A system image, or also known as a "golden image", is a template of a system configuration that can then be deployed to multiple systems. A system administrator prepackages the image with the operating system and applicable software, which would then be used to deploy to endpoint computers so each computer shares the same setup and configuration. Larger Enterprise environments commonly use system images to configure computers to a pristine, working state.
In some cases, Symantec Endpoint Encryption can also be included as part of the system image as an installed application so that installation is not necessary later. You can provision Symantec Endpoint Encryption Drive Encryption and Removable Media Encryption on system images, which are then managed by Symantec Endpoint Encryption Management Server. Starting in version 11.0.0 MP2, Endpoint Encryption has the ability to be included into a system image, or Global Image when installed properly.
Before you provision Drive Encryption and Removable Media Encryption on a system image, be aware of the following considerations:
Installing Symantec Endpoint Encryption products on a system image
When you install Symantec Endpoint Encryption products on a system image, you must use a specific command line parameter. This command line parameter instructs the installer to install into a system image environment and to use specific settings.
The command line parameter is:
For SEE 11.0.x:
msiexec /i "SEE Management Agent Client_x64.msi" IMAGE=SYSTEM
Note: Symantec Endpoint Encryption 11.0.0 included the use of multiple MSI files, so the command above used the Management Agent.
Symantec Endpoint Encryption 11.1 and above use a single MSI installer which includes the Management Agent, Drive Encryption and Removable Media Encryption clients. Symantec no longer recommends using the Symantec Endpoint Encryption 11.0 branch, and instead recommends using the latest version available, which takes advantage of the single-installer functionality.
For SEE 11.1 and above:
msiexec /i "SEE Client.msi" IMAGE=SYSTEM
To install Symantec Endpoint Encryption products on a system image: