Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

191

192

193

194

195

196

197

198

199

200

Security Management Server v10.2.7 AdminHelp

179

;ppt

.doc.xls

.pptx.docx

.xlsx

^R#:

\iPod_Control

;ppt.doc

.xls.pptx

.docx.xlsx

^R#:\Notes

;ppt.doc

.xls.pptx

.docx.xlsx

^R#:\Photos

;ppt.doc

.xls.pptx

.docx.xlsx

Replacing these five rules with the following rule will force encryption of

ppt, pptx, doc, docx, xls, and xlsx files in any directory on the iPod,

including Calendars, Contacts, iPod_Control, Notes, and Photos:

^R#:\;ppt.doc.xls

.pptx.docx.xlsx

These rules disable or enable encryption for these folders and file types for

all removable devices - not just an iPod. Use care when defining rules to

exclude an iPod from encryption.

These rules have been tested against the following iPods:

iPod Video 30gb fifth generation

iPod Nano 2gb second generation

iPod Mini 4gb second generation

Dell does not recommend the use of the iPod Shuffle, as unexpected

results may occur.

As iPods change, this information could also change, so caution is advised

when allowing the use of iPods on Encryption External Media-enabled

computers.

Because folder names on iPods are dependent on the model of the iPod,

Dell recommends creating an exclusion encryption policy which covers all

folder names, across all iPod models.

EMS Block Access

to UnShieldable

Media

Selected

Block access to any removable media that is less than 55 MB and thus has

insufficient storage capacity to host Encryption External Media (such as a

1.44MB floppy disk).

More...

All access is blocked if EMS Encrypt External Media and this policy are both

Selected. If EMS Encrypt External Media is Selected, but this policy is Not

Selected, data can be read from the unencryptable media, but write access

to the media is blocked.

If EMS Encrypt External Media is Off, then this policy has no effect and

access to unencryptable media is not impacted.

SDE Encryption

Enabled

Selected

If this policy is Not Selected, SDE encryption is disabled, regardless of other

policy values. Selected means that all data not encrypted by other

Intelligent Encryption policies are encrypted per the SDE Encryption Rules

policy. Changing the value of this policy requires a reboot.

SDE Encryption

Algorithm

AES256

AES 256, AES 128, 3DES

Encryption algorithm used to for System Data Encryption.

Encryption algorithms in order of speed, fastest first, are AES 128, AES 256,

3DES.

SDE Encryption

Rules

String

F#:\

-^%ENV:SYSTEMDRIVE%\System Volume Information

-^%ENV:SYSTEMROOT%\;dll.exe.sys.ocx.man.cat

.manifest.policy

Encryption rules to be used to encrypt/not encrypt certain drives,

directories, and folders. See Encryption Rules for information.

SDE Encryption Rules may be changed as appropriate for your

environment. However, these defaults have been tested extensively.

Removing these exclusions may result in Windows issues, particularly after