Endpoint Encryption

 View Only

  • 1.  Encryption has stopped working

    Posted Jun 13, 2018 11:27 AM

    Hi We installed SEE on a test Server and created a DB on a non-prod MS-SQL Server. The client was created and applied to my PC along with the GPO, my disk was encrypted and the login options were working.

    All this has now stopped and my laptop disk was un-encrypted a couple of days ago. We have made no changes to the GPO or the client on the laptop.

    The Symantec AV client was updated on the test Server, but no other changes have been made. Any help would be appreciated.

     

    Thanks Delboy



  • 2.  RE: Encryption has stopped working

    Posted Jun 15, 2018 03:17 PM

    If you look in the Symantec Console, does it show the machine self decrypted?

     



  • 3.  RE: Encryption has stopped working

    Broadcom Employee
    Posted Jun 15, 2018 06:52 PM

    Hi Derrick,

    I am a support rep for the Symantec Encryption products and we have another customer experiencing similar issues. Do you happen to have a support case open for this issue? I would like to see if these might be related issues.

    Also, were there any recent Microsoft updates applied to either the SEEMS, or the Domain Controller that manages the GPO's?



  • 4.  RE: Encryption has stopped working

    Posted Jun 18, 2018 07:19 AM

    Hi, I have not raised a support case for this issue as I'm not sure how to do this.

    I have tried to RDP to the server to check the SEE logs, but RDP has also stopped working due to "CredSSP encryption oracle remediation"

    Our Admins are looking into this issue at the moment. The only update that was applied was an update to the Symantec AV client on the Server to version 14 build 3752



  • 5.  RE: Encryption has stopped working

    Broadcom Employee
    Posted Jun 18, 2018 04:44 PM

    Hi Derrick,

    Here is a link with information on how to contact support to open a support case.
    https://support.symantec.com/en_US/contact-support.html



  • 6.  RE: Encryption has stopped working

    Posted Jun 22, 2018 04:32 AM

    Hi, I've made some progress with this, thanks to the Symantec EMEA team,

    I have managed to reinstall the client, using the original encryption policies, but the disk is still decrypted. I can now access the console, but the laptop will not re-encrypt as instructed by the console.

    I suspect an issue with the encryption policy, so I will check this when back in the office next week.



  • 7.  RE: Encryption has stopped working

    Posted Jun 25, 2018 07:28 AM

    Yes, the machine shows as decrypted and refuses to re-encrypt.



  • 8.  RE: Encryption has stopped working

    Posted Jun 26, 2018 09:49 AM

    Further progress made. The issue has been tracked to the Group Policy - specifically the 1803 templates that wer applied during the latest round of Windows patches.

    Take a look at https://techcommunity.microsoft.com/t5/Windows-10-management/Group-Policy-Management-broken-after-applying-1803-templates/td-p/191400?attachment-id=5918 

     



  • 9.  RE: Encryption has stopped working
    Best Answer

    Posted Jun 27, 2018 05:50 AM

    Update: I have created a Native Policy as the 1803 GPO template issue has a much wider impact than first thought. The Native Policy is taking effect and the hard drive is encrypting again.