Sophos SafeGuard Disk Encryption for Mac 6.10: Release Notes
Applies to the following Sophos product(s) and version(s)
Sophos SafeGuard Disk Encryption for Mac 6.10
OSX 10.8, 10.9, 10.10*
* Installations on OS X 10.10 require an updated installation package (version 22.214.171.1244), which is available in the download area of Sophos.com as of 24th of October 2014.
- FileVault 2 requires either a local account or a mobile account. Please create a mobile account for Active Directory users or Apple Open Directory users if they should be able to activate FileVault 2 or if they should be enabled for FileVault 2.
- Drives are only reported if they reside on a GUID partition table. Volumes within an Apple Partition Map or Master Boot Record Partition scheme are not visible in the drive inventory.
- The encryption status is sometimes not updated in the inventory view until the Mac is rebooted.
Limitations on Mac OS X 10.8
- Adding a user to FileVault 2 requires the authentication of an already enabled user.
- The recovery key cannot be validated when it is imported with sgdeadmin.
- The recovery key cannot be changed after it was used to start the Mac.
Apple Open Directory
- Open Directory users are auto registered as local users in SafeGuard Management Center.
- Pure Open Directory network users (without a mobile account) are asked for their password to enable FileVault 2 or to get enabled for FileVault 2, even though the operation will fail.
- Only the system disc (partition) will be encrypted. Other volumes are planned to be supported in the next release.
- It may happen that the recovery key is not available in SafeGuard during the very first restart after enabling the disk encryption, it will be available after the first restart in this case.
- When the SafeGuard system menu is activated, it may take some time until the SafeGuard icon is displayed in the system menu bar.
- It may take up to 5 minutes until the correct encryption state is shown in the SafeGuard preference pane after FileVault encryption has finished.
- The user notification to restart the Mac after the decryption has finished is not displayed on Mac OS X 10.9 if the computer was restarted during the decryption.
- Adding the currently logged in user is only provided when the synchronization with the SGN Server is working.
- The Decrypt System Disk button in the preference pane may be enabled while the encryption is currently running and the preference pane is opened immediately after login and the security officer has assigned a "No Encryption" policy. Pressing the button will result in an error and the encryption continues. After some minutes, the button will be disabled.
- The installation, upgrade and uninstallation of SafeGuard Disk Encryption for Mac can take longer (up to 5 - 20 minutes), if your Mac is located behind a firewall. In order to speed up the installation, either disconnect it from any network or allow direct Internet access. Please note that this is a general OSX issue and is caused by the verification of the digital signature via Apple servers, with which SafeGuard’s files are signed.
- The SafeGuard system menu cannot be enabled or disabled if sgdeadmin is used with sudo.
Back to Sophos SafeGuard Release Notes Landing Page