About the extended columns in reports

Some reports in
Symantec Endpoint Encryption
let you extend the columns that are displayed beyond the default set of columns. This topic describes all of the extended columns that are available in the
Symantec Endpoint Encryption
Reports snap-in.
Some of these columns might appear as default columns in a few reports.
The extended columns that you can add to reports
Column name
Description
Asset Tag
The System Management BIOS (SMBIOS) asset tag of the client computer. If the data does not exist on the client computer, this column displays
Not available
as its value.
Computer Name
The host name of the client computer being monitored.
Group Name
The location of the client computer within the
Symantec Endpoint Encryption
Users and Computers
snap-in.
Last Check-In
The date and time of the most recent connection between the client computer and the
Symantec Endpoint Encryption Management Server
.
MA Version
The version number of the
Management Agent
client that is currently installed on the client computer.
MA Build Number
The build number of the
Management Agent
client that is currently installed on the client computer.
MA Installation Date
The date and time that the
Management Agent
client was installed on the client computer.
Operating System
The name of the operating system that is currently installed on the client computer.
Part Number
The System Management BIOS (SMBIOS) part number of the client computer. If the data does not exist on the client computer, this column displays
Not available
as its value.
CA Certificate Expiration Date
The expiration date and time of the Certificate Authority (CA) certificate that is stored on the client computer. If the data does not exist on the client computer, this column displays
Not available
as its value.
Serial Number
The System Management BIOS (SMBIOS) serial number of the client computer. If the data does not exist on the client computer, this column displays
Not available
as its value.
System Type
Indicates whether the client computer has a 32-bit or 64-bit operating system installed.
Mac FileVault Client columns
Computer Model
Indicates the model of the Mac client computer.
FileVault Status
Indicates the current state of the FileVault application. The following values are possible:
  • Off
    - FileVault is not currently managed by
    Symantec Endpoint Encryption for FileVault
    .
  • Off – Managed
    - FileVault is currently managed by
    Symantec Endpoint Encryption for FileVault
    , but has been disabled by the user.
  • On – Managed (with IRK)
    - FileVault is active, the Personal Recovery Key (PRK) is not stored in the
    Symantec Endpoint Encryption Management Server
    database, and the Institutional Recovery Key (IRK) policy setting is enabled.
  • On – Managed (with PRK)
    - FileVault is active, the Personal Recovery Key (PRK) is stored in the
    Symantec Endpoint Encryption Management Server
    database, and the Institutional Recovery Key (IRK) policy setting is disabled.
  • On – Managed (with PRK and IRK)
    - FileVault is active, the Personal Recovery Key (PRK) is stored in the
    Symantec Endpoint Encryption Management Server
    database, and the Institutional Recovery Key (IRK) policy setting is enabled.
  • Unknown
    - The FileVault encryption status is unknown, or the
    Symantec Endpoint Encryption for FileVault
    has not transmitted the information to the
    Symantec Endpoint Encryption Management Server
    .
FileVault Auto Encryption
Indicates whether the automatic FileVault encryption policy option is selected.
Autologon Enabled
Indicates whether the FileVault Autologon policy option is selected.
Drive Encryption
columns
Decrypted
The drive letters of any unencrypted drives on the client computer.
Decrypting
The drive letters of any drives that are in the process of decryption.
Decryption Paused
The drive letters of any drives where decryption is paused by the client administrator or privileged user, or due to the occurrence of a bad sector.
DE Version
The version number of
Drive Encryption
that is currently installed on the client computer.
DE Build Number
The build number of
Drive Encryption
that is currently installed on the client computer.
DE Installation Date
The date and time that
Drive Encryption
was installed on the client computer.
Encryption Type
Indicates whether disks are encrypted by
Symantec Endpoint Encryption
, Apple FileVault2, or Microsoft BitLocker.
Encrypted
The drive letters of any encrypted drives on the client computer.
Encrypting
The drive letters of any drives that are in the process of encryption.
Encryption Paused
The drive letters of any drives where encryption is paused by the client administrator or privileged user, or due to the occurrence of a bad sector.
Number of Drives
The number of physical drives on the client computer.
Hardware Encrypted Drives
Indicates whether the client computer has hardware encrypted drives or not.
TPM Enabled
Indicates whether a Trusted Platform Module (TPM chip) is being used for authentication on a
Drive Encryption
client. Values are
Yes
or
No
.
BitLocker Encryption columns
BE Version
The version number of
Symantec Endpoint Encryption for BitLocker
that is currently installed on the client computer.
BE Build Number
The build number of
Symantec Endpoint Encryption for BitLocker
that is currently installed on the client computer.
BE Installation Date
The date and time when
Symantec Endpoint Encryption for BitLocker
was installed on the client computer.
Removable Media Encryption
columns
Removable Media Access Utility
Indicates whether the
Removable Media Access Utility
is copied to removable media devices. This column also specifies whether the Windows version, the Mac OS X version, or both versions of the
Removable Media Access Utility
are copied.
RME AutoRun Enabled
(Applies to client computers running 8.2.1 or earlier versions of the software) Indicates whether the AutoRun functionality is enabled for the
Removable Media Access Utility
.
RME Build Number
The build number of
Removable Media Encryption
that is currently installed on the client computer.
RME Default Password Aging
Indicates whether a password aging policy is in effect for Default Passwords.
RME Device Access Control
Indicates the level of read or write access on the removable media devices that are connected to the client computer.
RME Device Exclusions
Indicates whether a removable media device exclusion policy is enabled on the client computer.
RME Device Memo
The optional memo text that an administrator saved.
RME Encryption Method
Indicates whether files on removable media devices are password-encrypted or certificate-encrypted.
RME Encryption Policy
Indicates the action that is taken for automatic encryption of files on removable media devices (except CDs and DVDs).
RME Encryption Format
Indicates whether files on removable media devices are encrypted using the SEE RME format for
Symantec Endpoint Encryption
versions 11.0 and later, or the SEE RS format for
Symantec Endpoint Encryption
version 8.2.1.
For the client computers that use a version of Removable Media Encryption earlier than 11.0.0 MP2, no value is displayed.
RME Exempted Product ID
The product ID (PID) of the removable media device that is exempted from encryption.
RME Exempted Vendor ID
The vendor ID (VID) of the removable media device that is exempted from encryption.
RME Exempted Serial Number
The serial number of the removable media device that is exempted from encryption.
RME Exempted File Types
Indicates the multimedia file groups, such as audio, image, and video files, that are exempted from encryption on removable media devices. Alternatively, this column indicates whether no file groups are exempted from encryption.
RME File Type Exemptions
The file extensions that are exempted from automatic encryption on the removable media devices that are connected to the client computer.
RME Installation Version
The version number of
Removable Media Encryption
that was originally installed on the client computer.
RME On-Demand Encryption
Indicates whether users can perform right-click encryption and right-click decryption of files on removable media devices (except CDs and DVDs).
RME Passwords
Indicates the type of password that users are allowed to set. Depending on the current policy in force, one or more of the following values might be displayed in this column (multiple values are separated by semicolons):
  • Default
    – Users are allowed to set a Default Password.
  • Session Default
    – Users are allowed to set Session Passwords.
  • None
    – (Applies to client computers running 8.2.1 or earlier versions of the software) Users are not allowed to set a Default password, or a Session password, or a Device Session Default Password.
RME Recovery Certificate
The serial number of the recovery certificate that is in effect on the client computer. If there is no recovery certificate, this column displays
Not Enabled
as the value.
RME Self-Decrypting Archives
Indicates whether users can create self-decrypting archives on the computers that have
Removable Media Encryption
installed.
RME Session Default Password Aging
Indicates whether a password aging policy is in effect for Session Passwords.
RME SHA Type
The SHA type that is used in the encryption algorithm. This column displays a value only for the computers that have an earlier version of
Symantec Endpoint Encryption
Removable Storage installed.
RME User Choice Default Policy
Indicates the default action that is specified for the
Allow users to choose
option of the Automatic Encryption policy setting.
Alternatively, indicates when user choice is not enabled.
RME Version
The version number of
Removable Media Encryption
that is currently installed on the client computer.
RME Workgroup Key
Indicates whether a group key is in use on the client computer.
RME VDI Catalog ID
The ID of the XenDesktop machine catalog that the VDI client belongs to.
RME VDI Catalog Name
The name of the XenDesktop machine catalog that the VDI client belongs to.
RME VDI Client
Indicates whether the client computer is a XenDesktop VDI client.
RME VDI Client Image
Indicates whether the VDI client image is a Master image or a Client image.
RME VDI Client Image Pool
Indicates whether the client image belongs to a predefined
Static
pool, or to a
Random
pool.
This column does not display a value if the VDI client image is a Master image.