This article has been marked as a "Historical Document", which means it will no longer be updated.  The information in this article is left intact for historical reference only

For the latest System Requirements, see the current System Requirements Documents.


#################Historical Content Below#################

This article lists the current system requirements and supported platforms for Symantec Encryption Desktop 10.4.2 for Windows.

Important: For the System Requirements for Symantec Encryption Desktop 10.5, see the new System Requirements document. This new article will be updated as new platform certification occurs.

Update history

Symantec Encryption Desktop 10.4.2

Supported platforms

Symantec Encryption Desktop 10.4.2 for Windows can be installed on systems running the following versions of Microsoft Windows operating systems:

• Microsoft Windows 10 Enterprise June 2020 Update (Version 2004\20H1) 32-bit and 64-bit (10.4.2 MP5)
• Microsoft Windows 10 Professional June 2020 Update (version 2004\20H1) 32-bit and 64-bit (10.4.2 MP5)
• Microsoft Windows 10 Enterprise November 2019 Update (version 1909) (32-bit and 64-bit) 
• Microsoft Windows 10 Pro November 2019 Update (version 1909) (32-bit and 64-bit) 
• Microsoft Windows 10 Enterprise 2019 Long Term Servicing Channel (LTSC) (32-bit and 64-bit)
• Microsoft Windows 10 Pro May 2019 Update (version 1903) (32-bit and 64-bit)
• Microsoft Windows 10 Enterprise May 2019 Update (version 1903) (32-bit and 64-bit)
• Microsoft Windows 10 Enterprise Long-Term Servicing Branch (LTSB) 2016 (version 1607) (32-bit and 64-bit)
• Microsoft Windows 10 Enterprise October 2018 Update (version 1809) (32-bit and 64-bit)
• Microsoft Windows 10 Pro October 2018 Update (version 1809) (32-bit and 64-bit)
• Microsoft Windows 10 Enterprise April 2018 Update (version 1803) (32-bit and 64-bit)
• Microsoft Windows 10 Pro April 2018 Update (version 1803) (32-bit and 64-bit)
• Microsoft Windows 10 Enterprise Fall Creators Update (32-bit and 64-bit editions)
• Microsoft Windows 10 Pro Fall Creators Update (32-bit and 64-bit editions)
• Microsoft Windows 10 Enterprise Creators Update (32-bit and 64-bit editions)
• Microsoft Windows 10 Pro Creators Update (32-bit and 64-bit editions)
• Microsoft Windows 10 Enterprise Anniversary Update (32-bit and 64-bit editions)
• Microsoft Windows 10 Pro Anniversary Update (32-bit and 64-bit editions)
• Windows 10 Enterprise November 2015 Update (32-bit and 64-bit editions)
• Windows 10 Pro November 2015 Update (32-bit and 64-bit editions)
• Windows 10 Enterprise (32-bit and 64-bit editions)
• Windows 10 Pro (32-bit and 64-bit editions)
• Windows 8.1 November 2014 Update (32-bit and 64-bit editions)
• Windows 8.1 Update 2, August 2014 (32-bit and 64-bit editions)
• Windows 8.1 Update 1, May 2014 (32-bit and 64-bit editions)
• Windows 8.1 Enterprise (32-bit and 64-bit editions)
• Windows 8.1 Pro (32-bit and 64-bit editions)
• Windows 8 Enterprise (32-bit and 64-bit editions)
• Windows 8 Pro (32-bit and 64-bit editions)
• Windows 7 Enterprise (32-bit and 64-bit editions, including Service Pack 1)
• Windows 7 Pro (32-bit and 64-bit editions, including Service Pack 1)
• Windows Server 2019 Datacenter (64-bit edition)
• Windows Server 2019 Standard (64-bit edition)
• Windows Server 2016 Datacenter (64-bit edition)
• Windows Server 2016 Standard (64-bit edition)
• Windows Server 2012 R2 (64-bit edition)
• Windows Server 2012 (64-bit edition)
• Windows Server 2008 R2 (64-bit edition, including Service Pack 1)

Notes:

• For information on troubleshooting compatibility issues between Windows 10 and Symantec Encryption Desktop, see article 171115.
• The above-operating systems are supported only when all of the latest hotfixes and security patches from Microsoft have been applied.
• Symantec Drive Encryption is not compatible with 32-bit systems running in UEFI mode.
• Symantec Drive Encryption is not compatible with other third-party software that could bypass the Symantec Drive Encryption protection on the Master Boot Record (MBR) and write to or modify the MBR. This includes such off-line defragmentation tools that bypass the Symantec Drive Encryption file system protection in the OS or system-restore tools that replace the MBR.
• Symantec Encryption Desktop does not support the Device Guard Feature on Windows 10 systems (any version).
• The Windows 10 Anniversary Update provides a feature that enables you to disable legacy drivers. To avoid accidentally disabling the Symantec File Share Encryption feature, Symantec recommends that you retain legacy drivers in the active state.
• Symantec Encryption Desktop does not support operating system upgrades on encrypted systems through the Windows Update service.
• Symantec Drive Encryption supports encryption on NVMe drives. Administrators can install Symantec Encryption Desktop on end-point devices that use NVMe drives and encrypt data using Symantec Drive Encryption. For more information, see article 163610.

Supported virtual servers include:

• VMware ESXi 5.1 (64-bit version)
• VMWare ESXi 6.0 (64-bit edition)

Additional Requirements for Drive Encryption on UEFI Systems

The following requirements apply only if you are encrypting your disk. If you are installing Symantec Encryption Desktop only for either email or other Symantec Encryption Desktop functions, you can install on supported 32-bit systems and boot using UEFI mode without having to meet these requirements.

To encrypt systems booting in UEFI mode, the following additional requirements must be met:

• The system must be certified for the 64-bit editions of Microsoft Windows 7, Microsoft Windows 8/8.1, or Microsoft Windows 10
• UEFI firmware must allow other programs or UEFI applications to execute while booting
• Boot drive must be partitioned in GPT with only one EFI system partition on the same physical disk
• Boot drive must not be configured with RAID or Logical Volume Managers (LVM)
• Tablets and any systems without a wired or OEM-supplied attachable keyboard are not supported

For more information on the firmware and boot drive, contact your system administrator or hardware manufacturer.

Symantec Drive Encryption on Microsoft Windows Servers

Symantec Drive Encryption is supported on all client versions above as well as the following Microsoft Windows Server versions:

• Windows Server 2019 Datacenter 64-bit edition with internal RAID 1 and RAID 5
• Windows Server 2019 Standard 64-bit edition with internal RAID 1 and RAID 5
• Windows Server 2016 Datacenter 64-bit edition with internal RAID 1 and RAID 5
• Windows Server 2016 Standard 64-bit edition with internal RAID 1 and RAID 5
• Windows Server 2012 R2 64-bit Edition with internal RAID 1 and RAID 5
• Windows Server 2012 64-bit Edition with internal RAID 1 and RAID 5
• Windows Server 2008 R2 64-bit Edition with internal RAID 1 and RAID 5

Note: Dynamic disks and software RAID are not supported.

For additional system requirements and best practices information, see article 153563.

Compatible Email Client Software

Symantec Encryption Desktop for Windows will, in many cases, work with Internet-standards-based email clients other than those listed here. Symantec, however, does not support the use of other clients. 

Symantec Encryption Desktop for Windows has been tested with the following email clients:

• Microsoft Outlook for Office 365 ProPlus 
• Microsoft Outlook 2019 (32-bit and 64-bit)/Exchange Server 2019 (on-premises only)
• Microsoft Outlook 2016 (32-bit and 64-bit)/Exchange Server 2016 (on-premises only)
• Microsoft Outlook 2016 (32-bit and 64-bit)/Office Cloud Server
• Microsoft Outlook 2013 (32-bit and 64-bit)/Exchange Server 2013 Cumulative Update 10 through CUx (on-premises only)
• Microsoft Outlook 2013 (32-bit and 64-bit)/Exchange Server 2010 (on-premises only)
• Microsoft Outlook 2013 (32-bit and 64-bit)/Office 365 Cloud Server
• Microsoft Outlook 2010 (32-bit and 64-bit)/Exchange Server 2010 SP3 (on-premises only)
• Microsoft Outlook 2010 (32-bit and 64-bit)/Office 365 Cloud Server
• Microsoft Outlook 2007 SP2 (Outlook 12)/Exchange Server 2007 SP2
• Microsoft Outlook 2007 SP2 (Outlook 12)/Office 365 Cloud Server
• Microsoft Windows Live Mail version 2012
• Mozilla Thunderbird 38.3
• IBM Notes/IBM Domino Server 9.0.1 FP4
• IBM Notes/IBM Domino Server 8.5.3

Anti-Virus and Other Protection Software Compatibility for Windows

Symantec Encryption Desktop has been tested with the following anti-virus products:

• McAfee AntiVirus Plus (includes McAfee Anti-Virus and Anti-Spyware) 17.6
• Symantec Endpoint Protection 12.1 RU6 MP6
• Symantec Endpoint Protection 14.0
• McAfee AntiVirus LiveSafe 18.0
• McAfee Host Intrusion Prevention System 8.0
• AVG Antivirus Protection Free 16.71.7597
• Sophos Endpoint Security and Control 10.6
• Trend Micro Internet Security 10.0

In all anti-virus programs, enabling real-time scanning detects any viruses as the email or attachments are opened. Therefore, although it is recommended to disable email scanning for some of the anti-virus products listed, your email is still being scanned and you are still being protected by your anti-virus product from viruses spread via email.

Remote Desktop Services Compatibility

Symantec Encryption Desktop for Windows has been tested with the following remote desktop services software:

• Windows Server 2016 (64-bit) Remote Desktop Services with Internet Explorer 11
• Windows Server 2012 R2 (64-bit) Remote Desktop Services
• Windows Server 2012 (64-bit) Remote Desktop Services
• Windows Server 2008 R2 (64-bit, including Service Pack 1 or 2) Remote Desktop Services
• Citrix XenApp 7.6 FP3
• Citrix XenApp 7.7
• Citrix XenApp 7.9

Symantec Encryption Desktop supports the Symantec File Share Encryption feature in the Citrix XenApp environment. For more information, see article 150381.

Symantec Encryption Desktop supports the Symantec Desktop Email feature in the Citrix XenApp environment. For more information, see article 150500.

Compatible Smart Cards and Tokens for Symantec Drive Encryption BootGuard Authentication

This section describes the system requirements (compatible smart cards/tokens and readers).

Compatible Smart Card Readers for Symantec Drive Encryption Authentication

The following smart card readers are compatible when communicating with a smart card at the pre-boot time. These readers can be used with any compatible removable smart card (it is not necessary to use the same brand of smart card and reader).

Generic smart card readers

Most CCID smart card readers are compatible. The following readers have been tested by Symantec Corporation:

• OMNIKEY CardMan 3121 USB for desktop systems (076b:3021)
• OMNIKEY CardMan 6121 USB for mobile systems (076b:6622)
• ActivIdentity USB 2.0 reader (09c3:0008)
• SCM Microsystem Smart Card Reader model SCR3311

CyberJack smart card readers

• Reiner SCT CyberJack pinpad (0c4b:0100)

ASE smart card readers

• AET SafeSign ASEDrive IIIe USB reader (0dc3:0802)

Embedded smart card readers

• Dell D430 embedded reader
• Dell E6410 embedded reader (Broadcom)
• Dell E6510 embedded reader (Broadcom)

Compatible Smart Cards or Tokens for Symantec Drive Encryption

This topic lists all of the smart cards or tokens that are supported in Symantec Encryption Desktop 10.4.

Supported smart cards for pre-boot authentication

• ActiveIdentity ActivClient CAC cards, 2005 model
• ActiveIdentity ActivClient CAC cards, 2005 and older
• Charismathics CryptoIdentity plug 'n' crypt Smart Card only stick
• EMC RSA Smart Card 5200
• Gemalto ASECard Crypto Smart Card
• Gemalto Cyberflex Access 32K V2
• Gemalto Cyberflex Access 64K v2c
• HID Global Crescendo JCOP 21 version 2.4.1 R2 64K
• Marx CrypToken MX2048 JCOP USB token
• Oberthur 64K CosmopolIC v5.2
• Rainbow iKey 3000
• S-Trust StarCOS smart card

Note: S-Trust SECCOS cards are not compatible.

• SafeNet 330 smart card
• SafeNet eToken PRO Java 72K
• SafeNet eToken NG-OTP 32K
• T-Systems Telesec NetKey 3.0 smart card

Supported Personal Identity Verification (PIV) cards for pre-boot authentication

• Gemalto TOP DL GX4 144K FIPS
• Gemalto TOP DM GX4 72k (FIPS)
• Giesecke & Devrient SmartCaf_ Expert 144K DI v3.2
• Giesecke & Devrient SmartCaf_ Expert 80K DI v3.2
• Giesecke & Devrient SmartCaf_ Expert 5.0
• Giesecke and Devrient [email protected] Expert 3.2 personal identity verification cards using ActivClient version 6.1 client software
• Oberthur ID-One Cosmo V5.2D personal identity verification cards using ActivClient version 6.1 client software
• Oberthur ID-One Cosmo v7.0 with Oberthur PIV Applet Suite 2.3.2
• Oberthur ID-One Cosmo 128 v5.5 for DoD CAC with V2.6.2b client software

Supported smart cards for storing user keys

• EMC RSA SecurID 800 Rev A, B, and D
• Gemalto Cryptoflex 32K v1
• Gemalto Cyberflex Access 32K v2
• Gemalto IDBridgeK30 USB token
• Gemalto TOP DL GX4 144K with V2.6.2b Applets
• Oberthur IS-One Cosmo 128 5.5 for DoD CAC with V2.6.2b Applets
• SafeNet eToken PRO Java 72K
• SafeNet eToken PRO USB 64K
• SafeNet eToken PRO USB 32K
• SafeNet eToken NG-OTP 32K
• T-Systems Telesec NetKey 3.0 cards
• Giesecke and Devrient [email protected] Expert 3.2 personal identity verification cards using AET's SafeSign middleware

Supported smart cards for storing administrator keys

• SafeNet eToken PRO 64k
• SafeNet eToken PRO 72k
• SafeNet iKey 2032
• AET ASEKey Crypto USB Token
• AET ASECard Crypto Smart Card

Tablet Support

Symantec Encryption Desktop for Windows supports the following tablet systems:

• Microsoft Surface Pro 6
• Microsoft Surface Pro 5
• Microsoft Surface Pro 4
• Microsoft Surface Pro 3