search cancel

Symantec Encryption Services - Add Symantec Encryption programs to safe list or exclusions in security software

book

Article ID: 200696

calendar_today

Updated On:

Products

Endpoint Encryption Drive Encryption File Share Encryption

Issue/Introduction

In any secure environment security applications will be involved, which is all part of a best practice to ensure the environment's data is protected.  Sometimes security software will interact with other security software and it may be needed to add applications to an "Exclusion" or "Approved" list for the applications to run properly.  This article will go over all the needed applications for Symantec Endpoint Encryption and Symantec Encryption Desktop to function properly and to prevent other applications from blocking.

 

This article will list all the SEE and SED (PGP) services that need to be added for full functionality including checking in with the server.

Resolution

The following executables should be added to any exclusions/safe lists for Security applications, such as DLP and others to ensure the services are allowed to run.  In addition to adding the services, it is frequently necessary to also allow the protocol for communication back to the servers to ensure http/https communications is not blocked by any of these applications to the destination host. 

For example, Symantec Endpoint Encryption uses the management agent services to communicate to the server via http/https protocols.  If this communication is blocked, the clients will not be able to check in with the server.

Note: It may be necessary to add the actual path of these locations as well as the specific services themselves to be able install and run Symantec Encryption applications.

 

Symantec Encryption Management Server services\executables (Two Directory paths):
C:\Program Files (x86)\Symantec\Symantec Endpoint Encryption Management Server\Services
C:\Program Files\Symantec\Symantec Endpoint Encryption Management Server\Services

Symantec.Endpoint.Encryption.ADSync.exe (GEADSync)
Symantec.Endpoint.Encryption.ConfigManager.exe
Symantec.Endpoint.Encryption.DBConfigValidator.exe
Symantec.Endpoint.Encryption.NovellSync.exe (GENovellSync)
Symantec.Endpoint.Encryption.Telemetry.Transmitter.exe


 

SEE Management Agent (Client Communication):
C:\Program Files\Symantec\Endpoint Encryption Clients\Management Agent
EACommunicatorSrv.exe
EAFRCliManager.exe
EAFRCliStart.exe
SEEMASharedUI.exe
SEEMAUIApp.exe
SeemaAdminUIApp.exe

 

SEE Drive Encryption:
C:\Program Files\Symantec\Endpoint Encryption Clients\Drive Encryption
eedAdminCli.exe
eedRecoveryGui.exe
eeduser.exe
eedService.exe
WDEUpgrade.exe

 

SEE Bitlocker Client:
C:\Program Files\Symantec\Endpoint Encryption Clients\BitLocker
BitLockerClientUI.exe
SymBitLockerService.exe
 

SEE Removable Media Encryption:
C:\Program Files\Symantec\Endpoint Encryption Clients\Removable Media Encryption
EERAccessUtility.exe
EERApplication.exe
EEREncryptBurnCmd.exe
EEREncryptBurnGUI.exe
EERSDAEncryptor.exe
EERShellExExeModifier.exe

 

 

Symantec Endpoint Encryption for macOS
/Library/Application Support/Symantec Endpoint Encryption/SEEd
/Library/Application Support/Symantec Endpoint Encryption/SEEAgent.app
/Applications/Symantec Endpoint Encryption.app

 

 

Symantec Encryption Desktop 

To ensure Symantec Encryption Desktop is fully allowed, please allow the following directories and files:

 

Allow the following folders and all contents therein, these locations are where PGP reads/writes data from/to:
C:\Users\[username-here]\Documents\PGP
C:\Program Files (x86)\PGP Corporation\PGP Desktop
C:\Program Files (x86)\Common Files\PGP Corporation\Strings
C:\Users\[username-here]\AppData\Roaming\PGP Corporation\PGP

PGP Binaries:
C:\Program Files (x86)\PGP Corporation\PGP Desktop

PGPcbt64.exe
PGPdesk.exe
PGPmnApp.exe
pgpnetshare.exe
PGPtray.exe
PGPwde.exe
pgpstart.exe
PGP Viewer.exe
PGPfsd.exe

C:\Program Files\PGP Corporation\PGP Desktop
EncryptionService.exe

 

C:\Windows\System32 and C:\Windows\SysWow64 (Allow only the following files):
PGPfsshl.dll
PGPhk.dll
PGPiconv.dll
PGPlsp.dll
PGPmapih.dll
PGPmn.dll
PGPsdk.dll
PGPsdkNL.dll
PGPsdkUI.dll
PGPtcl11.dll
PGPwinot.dll

C:\Windows\System32\drivers (allow only the following files):
PGPce.inf
PGPce.sys
PGPce.sys.sig
PGPdisk.sys
PGPfsfd.sys
PGPsdk.inf
PGPsdk.sys

 

Symantec Encryption Desktop for macOS
/Applications/Encryption Desktop.app
/Applications/PGP Shredder.app
/Applications/PGP Viewer.app
/Library/Application Support/PGP/PGPsyncEngine.app
/Library/Application Support/PGP/PGP Engine.app



For macOS Big Sur 11 and above, the Network Kernel Extension(NKE) is replaced with a Network System Extension:
Run the following command to see if the PGP Network Kernel Extension is loaded:

systemextensionsctl list | grep pgp

Make note of the status. This Kernel Extension should be "Activated" and "Enabled".

If this is not, check to see if any kernel extensions have been blocked. 

If you install Symantec Encryption Desktop, you may be prompted to allow the application.  If you are not prompted, Open System Preferences, go to Network, and check to see if "PGPNEProxy" has been blocked.  Allow this and run the above commands again to see if this will allow the application to load properly. 


For macOS 10.14 (Mojave) and older, run the following command:


kextstat | grep PGP
com.pgp.iokit.PGPdiskDriver
com.pgp.kextPGPnke

If the above two PGP kernel extensions are not loaded, check your security software to make sure these kernel extensions can be allowed to load.

Additional Information

Keywords: Symantec Endpoint Encryption Exclusions

Symantec Encryption exclusions

symantec encryption safe list