Unsolved
11 Posts
0
2070
DDP & SCCM
We use DDP on all of our Dell workstations and we also use SCCM. I'm new and coming into a configuration that is already in place so I can't start from scratch, but I'd like to make sure everything is set up correctly so that SCCM is working the best that it can on clients. Is there documentation/setup instructions that are specific to this sort of environment that someone can point me to? I've been diving deep into everything I can find and I haven't found anything specific yet.
Thanks in advance.
Brian Piatt
67 Posts
0
August 16th, 2019 14:00
@KDBoutelle
Short answer: There is not specific documentation for DDP setup with SCCM as each environment requirements vary.
Long answer: Dell Data Security (formerly Dell Data Protection) portfolio consists of several products including:
Do you know what product you are using in your environment? Are you using SCCM to deploy/update the product?
Happy to help ensure your SCCM is configured right for your environment.
-Brian
L4 | Dell Data Security #IWork4Dell
KDBoutelle
11 Posts
0
August 19th, 2019 04:00
Hi Brian,
Thank you and I'll take you up on your offer!
Server: Dell Security Management Server 10.2.3
Client: Dell Endpoint Security Suite Enterprise 2.2.0
I do deploy the client with SCCM and have worked with our Dell support to build the installer for our systems. There is no direct integration with SCCM but it would be nice if there were.
Before we get too far down this road I should ask if I should send this on to our support contact first. I'd hate to waste your time and I know we have up to date support contracts.
KDBoutelle
11 Posts
0
August 19th, 2019 05:00
And we are using the following:
Windows Encryption:
Threat Prevention:
I can affect any individual client by making exceptions for that client, waiting for the policy to update on the client and then performing an action on SCCM that uses PowerShell to gather data (typical). If I reverse the changes on the client and then make those same changes at Enterprise level the alteration doesn't work. The client will stop the process as a memory violation.
I tried pasting an example of the error here but this form didn't like it at all.
Brian Piatt
67 Posts
0
August 19th, 2019 08:00
@KDBoutelle
Based on your issues it sounds we may need to add exclusions for your SCCM processes within the ATP section of the administration console for script control (assuming that feature is enabled in your environment). For more information on this process reference How to Add Exclusions to Dell Endpoint Security Suite Enterprise.
Even though I am support (specifically L4), I would suggest getting a support ticket opened by calling Dell Data Security International Phone Numbers.Once you get the ticket spun up, shoot me a private message with the Service Request (SR) number as I want to make sure it's resolved in a timely manner.
On one of the endpoints exhibiting the issue, collect logs after enabling verbosity. For more information on the process, reference How to Collect Dell Endpoint Security Suite Enterprise Logs.
-Brian
L4 | Dell Data Security
Brian Piatt
67 Posts
0
August 20th, 2019 09:00
For visibility into the solution (in case anyone runs into this again), the Dell Security Management Server divides policies into two categories:
With the exception of Enterprise, policies for Device base will never be in User base sections (and vice versa).
By default all sections will inherit the enterprise level policy. As you progress with customizing an environment, policies can be adjusted at other sections. The most specific policy will always win against the least specific policy (e.g. Endpoints vs Enterprise). In the case of two policies conflicting at the same level (e.g. Device is part of two endpoint groups), the most secure policy will win.
In this instance, we simply needed to adjust the policy at the appropriate policy section to have the changes take effect.
-Brian
L4 | Dell Data Security #IWork4Dell