardless of the iii. If you are using the “fast” conversion mode and Offline mode set to No then do not perform any |
Concerning current public Cloud market place images In Azure, SecureDoc does not currently support the deployment of Ubuntu and CentOS flavors, due to Recommendation: Please use custom images with available free space or SWAP space in the mentioned flavors if to be deployed in Azure. In AWS, Secure Doc does not support the newer kernel versions for Ubuntu 16 versions Recommendation: Please confirm that the kernel version is supported by referring to the SecureDoc Linux support list. Additionally, the use of Custom AMI’s is also recommended if VMs are required in the above mentioned flavors. |
Client’s info is not all sent back to SES database after deploying and encrypting Specifically Public and Private IP addresses as well as attached volumes and drives. Recommendation: Drive information can be recovered by navigating to the Compliance tab in SDWeb, and then selecting the Linux device in question. Missing IP information and Drive information will be added in future releases. |
On rare occasions the device does not start after installing RedHat7.2 Linux on client device on Azure Please note that this is an issue with Azure infrastructure and not an issue with SES. Recommendation: Shutdown and Reboot the VM in question. |
Installation of multi-volume encryption is halted on reboot for a system with more than 16 volumes Recommendation: Please ensure that (including root + SWAP) that the environment does not have in excess of 16 volumes. |
Encryption does not start when creating multi volume Linux VM environment specifically where there are volumes after the given range of sectors used or SWAP Recommendation:This issue mainly manifests in LVM type devices used in private cloud instances and custom |
SecureDoc Linux AWS-RHEL7.3 does not support Amazon EFS instance storage types Please find more information from the following link: https://aws.amazon.com/efs/details/. SecureDoc does not Recommendation: Please use AWS’s EBS storage solutions. |
An SDLinux package, created with encryption settings of: “Encrypt All Disks" and "Data-Only Fast Encryption" will switch to Thorough (every sector) encryption when faced with a volume containing an un-recognized file system Recommendation: As SecureDoc supports most modern file systems, this issue is only randomly visible. It is |