search cancel

Symantec Endpoint Encryption Preferred Policy Group Assignment

book

Article ID: 214037

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

Symantec Endpoint Encryption has always had the ability to manage clients in its own Policy Groups.  In this way, individual machines can be part of different group policies, such as if Autologon is assigned to one group, and not another. 

Prior to 11.3.1, the SEE Client would always default to the "SEE Unassigned" group, which is the default group.  If you have custom groups, once the SEE client checks in with the SEE Management Server, you would then need to move the machine manually to another group.

SEE 11.3.1 and above now has the ability to create a SEE Client, and have them assigned automatically once they check in with the Management Server.

Resolution

When you go to the SEE Client creation wizard, make note of the field "Preferred Policy Group":

In the screenshot above, you can see that "SEE Unassigned" is selected by default, just like it was in previous versions of the software.  If you click the drop-down menu, you'll notice you have the ability to select a policy when you create the client:

Each of the groups available correspond to the SEE Native Encryption Policies you have configured previously:

Now if you select one of these custom policies, as soon as the SEE Client checks in with the SEE Management Server, the client will automatically be assigned to the policy you selected and there is no need to move the machines into that group manually.

Important Note on Policy Assignments: If you already have SEE Clients deployed to the environment, and you install a SEE Client with a different Preferred Policy Group, this will not change to the new group.  The old group will still apply.  In other words, if you have SEE Clients in the "SEE Unassigned" group, they will remain here until you move them manually from the SEE Management Server.

Additional Information

243136 - Migrating to Symantec Endpoint Encryption Policy Methodologies to SEE Native Policies (From Active Directory Policies)

214037 - Symantec Endpoint Encryption Preferred Policy Group Assignment

237667 - Symantec Endpoint Encryption Policy Configuration Options and Considerations

214020 - Symantec Endpoint Encryption Lockout Monitoring feature

ISFR-2287/EPG-27734

Attachments