search cancel

Preboot Power Management for Symantec Endpoint Encryption


Article ID: 151062


Updated On:


Endpoint Encryption


If the Preboot screen stays on the screen too long, it can cause the battery to fail quickly, or cause the system to heat up if the lid is closed tucked away in a laptop.


Currently when a machine is encrypted with Symantec Endpoint Encryption, if the machine is powered on the Preboot screen will be displayed.  This Preboot screen will be displayed until the user presses a key and authenticates.  This Feature Request is to have Power Management turn the Preboot screen off.

A Feature Request was submitted for Power Management on the preboot screen for Symantec Endpoint Encryption (SEE) and has now been addressed in the Symantec Endpoint Encryption 11.3 MP1 client.


SEE Client Creation: When building a SEE 11.3 MP1 client, the following policy screen will appear:

The value is disabled by default (set to 0), but the de.preboot.autoShutdownTimeout parameter can be modified starting with 5 minutes or beyond. 

Once a system has landed on the preboot screen, if no keystrokes are detected, the system will automatically shutdown if this policy has been engaged.


SEE Policy Modification: This policy can be controlled via policy as well, either SEE Native policy, or SEE GPO policy and shows a similar screen, which allows this value to be changed:

As long as SEE 11.3 MP1 has been installed on a machine, the policy can be updated via the Symantec Endpoint Encryption Management Server.


Additional Information

There is another feature related to timeout when entering the wrong passphrase incorrectly too many times.  If this has been done, the user must wait X minutes before being able to enter the passphrase again.

For more information on this, please consult the Policy Admin User's Guide for Symantec Endpoint Encryption