Surface Pro is not able to boot up after installing PGP or Symantec Endpoint Encryption
search cancel

Surface Pro is not able to boot up after installing PGP or Symantec Endpoint Encryption

book

Article ID: 252394

calendar_today

Updated On:

Products

Drive Encryption Desktop Email Encryption File Share Encryption Endpoint Encryption

Issue/Introduction

Symantec Drive Encryption or Symantec Endpoint Encryption may prevent Surface Pro systems, or other Microsoft hardware from booting.

Some of the UEFI's "Secure Boot" options seem to be the cause of some Surface Pro systems to become unbootable. 

Environment

Surface Pro

Resolution

UEFI's "Secure Boot" option should be configured as "Microsoft with 3rd Party CA" if available.  Microsoft will consider any third-party software not authorized to run on these systems and as a result will not allow other third-party programs to properly boot with Secure Boot, even though the software is properly signed with valid digital certificates.  Without setting this option, the system may still not boot with PGP or SEE.

In order to allow Symantec Encryption software to encrypt these systems, enable this option in the UEFI BIOS settings:

Additional Information

266204 - Some Dell Systems not able to boot up after installing Symantec Encryption Desktop or Symantec Endpoint Encryption

163610 - Symantec Drive Encryption encounters boot issues or issues with starting encryption with certain hardware and NVMe/SSD drives

Powered by Wolken Software