This article will cover what's New with Symantec Endpoint Encryption 12.0.0 and above.
It will also list historical information pertaining to SEE versions 11.4 and 11.3.1.
Symantec Endpoint Encryption version 12.0.1
*Hardware Integrity Check: Provides comprehensive protection by enforcing hardware checks whenever a drive swap is detected on machines with Autologon enabled:
374620 - Hardware Integrity Configuration with Symantec Endpoint Encryption
*Prevent Endpoint Deletion: Tags endpoints to prevent deletion, with new "Protection Status" filters and columns.
*Automatic CA Certificate Update: Simplifies secure communication by automatically updating CA certificates.
*Change Web Access Command Support: Enables web access command changes with support for Windows or OAuth authentication modes.
*Recovery Key (Encoded) Column: A new column has been added to the Computer Status Report to display a unique value assigned to each endpoint, generated from the recovery key.
*YubiKey Support: YubiKey is now supported for pre-boot authentication on UEFI devices.
Symantec Endpoint Encryption version 12.0 GA
*New Web Portal to provide Group, Policy, and Client Creation. No longer necessary to use the MMC for these operations!
*Management of Groups, Policies, and Client Creation are streamlined making it intuitive, quick and easy to create and modify!
276501 - Groups, Policies, and Client Creation with Symantec Endpoint Encryption version 12
*Enhanced Reporting Capabilities over SEE 11.4. This includes the ability to download reports for each unique group you configure on the SEE Management Server.
*New Licensing Capabilities to help track entitlements for each secured endpoint via new "License Utilization Status" functionality.
276507 - Entering your License information for Symantec Endpoint Encryption version 12
*Allows the ability to set your own local time for the Web Portal (Previous versions defaulted to UTC time).
For information on how to install or upgrade to SEE 12, see the following article:
179347 - Installing/Upgrading Symantec Endpoint Encryption Management Server (SEE Management Server)
*True Single Sign-on with third-party Access Management Solutions. For information on how to get started with SSO, see the following white paper document:
373785 - Two-Factor Authentication and OID (Single Sign-On) Configuration for Symantec Endpoint Encryption Web Console (SEE)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Symantec Endpoint Encryption 11.4 MP1HF1
Added hints to the Helpdesk web portal to do a search for the updated/renamed machines and find the recovery key.
Symantec Endpoint Encryption 11.4 MP1 now comes with even more reporting in the new Web Portal, including the ability to search for users to display machines.
Reports now give you the ability to look at Admin Server Roles.
Improved Error reports with SEEMS Configuration Manager.
SEE 11.4 MP1 for the SEE Management Server now certifies the platform for Windows Server 2022
Symantec Endpoint Encryption 11.4 now comes with a completely redesigned Web Portal. The new web portal allows for access to reporting and a new Dashboard to allow quick access to data for your environment:
240649 - Symantec Endpoint Encryption 11.4 Dashboard and Reports
SEE 11.4 also includes the ability for granular archiving of machines as well as the ability to delete individual systems.
Symantec Endpoint Encryption 11.4 solves the server-client authentication challenges of Windows Authentication by adding in OAuth capabilities for greater ease of deployment and communications.
This new feature allows client-server communications all without having to worry about password security policy coming in to play.
For more information on OAuth, see the following article:
240321 - OAuth Communications with Symantec Endpoint Encryption 11.4 and above
For a complete listing of SEE 11.4, see the Release Notes.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Symantec Endpoint Encryption 11.3.1 MP1 is considered an important release for the Encryption product line and we encourage this upgrade due to the many new features that are introduced in this release.
This article will list of all the features of SEE 11.3.1 MP1
TIP: For all product documentation, please refer to our Documentation Portal for SEE.
*SEE 11.3.1 is certified for Windows 10 20H2.
Note: SEE 11.3.0 MP1 and above will be certified with Win10 20H2 early 2021 (check the System Requirements page or this article for updates).
*Autologon client is now included in the SEE Client. This means there is no longer the need to bundle two MSIs to take advantage of this functionality.
213085 - Enabling or disabling Autologon for Symantec Endpoint Encryption using Advanced Settings
213082 - Symantec Endpoint Encryption Autologon client included by default in version 11.3.1 and above
*SSO with Hibernation is now fully supported. If you hibernate a machine, you need enter your passphrase only once and will then automatically log you in to your windows profile.
214039 - Symantec Endpoint Encryption Single-Sign On with Hibernation
*SEE RME enhancements and stability improvements with Virtualization-Based Security no longer causes systems to fail to boot.
*SEE RME-Only clients Check-in button now available for manual policy synchronization.
*Automatic Group Policy Assignment at install time. This means that once the SEE client is installed, the group policy will be automatically applied to that machine.
214037 - Symantec Endpoint Encryption Preferred Policy Group Assignment
*SEE Native Encryption Self-Recovery for Smartcards improved for more streamlined user-experience (UEFI only).
*SEE Server Admin Roles now available in the SEE Management Server. Now the SEE Management Server will have all the reporting of Server Admins, Groups, and the roles for each.
214027 - Symantec Endpoint Encryption Admin Server Roles Report
*Lockout reports. If you have systems that are soon to be locked out due to check-in policies, this will give you a full report of those machines.
Allows administrators to be proactive about systems that will be locked out soon, or will give visibility into systems that are already locked out. Will designate three status values:
Warning Period
Locked out
Extended Lockout Period
214020 - Symantec Endpoint Encryption Lockout Monitoring feature
*Advanced Administration settings has some additional features related to PCR4 and SSO for Hibernation. Symantec strongly recommends reviewing the Advanced Settings page as many valuable features can be enabled from here.