topic Temporarily disabling Bitlocker for Intel update in Endpoint https://community.checkpoint.com/t5/Endpoint/Temporarily-disabling-Bitlocker-for-Intel-update/m-p/202413#M7930 <P>Hey CheckMates.</P><P>We have a fleet of Lenovo laptops that occaisionally has a firmware update for the Intel Management Engine required for installation. Looking at the ReadMe file from the update, it is highly recommended that disk encryption [Bitlocker] is disabled before installing.</P><P>We are using Harmony Endpoint to centrally manage Bitlocker on our laptops.</P><P>My question is, does anyone know of (or done something similar) a way that we could possibly automate disabiling bitlocker through Harmony, installing the update, then enabling again?<BR />We really dont want to have to try to get users to ensure that they do not install the update when prompted BEFORE we get a chance to install the firmware.</P><P>I am looking into a way to control the Lenovo updates, but still dont want to have to do it manually across the fleet.</P><P>Any ideas?</P><P>Thanks<BR />Simon</P> Sun, 07 Jan 2024 23:27:45 GMT simon-ocean 2024-01-07T23:27:45Z Temporarily disabling Bitlocker for Intel update https://community.checkpoint.com/t5/Endpoint/Temporarily-disabling-Bitlocker-for-Intel-update/m-p/202413#M7930 <P>Hey CheckMates.</P><P>We have a fleet of Lenovo laptops that occaisionally has a firmware update for the Intel Management Engine required for installation. Looking at the ReadMe file from the update, it is highly recommended that disk encryption [Bitlocker] is disabled before installing.</P><P>We are using Harmony Endpoint to centrally manage Bitlocker on our laptops.</P><P>My question is, does anyone know of (or done something similar) a way that we could possibly automate disabiling bitlocker through Harmony, installing the update, then enabling again?<BR />We really dont want to have to try to get users to ensure that they do not install the update when prompted BEFORE we get a chance to install the firmware.</P><P>I am looking into a way to control the Lenovo updates, but still dont want to have to do it manually across the fleet.</P><P>Any ideas?</P><P>Thanks<BR />Simon</P> Sun, 07 Jan 2024 23:27:45 GMT https://community.checkpoint.com/t5/Endpoint/Temporarily-disabling-Bitlocker-for-Intel-update/m-p/202413#M7930 simon-ocean 2024-01-07T23:27:45Z Re: Temporarily disabling Bitlocker for Intel update https://community.checkpoint.com/t5/Endpoint/Temporarily-disabling-Bitlocker-for-Intel-update/m-p/202467#M7940 <P>Seems like this could be automated: <A href="https://support.checkpoint.com/results/sk/sk161575" target="_blank">https://support.checkpoint.com/results/sk/sk161575</A></P> Mon, 08 Jan 2024 13:52:47 GMT https://community.checkpoint.com/t5/Endpoint/Temporarily-disabling-Bitlocker-for-Intel-update/m-p/202467#M7940 PhoneBoy 2024-01-08T13:52:47Z