Symantec Endpoint Encryption 11.4.0 Maintenance Pack 2 Release Notes

Learn what's new, what's changed, and what's fixed in the Symantec Endpoint Encryption 11.4.0 Maintenance Pack 2 release.

Symantec Endpoint Encryption (SEE) 11.4.0 Maintenance Pack 2 (MP2) provides a new command-line interface utility for the SEE Management Agent, fixes customer-reported issues, and enhances existing capabilities for delivering data security.

What's new in this release

Introduced SEE Management Agent Command Line Interface

This release introduces the new Command Line Interface (CLI) utility (SEEMAUIApp.exe) for Symantec Endpoint Encryption (SEE) Management Agent. This CLI utility works with Windows computers running one of the SEE client components, such as Drive Encryption, Removable Media Encryption, or SEE for BitLocker. Using the CLI utility, you can run the following (example) command and can enforce the managed computers to connect (check-in) with the SEE Management Server whenever required:

<C:\Program Files\Symantec\Endpoint Encryption Clients\Management Agent>SEEMAUIApp.exe --check-in

Currently,

--check-in

is the only command parameter that is supported.

What's changed in this release

Prevented improper use of the REINSTALLMODE parameter while performing fresh installation or upgrade of SEE client components

Using the

REINSTALLMODE=vemus

and

ADDLOCAL=ALL

parameters for a fresh installation or upgrade of Symantec Endpoint Encryption client components now stop the installation or upgrade process. These parameters must be used only to update an existing Symantec Endpoint Encryption client component of the same version. Do not use the

REINSTALLMODE=vemus

and

ADDLOCAL=ALL

parameters to perform a fresh installation or upgrade of Symantec Endpoint Encryption client components. For more information, see the following topics:

Updating a client component from the command line using the reinstallmode parameter

Deploying client installers using the command line

Installation Guidelines for Repairing Symantec Endpoint Encryption

Removed the installation prerequisite for a system restart following updates to third-party software

Starting with this release, installing or upgrading Symantec Endpoint Encryption will no longer require a system reboot after the installation or updates to any third-party software. However, after installing Windows updates or Symantec Endpoint Encryption updates, systems still must be rebooted to successfully install or upgrade Symantec Endpoint Encryption.

Enhanced Admin Log and Client Events Log attributes

For auditing requirements, the following two attributes of Admin Log and Client Events Log are enhanced in this release:

Age of the log entries (in days)

Number of log entries

Starting with this release, the logs are purged on a first-in, first-out basis when:

the total number of log entries reaches 300000 (previously 100000 log entries)

the Admin Log entries that have been saved for 1095 days (previously 180 days)

the Client Events Log entries that have been saved for 1095 days (previously 30 days)

Resolved issues

The following issues are fixed in this release:

While installing or upgrading the Symantec Endpoint Encryption Management Server, when you click Next
after entering credentials on the Database Access
page, the database user is validated immediately without any delay. [EPG-30897]

In a Symantec Endpoint Encryption setup where managed computers are named similarly to usernames, searching for users (on the Server Role Configuration
> Add Users / Groups
> Select Users
tab) now displays only the users that match the search term, not computers. [EPG-30901]

FileVault users that use spaces in their password are now successfully authenticated with SEE for FileVault Agent for sending the personal recovery key (PRK) to the SEE Management Server. [EPG-30902]

The SQL Server connection timeout is now increased so that the upgrade of Symantec Endpoint Encryption is successful in a setup with a large database. [EPG-30910]

Known issues

There are no known issues in this release of Symantec Endpoint Encryption. For information on the known issues of Symantec Endpoint Encryption 11.4.0, which are also applicable to this release, see the Known Issues section in the Symantec Endpoint Encryption 11.4.0 Release Notes.

Prerequisite, installation, and upgrade

Prerequisites

To install and upgrade to this version of Symantec Endpoint Encryption, you must meet the prerequisites. Before you install Symantec Endpoint Encryption, make sure to perform the following steps:

Install SQL Server 2012 CLR Types 32-bit (SQLSysClrTypes.msi)

Download SQLSysClrTypes.msi for 32-bit systems from https://www.microsoft.com/en-us/download/details.aspx?id=56041

Note
: To ensure that you have downloaded SQLSysClrTypes.msi for 32-bit systems, right-click SQLSysClrTypes.msi, click Properties, click the Details tab, and verify that the Value of the Subject property is set to Microsoft System CLR Types for SQL Server 2012
.

Install SQL Server 2012 Shared Management Objects 32-bit (SharedManagementObjects.msi) Download SharedManagementObjects.msi for 32-bit systems from https://www.microsoft.com/en-us/download/details.aspx?id=56041

Note
: To ensure that you have downloaded SharedManagementObjects.msi for 32-bit systems, right-click SQLSysClrTypes.msi, click Properties, click the Details tab, and verify that the Value of the Subject property is set to Microsoft SQL Server 2012 Management Objects
.

Review and meet the requirements that are available on the System Requirements for Symantec Endpoint Encryption 11.4.0 page.

Installation and upgrade

For information on the installation and upgrade process of Symantec Endpoint Encryption, refer to the Installation Guide and the Upgrade Guide. Also, see the article, HOW TO: Install Symantec Endpoint Encryption Management Server.

Release Notes

Content feedback and comments