(FDE = Full-Data Encryption, not Full-Disk Encryption).
Policy-based, rock solid server-side admin, you encrypt exactly what you want and no more.
Don't want to encrypt files saved by Notepad? Want to encrypt External Media?
Look to Credant.
Until I found Credant I was pulling my hair out over Guardian Edge's (Symantec Endpoint Encryption) Full Disk Encryption solution. I just couldn't get the central administration working, and deployment without imaging was intolerable. Fortunately we did not purchase the GE/SEE product before we saw Credant.
For banks, where specific (read: GLBA, FDIC, SOX) compliance is required, open source encryption solutions are not easy options. Auditors love to gum up the works causing costly delays when they hear the words "Open Source". And Full-Disk Encryption (FDE) causes many headaches, not the least of which is the inability to run disk utilities (chkdsk, spinrite) without screwing up the encrypted volume, and the impossibility of using standard image-based deployment tools (Altiris, Ghost, WIM, etc).
Example: Symantec purchased the FDE solution from Guardian Edge, calling it "Symantec Endpoint Encryption" (SEE). Administration is based on Windows Group Policy, which sucks in a disconnected environment (laptops)
We use Credant. It's policy-based, runs just as well disconnected as it does connected, and provides full compliance reporting.