Community FAQ
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sukaitsu
Champion Sweeper
The report below lists Windows computers that are missing hard drive encryption. Not all of the Hard drive encryption vendors show up in add/remove programs. You will need to setup some custom file and registry scans to cover particular vendors.

The report will only list assets that meet all of the following criteria:

  • Asset is a Laptop, Notebook, or Portable
  • Bitlocker Encryption
  • McAfee Encryption v4,v5,v6, and v7
  • Hard drive Encryption Status (Via WMI)


Custom Scanning - File Scanning

%programfiles%\mcafee\eepc\sbsetup.exe
%programfiles(x86)%\mcafee\eepc\sbsetup.exe
%programfiles%\McAfee\Endpoint Encryption\EpePcMonitor.exe
%programfiles(x86)%\McAfee\Endpoint Encryption\EpePcMonitor.exe

Custom Scanning - Registry Scanning

Rootkey: HKEY_LOCAL_MACHINE
RegPath: SOFTWARE\SafeBoot International\SafeBoot Device Encryption
Value: ClientDir

Rootkey: HKEY_LOCAL_MACHINE
Regpath: SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\EEADMIN_1000
Value: InstallDir

Select Top 1000000 A1.AssetID,
A1.AssetName,
A1.Domain,
tblAssetCustom.Model,
tblEncryptableVolume.DriveLetter,
Case When tblEncryptableVolume.ProtectionStatus = 0 Then 'Off'
When tblEncryptableVolume.ProtectionStatus = 1 Then 'On'
End As [Protection Status],
Upper(A1.Userdomain + '\' + A1.Username) As [Last User],
tblADusers.Name,
tblADusers.email,
tblADusers1.Name As Manager,
A1.Lastseen
From tblAssets As A1
Inner Join tblAssetCustom On A1.AssetID = tblAssetCustom.AssetID
Inner Join tblSystemEnclosure On A1.AssetID = tblSystemEnclosure.AssetID
Inner Join TsysChassisTypes On tblSystemEnclosure.ChassisTypes =
TsysChassisTypes.Chassistype
Left Outer Join tblEncryptableVolume
On A1.AssetID = tblEncryptableVolume.AssetId
Inner Join tblADusers On tblADusers.Username = A1.Username And
tblADusers.Userdomain = A1.Userdomain
Left Outer Join tblADusers tblADusers1 On tblADusers1.ADObjectID =
tblADusers.ManagerADObjectId
Where A1.AssetID Not In (Select tblRegistry.AssetID From tblRegistry
Where A1.AssetID = tblRegistry.AssetID And tblRegistry.Regkey Like
'%\SOFTWARE\SafeBoot International\SafeBoot Device Encryption') And
A1.AssetID Not In (Select tblSoftware.AssetID
From tblSoftware Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblSoftware.softID Left Outer Join tblEncryptableVolume
On tblEncryptableVolume.AssetId = tblSoftware.AssetID
Where tblSoftwareUni.softwareName Like 'MBAM%' And
tblEncryptableVolume.ProtectionStatus = 1) And
A1.AssetID Not In (Select tblSoftware.AssetID
From tblSoftware Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblSoftware.softID Left Outer Join tblEncryptableVolume
On tblEncryptableVolume.AssetId = tblSoftware.AssetID
Where tblSoftwareUni.softwareName Like 'MDOP MBAM%' And
tblEncryptableVolume.ProtectionStatus = 1) And
A1.AssetID Not In (Select tblSoftware.AssetID
From tblSoftware Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblSoftware.softID
Where tblSoftwareUni.softwareName Like 'McAfee Agent%') And
A1.AssetID Not In (Select tblFileVersions.AssetID From tblFileVersions
Where A1.AssetID = tblFileVersions.AssetID And tblFileVersions.FilePathfull
Like '%sbsetup.exe' And tblFileVersions.Found = 1) And
A1.AssetID Not In (Select tblFileVersions.AssetID From tblFileVersions
Where A1.AssetID = tblFileVersions.AssetID And tblFileVersions.FilePathfull
Like '%EpePcMonitor.exe' And tblFileVersions.Found = 1) And
(tblEncryptableVolume.DriveLetter Like '[C-D]:' Or
tblEncryptableVolume.DriveLetter Is Null) And
(tblEncryptableVolume.ProtectionStatus = 0 Or
tblEncryptableVolume.ProtectionStatus Is Null) And
(TsysChassisTypes.ChassisName = 'Laptop' Or TsysChassisTypes.ChassisName =
'Notebook' Or TsysChassisTypes.ChassisName = 'Portable') And
tblAssetCustom.State = '1'
Order By A1.AssetName


Thank you,

Jeffrey
Thank you, Jeffrey Smith Enterprise Applications Security (319) 499-6310 JefSmith@geico.com
0 REPLIES 0

Archive

This board contains archived posts from the retired Lansweeper Forum and Insiders Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now