Mac OS X Snow Leopard support
PGP® Whole Disk Encryption supports Mac OS® X Snow Leopard (32- and 64-bit).
PGP Whole Disk Encryption includes Boot Camp support for Mac OS X.

Microsoft Windows 7 support
PGP Whole Disk Encryption supports Microsoft Windows 7 (32- and 64-bit).

Ubuntu and RedHat Linux support
PGP Whole Disk Encryption for Linux® supports Ubuntu® and Redhat®.

Once PGP Desktop Corporate is deployed, its operation is completely transparent-users simply continue to work as usual. The software automatically protects email and local and shared information according to policy, ensuring that users never forget to secure confidential data.

PGP Desktop Email
Delivers all the encryption functionality necessary for protecting an organization's email communications in a single, easyto-use and easy-to-manage solution. Secure instant messaging provides automatic secure sessions between AOL® Instant Messenger™ (AIM) users with PGP Desktop.

PGP Whole Disk Encryption
Locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system, and swap files.

PGP NetShare
Extends file server access controls to include strong end-to-end encryption, allowing content owners or security.

Transparent to Users
Once PGP NetShare folders are created, users create, save, and share documents as before. No change in user behavior or training is needed. Users simply click on a .doc, .xls, or .ppt file.

Encryption that Follows the File
Ensures that files stay encrypted locally, over the network, on the server, and in backups.

Multiple Ways to Share Data
Users can create storage-independent encrypted containers for transport and sharing of specific files using PGP Self-Decrypting Archive, PGP Virtual Disk, and PGP Zip.

• PGP Self-Decrypting Archives (SDAs) - Puts files and folders into an encrypted, compressed package that can be opened on a Windows system that does not have PGP Messaging or PGP Desktop installed. SDAs are the perfect solution for securely exchanging files with someone who does not have PGP software installed.
• PGP Virtual Disk volumes - Uses part of the hard drive space as an encrypted virtual disk volume with its own drive letter. A PGP Virtual Disk is the perfect place for storing sensitive files; it is as if they are stored in a safe. When the door of the safe is open (when the volume is mounted), files can be changed, taken out or moved into it. Otherwise (when the volume is unmounted), all the data on the volume is protected. PGP Virtual Disks are also self-expanding: they automatically grow to accommodate increases in data size, eliminating initial space allocation constraints.
• PGP Zip - Adds any combination of files and folders to an encrypted, compressed, portable archive. PGP Desktop must be installed on a system to create or open a PGP Zip archive. PGP Zip is a tool for securely archiving sensitive data, whether to distribute it to others or to back it up.

Secure File Deletion
PGP Shredder completely destroys files and folders so that even file recovery software cannot recover them. Deleting a file using the Windows Recycle Bin does not actually delete it; it sits on the drive and eventually gets overwritten. Until then, it is trivial for an attacker to recover that file. PGP Shredder, in contrast, immediately overwrites files multiple times. This is so effective that even sophisticated disk recovery software cannot recover these files. This feature also completely wipes free space on drives so that deleted data is truly unrecoverable.

Single Sign-on to Windows
Provides simplified login experience using existing Windows' password.

Partition-based Encryption
Partition-based encryption enables PGP Whole Disk Encryption to encrypt only designated disk partitions, providing added compatibility for systems with multiple operating systems or existing recovery partitions.

For (optional use) in a Centrally Managed Environment with PGP Universal Server:
Centralized Management, Deployment, & Policy
Automate provisioning, user and key management, and policy enforcement across email, disk, and network file encryption using PGP Universal Server's management console.

Event Logging
Comprehensive logs record all administrative operations for auditing and security best practices.

Recovery Passphrase
Automatic generation and central storage of unique one-time-use recovery passphrase enables remote assistance. Automatically resets the recovery passphrase after each use, reducing administrative overhead.

Assured Data Access
Patented PGP Additional Decryption Key (ADK) technology ensures corporate access to encrypted data (according to policy) in the event a key is lost or when required by regulatory mandates.

Policy-Driven Encryption of Removable Media
PGP Whole Disk Encryption users managed by PGP Universal Server automatically apply encryption of removable media according to policy, ensuring consistent data protection for these easily lost devices.

Partition Encryption Deployment
Administrators in a PGP Universal-managed environment may now configure encryption of only the boot partition or only Windows partitions rather than always encrypting entire disks.

Domain Administrator Restart Bypass
Windows System and Administrator account(s) may now engage a mode to bypass WDE authentication on the next restart by utilizing the privileges of the administration account to act as the authenticated user. This feature enables administrators to perform remote software installations requiring a restart of the target computer. Use of this feature is logged to the PGP Universal Server.

Multiple Platform Support
PGP Whole Disk Encryption supports Windows, Mac OS X and Linux, including Microsoft Windows 7, Mac OS X Snow Leopard, Ubuntu and RedHat.

Supported Operating Systems

• Microsoft Windows 7 (all 32-bit and 64-bit versions)
• Microsoft Windows Vista (all 32-bit and 64-bit versions, including Service Pack 1)
• Microsoft Windows XP Professional 32-bit (Service Pack 2 and 3)
• Microsoft Windows XP Professional 64-bit (Service Pack 2)
• Microsoft Windows XP Home Edition (Service Pack 2 or 3)
• Microsoft Windows XP Tablet PC Edition 2005 (attached keyboard required)
• Microsoft Windows 2000 Professional (Service Pack 4)
• Microsoft Windows 2003 Server (Service Pack 1 and 2)

* PGP Whole Disk Encryption (WDE) is not supported on Microsoft Windows 2000 Server or Microsoft Windows 2003 Server.

Localization

• English
• German
• Japanese
• Spanish
• French

Authentication Options

• OpenPGP RFC 4880 keys
• X.509 certificates

Messaging Protocols

• POP3
• IMAP
• SMTP
• MAPI
• Lotus Notes

Messaging Security Standards

• PGP/MIME RFC 3156
• OpenPGP RFC 4880
• S/MIME v3 RFC 2633
• X.509 v3

Supported Storage Systems - PGP NetShare

• Windows file shares (SMB, CIFS, & Samba)
• Locally attached hard drives (internal & external)
• USB flash drives

Supported Email Clients

• Microsoft Outlook 2007 SP1 (Outlook 12)
• Microsoft Outlook 2003 SP3
• Microsoft Outlook XP SP3
• Microsoft Outlook 2000 SP3
• Microsoft Windows Mail 6.0.6000.16386
• Microsoft Outlook Express 6
• Mozilla Thunderbird 2.0
• Lotus Notes 6.5.6, 7.0.3, and 8.0.2
• Novell GroupWise 6.5

Supported IM Clients

• AOL AIM 5.9.x
• AOL AIM 6.5.5 and earlier
• Trillian 3.1 (Basic and Pro)

Symmetric Key Algorithms

• AES (up to 256-bit keys)
• CAST
• TripleDES
• IDEA
• Twofish

Symmetric Key Algorithms - PGP Whole Disk Encryption

• AES 256-bit keys

Hashes

• SHA-2 (up to 512-bit hashes)
• SHA-1
• MD5
• RIPEMD-160

Public Key Algorithms

• Diffie-Hellman
• DSA (1024-bit keys only)
• RSA (up to 4096-bit keys)

Centralized Management Requirements

• PGP Universal Server*

* PGP Universal Server requires a dedicated server.

Two-Factor Authentication

Supported USB Tokens - PGP Desktop Email, PGP NetShare, PGP Virtual Disk, & PGP Zip

PGP Desktop Corporate recognizes and works with the following:

• DoD Common Access Cards (CACs) with the ActivCard Gold 2.0 profile
• Athena Smart Card Solutions smart cards, including the ASEKey USB token
• AET SafeSign smart cards, including ASEKey 1.0
• Axalto (formerly Schlumberger) smart cards, including the Cryptoflex 32K
• SafeNet smart cards, including iKey 2032
• Aladdin smart cards, including eToken PRO USB 16K, 32K, and 64K
• GemPlus smart cards, including SafesITe and GemXpresso Pro, using GemSafe Libraries 4.2.0-015 (Gold)

PGP Desktop Corporate also recognizes and works with smart cards from other vendors, if the vendor includes a standards-based PKCS-11 library in their software drivers.

Supported Pre-Boot Authentication Smart Cards & USB Tokens

The following smart card readers are supported for communicating to a smart card at pre-boot time. These readers can be used with any supported removable smart card (it is not necessary to use the same brand of smart card and reader). Any CCID smart card reader is supported. The following readers have been tested by PGP Corporation:

• OMNIKEY CardMan 3121 USB for desktop systems
• OMNIKEY CardMan 6121 USB for mobile systems
• ActivIdentity USB 2.0 reader
• CyberJack smart card readers
• Reiner SCT CyberJack pinpad
• ASE smart card readers
• Athena ASEDrive IIIe USB reader

PGP Whole Disk Encryption supports the following smart cards for pre-boot authentication:

• ActiveIdentity ActivClientCAC cards, both 2005 and 2002 models
• Aladdin eToken 64K, 2048-bit RSA-capable¹
• Aladdin eToken PRO USB Key 32K, 2048-bit RSA-capable¹
• Aladdin eToken PRO without 2048-bit capability (older smart cards)¹
• Athena ASEKey Crypto USB Token for Microsoft ILM²
• Athena ASECard Crypto Smart Card for Microsoft ILM²
• EMC RSA SecurID SID800 Token³
• Charismathics CryptoIdentity plug 'n' crypt Smart Card only stick
• S-Trust StarCOS smart card⁴
• Rainbow iKey 3000

¹ Other Aladdin eTokens, such as tokens with flash, should work provided they are APDU compatible with the supported tokens. OEM versions of Aladdin eTokens, such as those issued by VeriSign, should work provided they are APDU compatible with the supported tokens.

² The Athena tokens are supported only for credential storage.

³ This token is supported only for credential storage. SecurID is not supported.

⁴ S-Trust SECCOS cards are not supported.

PGP Perpetual License
A PGP Perpetual License with PGP Support entitles the customer to use the designated PGP software indefinitely, plus receive all Upgrades and Updates to the licensed software during the valid PGP Support period. One year of PGP Bronze Support is included with the online purchase of a PGP Perpetual License.

PGP Bronze Support provides customers with access to PGP Support Engineers and the PGP Support Site. PGP Support Engineers are available through interactive chat, private forum, and credit card telephone support. PGP Support must be renewed annually.