Proof of Concept environment cleanup is complete (if applicable)?
The proof of concept database and application have been backed up and uninstalled (if using the same server) before the installation engagement with Dell. For more instruction on an uninstall, see https://www.dell.com/support/manuals/us/en/04/dell-data-protection-encryption/enterpserverig/perform-back-ups?guid=guid-2669f62a-2567-49ea-8e72-4ad06fb82442&lang=en-us | |
Any production endpoints used during proof of concept testing have been decrypted or key bundles downloaded. For more information on the clients you plan to deploy, see Client Documents. |
All new implementations must begin with a new database and fresh installation of the Encryption or Endpoint Security Suite Enterprise software. Dell Client Services will not perform a new implementation using a POC environment. Any endpoints encrypted during a POC will need to be either decrypted or rebuilt prior to the installation engagement with Dell.
Service accounts successfully created?
Service account with read-only access to AD (LDAP) - basic user/domain user account is sufficient. |
Software is downloaded?
Dell Data Security client software and Security Management Server downloads are located in the Drivers & Downloads folder at www.dell.com/support/home/us/en/04/product-support/product/dell-data-protection-encryption/research or or From the product page http://www.dell.com/support
| |
If you have purchased Encryption or Endpoint Security Suite Enterprise on-the-box, the software can be delivered to the target computer using Dell Digital Delivery. |
License file(s) are available?
The license file is an XML file located on the ddpe.credant.com site in the Client Licenses folder. |
If you purchased your licenses on-the-box, no license file is necessary. The entitlement are automatically downloaded from Dell upon activation of any new Encryption or Endpoint Security Suite Enterprise client.
Servers meet required hardware specifications?
DNS alias created for Security Management Server Virtual and/or Policy Proxies with Split DNS for internal and external traffic?
It is recommended that you create DNS aliases, for scalability. This will allow you to add additional servers later or separate components of the application without requiring client update.
DNS aliases are created, if desired. Suggested DNS aliases:
|
Split-DNS allows the user of the same DNS name internally and externally. This means that we could internally supply dds.<domain.com> as an internal c-name, and direct this to the Dell Security Management Server (back-end), and externally we could supply an a-record for dds.<domain.com> and forward the relevant ports (see Ports for Security Management Server Virtual) to the front-end server. We could leverage DNS round-robin or a load-balancer to distribute the load to the various front-ends (if multiple exist).
Plan for SSL Certificates?
We have an internal Certificate Authority (CA) that can be used to sign certificates and is trusted by all workstations in the environment or we plan to purchase a signed certificate using a public Certificate Authority, such as VeriSign or Entrust. If using a public Certificate Authority, please inform the Dell Client Services Engineer. |
Change Control requirements identified and communicated to Dell?
Submit any specific Change Control requirements for the installation of Encryption or Endpoint Security Suite Enterprise to Dell Client Services prior to the installation engagement. These requirements may include changes to the application server(s), database, and client workstations. |
Test Hardware prepared?
Prepare at least three computers with your corporate computer image to be used for testing. Dell recommends that you not use production computers for testing. Production computers should be used during a production pilot after encryption policies have been defined and tested using the Test Plan provided by Dell. |