Please note that WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.
WinMagic has done extensive work to improve, streamline and augment the security surrounding the initial deployment of Key Files during the process of installing the SecureDoc Client software, bearing in mind that many customers have widely divergent requirements relating to how devices are used during and after initial installation. Some customers install SecureDoc while the primary device user is on or will be on the machine, while others may need to protect new devices before the end-users of those devices have been defined, as well as other scenarios.
Please refer to the When SecureDoc server is upgraded to version 7.1 from previous versions (6.5 or earlier) and the Setting up Device Provisioning Rules sections under the Creating Installation Packages for Windows chapter in the SES User Manual to understand how these new settings work, in order to inform your own use of these new features, particularly as they operate in a way that cannot be easily migrated from the previous methodology to the new methodology. Upon upgrading from an earlier version, you will need to adjust each of your existing Installation Packages to reflect the deployment methodology that will meet your security design.
System requirements and supported devices, including tokens and SmartCards, for SecureDoc v7.1 SR1are listed here.
Note: It is strongly recommended to initially install Full-Text Indexing feature (Full-Text Search) into the Database Engine, before performing an SES installation. More information can be found here: msdn.microsoft.com/en-us/library/ms143786(v=sql.100).ASPX
During the installation of SES, if Full-Text Indexing has not been installed, a message will appear indicating the absence of the Full-Text Indexing. This message will not allow the user to stop the installation of SES which will require retrofitting Full-Text Indexing into an existing SQL Server.
Note: Use of the SES Console will require the user to have at least local admin rights on the server or client device (e.g. Admin desktop) on which it runs, in order for the console to function properly.
Note: WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.
Support for the new Mac FileVault2 Operating Systems X 10.11.2 (El Capitan)
Now, SecureDoc extends FileVault2 support for the new Mac OS X 10.11.2 (El Capitan) operating system version. You can create the SecureDoc client package in the SES console and deploy to the Mac FV2 devices that are running this latest operating system.
SecureDoc extends supports for NVM Express (NVMe) Opal Drives
Now, SecureDoc extends support for NVMe Opal drives. NVMe stands for Non-Volatile Memory Express. SES Administrators can now install SecureDoc on end-point devices that have NVMe Opal drives. The users will be able to perform pre-boot authentication under both PBU (Pre-Boot for Native UEFI) and PBLU (Pre-Boot under Linux for UEFI devices).
Issue: The Maximum Failed Logins setting was not working for PBConnex or local keyfiles
This issue has been reported on the devices that have SES V6.5 SR3 installed. When a user exceeded the set maximum failed login attempts, he/she was not locked out and the system did not display the number of incorrect attempts made by the user. This issue has been fixed in this version and the user will be locked out if he/she exceeds the set limit; in addition the unsuccessful attempts notification will be displayed.
Issue: USB and Remote Media Encryption (RME) logs on the Windows / Mac FileVault 2 devices are missing in SecureDoc Enterprise Server Console
This issue has been reported on both the Windows and Mac File Vault 2 devices that have SES V6.5 SR3 installed. The latest log events for USB and RME logs were not being reported back to SES, thus making it difficult for SES Administrators to monitor the log events.
This issue has been fixed for clients installed with SES Client V7.1 SR1 and above. Now, the SES Administrators will be able to view the latest log events in SES. There may be some instances where the log reports are not reported instantly back to the SES server due to the high traffic on the SDConnex or if the client device is in offline mode. It is recommended that the SES Administrators ensure clients have communicated with the server before attempting to obtain the log reports. However, in those cases where log files contain huge amounts of log data; these may take longer than the usual time to report back to the SES server.
SES Web “Assign users to device(s)” page issue: While clicking on the folders related to a list of users, the selected device will change to one of the devices that has been previously selected
This issue has been reported on the devices that have SES Web V6.5 SR3 installed. While visiting the Assign Users to Device page frequently by one or multiple users, the selected device will change to one of the devices that had been previously selected (shown in the navigation history (“breadcrumb-trail” at the top of the page). This happens randomly when an SES Web Admin is clicking on the different folders while looking for a user.
This issue has now been resolved. The Assign Users to Device page no longer switches to the previous Device folder. The SES Web Administrators will now be able to view the recently added device.
SDConnex: SDConnex crashes while executing the Audit Reports in SecureDoc Web (SESWeb)
This issue occurs when there is a huge amount of audit logs in database and when SDConnex receives a request for generating Audit Log data for reports from the SES Web. In such a scenario, the "Runtime 500" error message is displayed.
This issue has been temporarily fixed. However, in a scenario where multiple users attempt to run an audit report at the same time, the audit report crash may still occur. A permanent fix for this will be available in a future release.
While adding a user to a device, an error message " Error 7702 Password is too short" is displayed
Issue: This issue has been reported on Windows 2008 devices that have the version 6.5SR3 installed. When a SES administrator attempts to create a user without a password (with generic initial password) and add this user to a device, an error message "Key file for user must be created manually now. Error 7702 Password is too short. See minimum length in password rules" is displayed.
This issue has now been resolved and SES administrators can add users to a device successfully.
Note: For the Known Limitations other than the ones mentioned below, refer to the “Known Limitations” section in the SecureDoc Release Notes v7.1.
The User ID is not displayed correctly in the SecureDoc Web after the migration from SES V6.5SR3 to V7.1
Unattended (SCCM/Remote Package/Silent Deployment) method of SecureDoc installation fails to initiate Boot Logon when a user is not logged into Windows
SecureDoc for Mac FileVault2: Unable to create container error
SecureDoc Mac FileVault2: The Current Account dialogue prompts again when clicking the Cancel button on a decryption completed MacFileVault2 device
|Please note that WinMagic is deprecating SecureDoc V4 Pre-Boot Authentication (PBA) support for SEDs in favor of the fuller function, more capable, V5 Pre-Boot Linux (PBL). The existing V4 support for SEDs will remain in the product for the time being but will not be maintained or enhanced. We recommend that customers migrate to V5 PBL over the course of the next year.”|