Operating System |
-
Windows XP Professional (x86) with SP2 or SP3
-
Windows Vista (x86 and x86-64) with SP1 or SP2 — Business, Ultimate, and Enterprise versions only
-
Windows 7 (x86 and x86-64) with or without SP1 — Professional, Ultimate, and Enterprise versions only
-
Windows 8 (x86 and x86-64) — Professional and Enterprise versions only
|
Firmware |
BIOS firmware is required. UEFI firmware is not supported. |
Hard Disks: Standard (no self-encrypting mechanism) |
Disks:
-
IDE, SATA, and PATA hard disks are supported. SCSI and RAID hard disks are not supported.
-
Multiple standard disks (one primary and multiple secondary) are supported in one device. When using multiple disks, all disks must be the same (for example, all IDE or all SATA).
-
Encryption of both standard and self-encrypting hard disks in the same device are not supported. A device can have standard disks or it can have self-encrypting disks, but it cannot have both.
Disk communication modes:
-
ATAPI and AHCI are supported.
-
When using ZENworks Pre-Boot Authentication, we strongly recommend that you use the standard Microsoft drivers. Other drivers can cause issues such as CD and DVD drives disappearing.
Supported disk types:
Supported file system:
Partition tables and partitions:
-
All disks must use a master boot record (MBR) partition table. GUID partition tables (GPT) are not supported.
-
ZENworks Full Disk Encryption creates a primary partition (referred to as the ZENworks primary partition) on the system disk to store files required for encryption and pre-boot authentication. Windows supports a maximum of four primary partitions; one primary partition must be available for ZENworks Full Disk Encryption. If all four primary partitions already exist, ZENworks Full Disk Encryption cannot create the required ZENworks primary partition and encryption fails.
-
A maximum of 10 partitions can be encrypted. The partitions can be on one disk or spread across multiple disks.
Disk space:
-
100 MB of free disk space on the primary (system) hard disk for the ZENworks primary partition that is created when the Disk Encryption policy is applied. To create the 100 MB partition, 300 MB of disk space must be available or the creation process will fail.
-
140 MB of free disk space on the system volume for ZENworks Full Disk Encryption software files.
|
Hard Disks: Self-Encrypting |
-
Seagate Momentus (FDE.x) hard disks that are based on DriveTrust technology and support Enterprise-mode (as compared to BIOS-only mode).
-
140 MB of free disk space on the system volume for ZENworks Full Disk Encryption software files.
-
Encryption of both standard and self-encrypting hard disks in the same device are not supported. A device can have multiple standard disks or it can have multiple self-encrypting disks, but it cannot have both. When using multiple standard disks, all disks must be the same (for example, all IDE or all SATA).
|
Drivers |
When using ZENworks Pre-Boot Authentication, we strongly recommend that you use the Microsoft IDE/SATA drivers. Other drivers can cause issues such as CD and DVD drives disappearing. |
Virtual Machines |
Virtual machines must meet the requirements listed above and in Managed Device Requirements in the , with the following exception:
IMPORTANT:SCSI is typically the default disk type when creating a virtual machine. SCSI is not supported; the disk type must be IDE.
|
Smart Cards |
ZENworks Pre-Boot Authentication (PBA) supports smart card authentication. For a list of supported smart card solutions, see Section A.0, Supported Smart Card Terminals and Tokens. |
Single Sign-On |
ZENworks Pre-Boot Authentication (PBA) supports single sign-on with Windows via both the Windows Client and the Novell Client. When using the Novell Client, the following requirements apply:
-
Novell Client 2 SP2 IR1 is required on Windows 7 and Windows Vista.
-
When using user ID/password authentication with the Novell Client and DLU, the user needs to log in to the Novell Client once before single sign-on will work. During single sign-on, the ZENworks PBA passes the user ID and password to the Novell Client. However, the client requires other details (tree, server, context, and so forth) that are available only if the user has populated the details during a previous log in.
-
When using smart card authentication with the Novell Client, NESCM (Novell Enhanced Smart Card Method), and DLU, the user needs to be the last user to have logged in to the Novell Client. During single sign-on, the ZENworks PBA passes the pin to the Novell Client. However, the client requires other details (tree, server, context, and so forth) that are available only if the user was the last smart card user to log in to the client.
-
Smart card authentication with the Novell Client, NESCM, and mode is not supported.
|