Symantec Encryption Management Server 3.4

Products

Encryption Management Server

Issue/Introduction

This article lists the current system requirements and certified hardware list for Symantec Encryption Management Server 3.4. This article will be updated as additional platforms or other system requirements are tested and added for Symantec Encryption Management Server.

For client system requirements and platform updates, refer to the following KB articles:

Resolution

Minimum Memory Requirements for Symantec Encryption Management Server
Symantec Encryption Management Server VMware Support
Symantec Encryption Management Server Certified Hardware List
Supported Client and Symantec Encryption Management Server Version Combinations
Mail Server Requirements
Symantec Encryption Management Server Administrative Interface Web Browser Requirements
Symantec Encryption Web Email Protection Web Browser Requirements
Supported External Authentication Products
Anti-Virus Software Compatibility

Minimum Memory Requirements for Symantec Encryption Management Server

CentOS 6.x requires at least 512 MB to 1 GB of RAM per logical CPU. For example, a Symantec Encryption Management Server with 4 logical CPUs would require a minimum of 4 GB of RAM to function properly. Symantec highly recommends at least 4 GB of RAM to ensure proper performance for a single Symantec Encryption Management Server, and at least 8 GB if you plan to set up a server cluster.

Note: Red Hat defines a logical CPU as any schedulable entity. So every core/thread in a multicore/thread processor is a logical CPU.

Symantec Encryption Management Server VMware Support

Encryption Management Server can be installed as a VMware Virtual Machine guest. The hardware of the VMware host must be compatible with VMware vSphere Hypervisor or whatever VMware virtualization product is used. Please see article TECH149547 for further details.

Symantec Encryption Management Server Certified Hardware List

Symantec Encryption Management Server is a customized Linux OS installation. Every Symantec Encryption Management Server requires a dedicated system that meets the system requirements as described in this section. When you install Symantec Encryption Management Server, all the data is deleted and the system is reconfigured as Symantec Encryption Management Server.

The following hardware can be used for installing Symantec Encryption Management Server version 3.4.0:

Hewlett-Packard
Perform the following steps to choose the appropriate Hewlett-Packard specific hardware:

Go to http://h17007.www1.hpe.com/us/en/enterprise/servers/supportmatrix/redhat_linux.aspx#.VzxDqtFPokm.
In the Support & Certification Matrices section, click Red Hat Enterprise Linux (RHEL).
In the Current Products > Software version section, select the Red Hat Enterprise Linux 6 check box.
Choose the appropriate hardware that has the Red Hat Enterprise Linux 6 32-bit check box selected.

For more information, contact your vendor to choose the Hewlett-Packard specific hardware that is suitable for Red Hat Enterprise Linux (RHEL) 6.7 32-bit.

IBM
Choose the appropriate IBM specific hardware using the search criteria described in the Search criteria for installing Symantec Encryption Management Server using the RHEL Hardware Certification Catalog section.
Dell
Contact your vendor to choose the Dell specific hardware that is suitable for RHEL 6.7 32-bit.

Search criteria for installing Symantec Encryption Management Server using the RHEL Hardware Certification Catalog

You can also install Symantec Encryption Management Server version 3.4.0 on supported platforms that are listed in the Red Hat Enterprise Linux (RHEL) Hardware Certification Catalog by using the appropriate search criteria.

Important: Ensure that you perform all the steps listed below and meet the search criteria described in the following table before you select the desired hardware.

To search for the supported hardware list on the Red Hat site:

Go to https://access.redhat.com/ecosystem/search/#/category/Server.
In the Server tab, click Red Hat Enterprise Linux.
In Vendor, add one or more of the following Vendor names by clicking Add for each vendor name:

IBM
Hewlett-Packard
Dell

In Certified for, select the Red Hat Enterprise Linux 6 check box.
Search for and select the appropriate hardware for your environment, using the search criteria provided in the following table.
Note: PPC64 is not a supported architecture for installing Symantec Encryption Management Server.

Search criteria for selecting the Red Hat Enterprise Linux hardware for installing Symantec Encryption Management Server:

Supported component	Criteria
Supported product	Red Hat Enterprise Linux, Red Hat Enterprise Linux (i686), Red Hat Enterprise Linux (i386) Note: Red Hat Enterprise Linux (x86_64) is not a supported product.
Supported Red Hat Enterprise Linux versions	Red Hat Enterprise Linux 6.7 For example, if the version displays ‘6.2 - 6.x’, then 6.7 is covered in such a case.

Supported component

Criteria

Supported product

Red Hat Enterprise Linux, Red Hat Enterprise Linux (i686), Red Hat Enterprise Linux (i386)

Note: Red Hat Enterprise Linux (x86_64) is not a supported product.

Supported Red Hat Enterprise Linux versions

Red Hat Enterprise Linux 6.7

For example, if the version displays ‘6.2 - 6.x’, then 6.7 is covered in such a case.

Supported Client and Symantec Encryption Management Server Version Combinations

Symantec supports backward compatibility for clients only. In addition to supporting Symantec Encryption Desktop 10.4 clients, Symantec Encryption Management Server 3.4.0 supports managing the policies of these client versions:

PGP Desktop

10.2.0
10.2.1

Symantec Encryption Desktop

10.3.0
10.3.1
10.3.2

Note: Backward compatibility support means that legacy features, such as enrollment, policy download, logging, and reporting are supported, but legacy clients cannot access the latest client features in Consumer Policy. Symantec recommends that you upgrade your Symantec Encryption Management Server and your clients so that they are eventually on the same release.

Mail Server Requirements

Note: To continue to improve products and deliver more sophisticated features and performance, Symantec has added support for Microsoft Exchange Server 2016. As a result, compatibility with Microsoft Outlook 2003 and Exchange Server 2003 ends with the release of Symantec Encryption Desktop 10.4 and Symantec Encryption Management Server 3.4 (including Symantec Gateway Email Encryption and Symantec Desktop Email Encryption products).

Symantec Encryption Management Server supports the following mail servers:

Microsoft Exchange Server 2016
Microsoft Exchange Server 2013 Cumulative Update 10 (CU10)
Microsoft Exchange 2010 SP3
Microsoft Exchange Server 2007 SP3
Lotus Domino Server 9.0.1 FP4

Mail servers not on this list may not be fully compatible or supported.

Note: Microsoft Exchange Server 5.5 is not a supported mail server and has known incompatibilities, such as with LDAP Directory Synchronization.

Symantec Encryption Management Server Administrative Interface Web Browser Requirements

The Symantec Encryption Management Server administrative interface has been fully tested with the following Web browsers:

Microsoft Windows:

Internet Explorer 9 through 11
Microsoft Edge (Windows 10 only)
Firefox 38.4.0 ESR and 42.0

Notes:

Microsoft Internet Explorer 8 is no longer a supported web browser for performing any Symantec Encryption Management Server operations, such as viewing the Symantec Encryption Management Server Online Help, performing the administrative tasks on the server, accessing Web Email Protection, and so on.
On Microsoft Windows Server 2012 systems, the Allow META REFRESH option is disabled by default. This option must be enabled for the web interface to work correctly with Internet Explorer 10. If you are using Internet Explorer on Windows Server 2012, from Tools > Internet Options, select the Security tab and click Custom level. Enable Miscellaneous > Allow META REFRESH

Mac OS X:

Safari 8 and 9
Firefox 38.4.0 ESR and 42.0

Although the administrative interface might work with other web browsers, Symantec recommends these browsers for maximum compatibility

Symantec Encryption Web Email Protection Web Browser Requirements

Windows

Internet Explorer 9 through 11
Microsoft Edge (Windows 10 only)
Firefox 38.4.0 ESR and 42.0

Mac OS X

Safari 8 and 9
Firefox 38.4.0 ESR and 42.0

Supported External Authentication Products

Symantec Encryption Management Server is compatible with the following LDAP directory products:

Microsoft Active Directory 2012
Microsoft Active Directory 2008
IBM Notes/Domino Directory 9.0.1 FP4

OpenLDAP 4.x For directory synchronization, Symantec Encryption Management Server supports:

LDAPv2
LDAPv3
LDAPS

For Symantec Encryption Web Email Protection external authentication, Symantec Encryption Management Server supports:

LDAPv2
LDAPv3
RSA Radius Server with RSA Authentication Manager 8.1

Anti-Virus Software Compatibility

For information about antivirus compatibility, see the Symantec Encryption Desktop 10.4 for Windows Release Notes and the Symantec Encryption Desktop 10.4 for Mac OS X Release Notes.