Symantec PGP Encryption

I have encountered great difficulties in choosing  either Symantec Endpoint Encryption or McAfee Endpoint Encryption. In compared with both encryption product, any advantage that Symantec Endpoint Encryption have?

 I am not sure what McAfee Endpoint Encrytion would provide for Security but to know how Symantec Endpoint Encryption works and what are features & Benifits read the Technical Presentation for Symantec Endpoint Encryption
https://www-secure.symantec.com/connect/downloads/symantec-endpoint-encryption-60-technical-presentation

I presently have SEP up and functional within my network.  Preparing to start testing SEE v.7.03.  On the face of it, SEP's db requirements are quite similar to the SEE db requirements, SQL db on the Mngt. server or with SQL db on a separate, backend SQL db server.  However, with SEP recommended for the best of all worlds to install and connect a "separate instance" SQL db to the SEP Mgr.  I see no specific recommendation toward's this, so far, in the SEE installation recommendations.  I doubt I will create the db on the SEE mgr. server.  More than likely I will install on a separate SQL server.  With that in mind, what do you folks recommend; Separate or default instance?  Will I see many benefits from a separate instance or will the default instance suffice?   thanx

Posted this in the wrong place - sorry!

Have you tried running an SEE product? What db did you use? You're saying that you'll install it above the SEP, does it mean that you're going to use the SEP db for your SEE?

We use Macafee endpoint. the only reason it got chosen is because the local council and police use it! so if its good enough for them its good enough for us! I personally think its some of the worse software ive ever used! It aslo has a habit of breaking lower spec machines! I've not tried the Symantec one, but would like too!

Sure shinobivsme try the latest one -- I am sure you'll regret your decision ..... :)

If you have any questions .... feel free to post them

We used McAfee Endpoint Encryption when it was known as Safeboot, before McAfee brought the software, and I have to say, it was one of the easiest bits of software to install, configure, and use. At the time we purchased it, I evaluated 5 different products, although SEE wasn't one of them for some reason - possibly it wasn't around then. Anyway, at the time 'Safeboot' was head & shoulders above anything else I evaluated, and a lot cheaper. I don't know what the product is like now, since McAfee purchased the software, and the company I work for now is a Symantec Partner, so I'm evaluating & testing SEE. I do know that a number of banks use Safeboot/McAfee (most haven't upgraded from the Safeboot edition to the rebranded McAfee edition either), as I see quite a few of their laptops when I'm on site doing consultancy!

I've found SEE to be a little buggy during the install, (see my other post below, I got 2 SQL database errors during install) and has a few additional prereqs, such as .Net 2.0, IIS + ASP & SQL, where as if I remember rightly Safeboot used its own internal database. Safeboot was only a single install, an exe, which could be packaged in an MSI, or run as an application, where as SEE has 2 elements, the framework client, and the full disk edition client.  I could also make changes to individule machines after the software was installed, and the disk encrypted via the management console, and I could decrypt individule machines from there. Where as from what I can see during my testing, if you want to make changes in SEE, you have to decrypt the disk, uninstall both SEE software elements (hard disk & framework), create new software elements & reinstall, then re-encrypt (if this is wrong someone please let me know!).

On the plus side, SEE has a nice user-self-recovery ability, whereyou can have 3 or more questions that the user pre-fills, then if they forget their password, they answer these questions to logon, and auto-recover their password, without having to contact helpdesk. Safeboot used to use a kind of hash method, where the user would contact helpdesk, supply a 16 digit hash, then helpdesk would enter this, and supply the user with another 16 digit hash which allowed them to recover the password.

Hope this helps!

Ben

 You can make changes to already installed/encrypted clients via the management console, please see my answer to your post about it :)

You can make changes on the client machine that have SEE via GPO ..... there are bunch of things that can be changed .... you don't need to decrypt the machine and then apply changes .... I am not sure abt mcafee but SEE is flexible too :-)