Skip to main content

Welcome

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Support

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Support

Welcome to Dell

My Account

Place orders quickly and easily
View orders and track your shipping status
Enjoy members-only rewards and discounts
Create and access a list of your products
Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Sign In Create an Account Premier Sign In Partner Program Sign In

Your Dell.com Carts

Products
Solutions
Services
Contact Us

Support
Product Support
Manuals

Dell Endpoint Security Suite Enterprise Advanced Installation Guide v3.8

Notes, cautions, and warnings
Introduction
- Before You Begin
- Using This Guide
- Contact Dell ProSupport for Software
Requirements
- All Clients
- Encryption
- Full Disk Encryption
- Encryption on Server Operating Systems
- Advanced Threat Prevention
  - Compatibility
- Client Firewall and Web Protection
- SED Manager
- BitLocker Manager
Registry Settings
- Encryption
- Full Disk Encryption
- Advanced Threat Prevention
- SED Manager
- BitLocker Manager
Install Using the Master Installer
- Install Interactively Using the Master Installer
- Install by Command Line Using the Master Installer
- MI_Install_EE_Server_setup
Uninstall the Master Installer
- Uninstall the Endpoint Security Suite Enterprise Master Installer
Install Using the Child Installers
- Install Drivers
- Install Encryption
- Install Full Disk Encryption
- Install Encryption on Server Operating System
- Install Advanced Threat Prevention Client
- Install Client Firewall and Web Protection
- Install SED Manager and PBA Advanced Authentication
- Install BitLocker Manager
Uninstall Using the Child Installers
- Uninstall Web Protection and Firewall
- Uninstall Advanced Threat Prevention
- Uninstall Full Disk Encryption
- Uninstall SED Manager
- Uninstall Encryption and Encryption on Server Operating System
- Uninstall BitLocker Manager
Data Security Uninstaller
Commonly Used Scenarios
- Encryption Client and Advanced Threat Prevention
- SED Manager and Encryption External Media
- BitLocker Manager and Encryption External Media
- BitLocker Manager and Advanced Threat Prevention
Provision a Tenant
- Provision a Tenant
Configure Advanced Threat Prevention Agent Auto Update
Pre-Installation Configuration for SED UEFI, and BitLocker Manager
- Initialize the TPM
- Pre-Installation Configuration for UEFI Computers
- Pre-Installation Configuration to Set Up a BitLocker PBA Partition
Designate the Dell Server through Registry
Extract Child Installers
Configure Key Server
- Services Panel - Add Domain Account User
- Key Server Config File - Add User for Security Management Server Communication
- Services Panel - Restart Key Server Service
- Management Console - Add Forensic Administrator
Use the Administrative Download Utility (CMGAd)
- Use Forensic Mode
- Use Admin Mode
Configure Encryption on a Server Operating System
Configure Deferred Activation
- Deferred Activation Customization
- Prepare the Computer for Installation
- Install Encryption with Deferred Activation
- Activate Encryption with Deferred Activation
- Troubleshoot Deferred Activation
Troubleshooting
- All Clients - Troubleshooting
- All Clients - Protection Status
- Dell Encryption Troubleshooting (client and server)
- Advanced Threat Prevention Troubleshooting
- SED Troubleshooting
- Dell ControlVault Drivers
- UEFI Computers
- TPM and BitLocker
Glossary

PDF

Loading, Please wait

BitLocker Manager

If a self-signed certificate is used on the Dell Server for BitLocker Manager, SSL/TLS trust validation must remain disabled on the client computer (SSL/TLS trust validation is disabled by default with BitLocker Manager). Before enabling SSL/TLS trust validation on the client computer, the following requirements must be met.
- A certificate signed by a root authority, such as EnTrust or Verisign, must be imported into Dell Server.
- The full chain of trust of the certificate must be stored in the Microsoft keystore on the client computer.
- To enable SSL/TLS trust validation for BitLocker Manager, change the value of the following registry entry to 0 on the client computer.
  [HKLM\System\CurrentControlSet\Services\DellMgmtAgent\Parameters]
  "DisableSSLCertTrust"=DWORD:0
  0 = Enabled
  1 = Disabled
- To prevent Bitlocker Manager from detecting removable disks as fixed disks, add the following registry key:
  HKLM\Software\Dell\Dell Data Protection\
  "UseEncryptableVolumeType" = DWORD:1
  0=Disabled (default)
  1=Enabled

Data is not available for the Topic

Rate this content

All fields are required unless marked otherwise.

Accurate

not accurate

somewhat accurate

mostly accurate

accurate

very accurate

Useful

not useful

somewhat useful

mostly useful

useful

very useful

Easy to understand

not easy

somewhat easy

mostly easy

easy

very-easy

Was this article helpful?

Yes

No

Send us feedback (Optional)

0/3000 characters

Comments cannot contain these special characters: <>()\

Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.

Please provide ratings (1-5 stars).

Please provide ratings (1-5 stars).

Please provide ratings (1-5 stars).

Please select whether the article was helpful or not.

Comments cannot contain these special characters: <>()\

Account

My Account
Order Status
My Products
Dell Rewards Balance

Support

Support Home
Contact Technical Support
Returns

Connect with Us

Community
Contact Us

Our Offerings

APEX
Products
Solutions
Services

Our Company

Who We Are
Careers
Dell Technologies Capital
Investors
Newsroom
Perspectives
Recycling
ESG & Impact
Customer Stories

Our Partners

Find a Partner
OEM Solutions
Partner Program

Resources

Blog
Dell Rewards
Events
Email Sign-Up
Privacy Centre
Resource Library
Security & Trust Centre
Trial Software Downloads

Dell Technologies
Dell Premier

Copyright © 2024 Dell Inc.
Terms of Sale
Privacy Statement
Legal & Regulatory
Accessibility