Mcafee Endpoint

From The University of Akron Support Wiki
Revision as of 18:55, 19 August 2016 by Djw105 (Talk | contribs) (Exemption Request)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

About

McAfee Endpoint Encryption is a Disk Encryption Software that replaced PointSEC at the University of Akron.

Installation of Whole Disk Encryption

Beginning February 1 all new laptops and desktops will have whole disk encryption automatically. Current Desktops with no encryption software will be pushed Endpoint via [SCCM].

When installing Endpoint, SCCM will push a silent install of the software package. An IE window will pop up requesting you to type in your PASSWORD. Your Username will already be pre-filled in the form. If you do not enter a password, a default password will be entered. (12345). Your password will be synced with the network. If you do not enter a password matching your UAnetID password, it will be replaced with your current UAnetID password when the computer is connected with the network.

There will be no forced reboots during the install process.

Notice.png To Request Endpoint encryption
To request Endpoint encryption, Contact_us to create a support request. You will receive further instructions at the time of the request.

Endpoint

Once the encryption Pre-boot environment is installed (the Endpoint login screen) your laptop will be configured with Single Sign On. You will only need to enter your UAnetID and Password when the computer is turned on. You will not be prompted to login to windows. (Vista64 users will not have SSO enabled).

Your Endpoint password will be synchronized when windows loads, and every few hours. It can also be synchronized manually. If your machine is not connected to the UA network, the password will not be synchronized. You will need to VPN into the university and manually synchronize the account.

Troubleshooting Login Issues

Fault: UNKNOWN USERNAME
Cause: Machine Credentials are not synced, or the user has no permission to sign into machine.
Solution:Contact the Support Center Via phone, or in person to enable sign-in ability
Fault:Authentication Parameters Incorrect
Cause:An invalid password was entered.
Solution:Enter the correct password, or Contact the Support Center Via phone, or in person to 

enable sign-in ability

Fault:Endpoint and UAnetID passwords are different
Cause:Most likely, your password was changed since the last time the machine was connected to the network.
Solution:Contact the Support center to generate a one time login.  If off campus, use the VPN to connect 

to UA's network to sync.

To select recovery options, press cancel from the password dialog. You may need to select reset password, user recovery, or machine recovery depending on the situation. A support technician will need to assist you when using these features.

One time login Bypass

The best way to log in to a locked machine is to contact us for a One Time Login Bypass. We can assist you in accessing a locked machine.

Adding users to machine

Zipsupport Agents can find the documentation on how to add a user to a Machine using the Endpoint Encryption Manager here: https://sps.uanet.edu/ZipSupport/internalwiki/HowTos/Safeboot.aspx

Users who need to be added to a machine will need to call the ZipSupport Center at (330)972-6888.

Notes about the Endpoint system

There is a safeguard on the system that if the user fails to log in 30 times in a row, the program will lock the account out of the computer and out of the system. The issue will need to be directed to the Endpoint Admins to delete the locked account and recreate a usable account.

  • There is a password history of 3 within the system. This will be a problem when the passwords get out of synced. If the user changes the password from the UAnet id password, the user will have to change the endpoint password 2 more times before it can use the old password again.
  • If the user changes their password for the UANet system, their old UANet password may still work on the Endpoint system.
  • If a machine has not been on the network for more than 90 days the account/machine will be deleted from the database and logging into the system will become a problem. The user will need to have a MicroZone tech re-add it to the data base before it will be able to log on again.

Exemption Request

To have Endpoint removed from a machine the requester will need to complete the form found at: https://footprints.uakron.edu/exemption/