This article provides information about Device Guard, Core Isolation, or Memory Integrity with PGP Encryption Desktop (Symantec Encryption Desktop) on Windows 10 or 11.

After installing PGP Encryption Desktop you get the following errors:

PGPdisk can't run on Windows: This app isn't compatible with Windows memory integrity.

"A driver cannot load on this device: A security setting is preventing the driver from loading."

The error above means that Windows will not load the driver.  In order to load the driver, Windows would need to be configured to allow drivers of this level.
Currently Microsoft does not allow loading these types of drivers.  You can reach out to Microsoft if you need these drivers to be loaded.

If you do not need PGP Virtual Disk loaded, you can install without Virtual Disk to avoid this issue:

msiexec /i PGPDesktop64_en-US.msi PGP_INSTALL_VDISK=0

The above command will install the PGP Encryption Desktop with all components enabled, and leave Virtual Disk disabled.  For more information on limited installs, see the following article:

171110 - Disabling PGP Encryption Desktop functionality using msiexec switches (Symantec Encryption Desktop)

New Installation Functionality with PGP Encryption Desktop 11.0.1 and above

Scenario 1:Net-new installation (By double-clicking)
If you are installing PGP Encryption Desktop 11.0.1 from scratch and by double-clicking the installation file, the Virtual Disk component will be unchecked by default (disables Virtual Disk upon install).

Scenario 2:Net-new installation (by using msiexec via command line or deployment option)
If you are installing via the command line using "msiexec", and you do not specify "PGP_INSTALL_VDISK=0", then Virtual disk will be enabled upon install.
If Virtual Disk was disabled previously, and you leave it, Virtual Disk will be enabled post install.  

Scenario 3: Upgrade to PGP Encryption Desktop 11.0.1 from previous versions without adding any install options
If you install the PGP Encryption Desktop client 11.0.1 over the top of an older version, either by double-clicking or through command line, but do not include any options, such as the PGP_INSTALL_ options listed above, then the Virtual Disk parameter will be honored as it currently is.  If Virtual Disk is disabled, it will keep it disabled.  If Virtual Disk is enabled, it will keep it enabled.  

If you are having issues with PGP Encryption Desktop with Core Isolation/Device Guard/Memory Integrity features of Windows, and you would like more information on this topic, reach out to Symantec Encryption Support for further guidance.