[KB7200] Starting Full Disk Encryption using a Trusted Platform Module in ESET Endpoint Encryption

Full Disk Encryption Process

To use TPM:

1. Log in to the ESET Endpoint Encryption (EEE) Server, select the Workstation you want to encrypt and click Full Disk Encryption.

Figure 1-1
Click the image to view larger in new window

You will now see the Compatibility Checks notification in the FDE wizard, which will inform you if there are any incompatibilities on the Workstation.

2. To reconfigure the TPM by sending a command to the target Workstation, click Reconfigure TPM. If your TPM does not require reconfiguring, skip to Choosing the TPM Security Mode.

Figure 1-2

3. Click Yes to continue the Reconfigure TPM process.

Figure 1-3

4. Type in the administrator password and click OK.

Figure 1-4

5. Once synchronization has occurred, click Restart from the target Workstation to clear the TPM. Depending on the Workstation's make, model, and current settings, you may need to restart twice in order to configure the TPM correctly.

Figure 1-5

Visit our article to manually synchronize the EEE Server and EEE client.

6. When the restart takes place a notification will appear, press F12 on your keyboard to clear the TPM. This notification is created by the manufacturer and may look different on various Workstation makes and models. The image below is taken from a Microsoft Surface Pro 3.

Figure 1-6

When the TPM has been cleared, and the EEE Server and Client Workstation have been synced, you will be able to proceed with the FDE process.

Choosing the TPM Security Mode

1. Select TPM Hardware and click Next.

Figure 2-1

2. Select one of the following authentication modes and click Next.

• Username and Password
• Pin Code
• No Extra Authentication

Figure 2-2