Symantec Endpoint Encryption 11.4 now employs a redesigned Dashboard that will display key information about the encryption environment as well as redesigned web reports that are available remotely.
Authorized users are able to login to the new web portal and see information about the encryption environment and build reports for most of the critical data needed.
This article will guide you through some of the key screens to provide easy insight into your encryption environment.
For a walkthrough video of this new functionality, click here.
For new SEE 11.4 OAuth functionality, see the following article:
240321 - OAuth Communications with Symantec Endpoint Encryption 11.4 and above
There are several sections of this article:
Section 1 of 3: Login portal with Dashboard, Reports, Helpdesk and Settings.
Section 2 of 3: Reports
Section 3 of 3: Archiving and Deleting (Cleaning up old machines)
Right when you navigate to the the new web portal at your specific URL (sample https://FQDN-HERE/webconsole), you will be presented with the redesigned login page:
To open the new SEE 11.4 Web Portal from the Windows Server, click the Start Menu, go to the program list for Symantec Endpoint Encryption, then click on "SEE Management Console":
Based on the permissions your account is assigned, you will have access to either the Dashboard, Reports, Help Desk portal, or the Settings for password reset.
Hover over each component for some hints on each one:
Only the "Server" administrative role will give you the option to be able to change the password for the SEE Management Server:
Depending on the server role permissions provided will grant different functionality:
The Server role will provide All of the above components.
If your account has only the Setup role, the Dashboard will be available.
If your account has the Reports role, the Dashboard and Reports will be available.
If you have the Policy role, the Dashboard will be available.
If your account has only Helpdesk role, then only the Help Desk Recovery portal will be available:
If you have access to the Dashboard, you will immediately be provided with a wealth of information. At the top you will see the "Managed Computers" Key Performance Indicator (KPI). This is the total number of clients that Symantec Endpoint Encryption is installed on:
If you click on the "Managed Computers" KPI, the Computer Status Report will be displayed listing all the systems in the encryption environment.
From here, you can see all the necessary information about the machines currently managed by the SEE Management Server:
Individual KPIs will provide you with more granular data so that you can do reviews as needed. For example, if you click on the Client Monitor KPI (205 Locked Out Computers in this example), you will be provided with all the systems matching this criteria:
TIP: The check in times in the Web portal are displayed in Coordinated Universal Time (UTC). If you would prefer this time be displayed in local server time, please reach out to Symantec Encryption Support and reference ID: ISFR-2274
This makes it very easy to then save the reports by clicking on the "Share" icon. When this is done, a CSV file will be downloaded providing all of this information.
If you click on the "Filter by" tab, you will notice that the way this report was provided was via filters, which you can then tweak as needed. In this scenario where 205 systems have been locked out already, you will notice the "Locked Out" check box was selected in the filter:
Back at the main Dashboard, under Drive Encryption Status, you will notice a visual graphic representing the Encryption status:
In this example, if you click on the green outer ring for "Encrypted" systems, this will open a report showing all the encrypted systems in the environment:
There are other KPIs that you can look at to visualize quantities of endpoints matching particular categories.
Not all KPIs listed will create a report, but as you hover over each graphic, you will be able to see the actual values in the graphic. For example, the SEE Client Versions gives you an easy way to visualize how many of each version you may have in the environment:
Hover over other KPIs until you find what you need.
As mentioned above, many of the KPIs above will provide you with actual reports that you can then easily download for cross referencing.
If you click on the Reports component on the left side of the page (second item down) you can even build your own reports based on some of the filters:
In the screenshot above, you can see several categories are selected, such as multiple values for the Drive Encryption Status as well as Encryption Components.
It is also possible to build a report for systems that may not be checking in with the server using the "Non-Reporting Computers" filter:
Once you build a report of any kind, you can click the "Share" icon:
Once the report is downloaded, you will have a ComputerStatusReport.csv file that you can then reference:
TIP: You can even search by username and any machines registered with the particular users will be found in these reports. This was added in 11.4 MP1.
There are times when machines are retired, or otherwise repurposed, and in these scenarios it is useful to remove them from the reporting as they are no longer officially managed by the SEE Management Server. Also available in the redesigned Web Portal is the "Archive Computers" functionality. You've seen how you can navigate the different KPIs, and once you find the machine in question, you can check the box next to the system that you would like to archive and then click the "Archive" option. Once you do this, you will get a prompt stating the system will go into the Deleted Computers container and will no longer appear in the reports. This functionality can be done for multiple systems at once:
If you would like to delete the computer so that it no longer appears even in the Deleted Computers table, you can click the option to "Delete".
TIP: Once machines are archived the machine is still in the database in the container mentioned above and can be restored from there. Although these systems can be restored, it is a good idea to have frequent backups of the SEE Database prior to perform these maintenance tasks.
If you would like to have the machine removed permanently, this can be done by first finding the machine, and then clicking the "Delete" option at the top:
Once a machine is deleted, it skips the "Deleted Computers" container and will be gone forever, so use this feature with caution. For this reason, it is not possible to delete more than one machine at a time.
Note: If you delete a machine in the encryption environment, and the system comes online and checks in with the SEE Management Server, it may appear in the reports again.
EPG-26848 - Resolved in 11.4 MP1
|Symantec Endpoint Encryption Reports and Dashboard||Dashboard and Reports|
|Endpoint Encryption Dashboard||Endpoint Encryption Reports|
|Reporting Symantec Endpoint Encryption||Dashboard Symantec Endpoint Encryption|
|Dashboard and Reports Endpoint Encryption|