Automatically Starting Full Disk Encryption
The Automatic Full Disk Encryption (FDE) feature allows the ESET Endpoint Encryption (EEE) client to immediately begin FDE after being installed on a workstation. Usually a command would need to be sent from the EEE Server to a target workstation in order to start the FDE process after activating a user.
In this mode, no credentials will be required to boot the system until the first user has activated. During activation the first user with an Pro licence on this workstation will be prompted to choose a password with which to boot the system. At which point the FDE username, recovery information and Admin FDE credentials will be visible in the Server and the workstation will operate normally.
Although you can use FDE in this manner, it is strongly recommended that you activate a Pro licence as soon as possible to ensure the workstation is fully secured. Automatic FDE is not a replacement for starting FDE from the Server as shown in the article below:
It is designed to ensure the workstation is encrypted prior to user Activation, for example where a system administrator prepares the laptops before distributing to end users or if the end users are currently unknown.
Note: This feature is available from the Server version 2.9.0 and Client version 4.9.0 onwards, and will only work when performed as a 'fresh' install, not an upgrade from a previous version.
What will be encrypted?
Step 1: Enabling the feature
Step 2: Configuring the Workstation Policy
Note: If you are using Self-Enrolment to activate workstations and have previously sent an FDE command to another machine, the FDE Administrator password that was used will be set as a default. If not, a randomly generated password will be created which can be seen in the FDE logins window. Please see the article below for more information:
Step 3: Install Client Software
Step 4: Activation
Note: This step is not necessary if you have activated using Self Enrolment.
Step 5: Enter FDE pre-boot password details
Once you have entered the activation details you will be required to enter a pre-boot password. If you have Self Enrolment enabled and have chosen to set your user with an SSO type login, you will be required to verify your domain login credentials.
Kewords: auto start fde full disk encryption automatically automatic