Symantec Endpoint Encryption | Dell M.2 NVMe | Intel Rapid Storage Technology | RAID | AHCI
Wednesday, September 5th, 20182018-09-05 Initial Post
SEE will not work on certain models of computers that have Intel Rapid Storage (sometimes spelled Restore) Technology set to RAID. You must change that to AHCI prior to installing the OS. After the OS is installed, you may install SEE and start encryption. If you try to encrypt while the system is still set to RAID, encryption will not begin - it just won't work and there's no obvious error message.
From my understanding, the issue is because the pre-boot OS used by SEE does not have the drivers to access the Intel RAID volumes. Even Windows PE 10 does not have the drivers so I had to download the drivers for the laptops listed below and run drvload.exe to install them on the fly after booting up to WinPE (e.g. drvload.exe iaAHCIC.inf).
- Dell XPS 13 9360
- Dell XPS 13 9365
- Dell Precision 7730
Also, in Windows 10, BitLocker may be enabled and need to be activated, then the drive must be decrypted before SEE will work properly. If the Windows 10 image was just loaded, it will take a while for the drive to finish encrypting with BitLocker - let it complete, then activate BitLocker (this basically involves saving the encryption key) and then decrypt the drive. Once the drive is completely BitLocker decrypted, you may install SEE and encrypt with it.
Some Symantec KBs for reference:
Systems unable to boot properly after Encrypting disk with Symantec Drive Encryption when BIOS set to RAID On
https://support.symantec.com/en_US/article.TECH233048.html
Best Practices: Symantec Endpoint Encryption and Symantec Drive Encryption
