This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SafeGuard EnterpriseEncryption

Hi there,

Just looking for some help on how to setup SafeGuard Enterprise Encryption - Is there any video tutorials??

Thanks

Paul



This thread was automatically locked due to age.
Parents
  • Hi thanks for that

    Do I have to go through all this rigmarole just to encrypt 3 laptops??

    Paul

  • Hi Paul - If you're just trialing the software, I would ask to have some licences for Sophos Central Device Encryption instead. This is the cloud hosted version so no servers to manage/configure on site - just point the clients at the cloud host.

    You didn't say if you're getting more clients or if 3 is just the lot? Without meaning to undersell the product I would argue that having a "managed" solution to manage just three machines is a waste of time and I would do something cheaper and easier. If they're Windows machines it's a two second job to configure AD so that the recovery keys are pushed into that. There would be no cost to this - just a small amount of time.

    If you need File Encryption instead of (or as well as) FDE (full-disk-encryption) then there's still some cheap tools you could use - depends entirely on if this is a test/concept or it's the full estate?

     

    All the best 

  • Hi Michael,

     

    Thanks for the reply, I have 3 Windows 7 Pro laptops that need encryption - I bought 3 Sophos Safeguard enterprise licences, whether that was a mistake or not I don't know.  I just need a bit locker type solution instead of installing management centres etc. but if that's what I have to do I'll do it.

     

    Paul

  • Honestly if you bought 3 licences for just three PC's and it's now purchased....Ask Sophos (and your account manager if you have one) to transfer them to Central licences.

    This "should" be free/cheap but would mean an ongoing cost.

     

    However - If you want to write-off the purchase - You can configure AD (assuming these PC's are bound to a domain?) to store the keys and then assign permissions to your staff (?) to read the key from AD. Good article here - a little dated but still relevant.

    http://jackstromberg.com/2015/02/tutorial-configuring-bitlocker-to-store-recovery-keys-in-active-directory/

     

    You've bought a enterprise product I'm afraid Paul, and I feel that should have been explained to you/the purchaser. You've chosen a HUGE hammer to break just three nuts! It's a good product - I'm not knocking that, but I don't think a full-blown console and management is worthwhile for 3 PC's. The SSG setup can handle thousands of clients so you can appreciate it's quite a complex and chunky setup because it has to be. 

    So I would personally - 1 - Transfer to cloud licences if possible. Make finance aware there will be an on-going cost.  or 2 - Sack it off, write off the expense already spent and use AD.

     

    HTH

  • Hi Michael,

     

    BitLocker isn't available for Windows 7 Pro though???  Would this still work with the AD thing???

     

    Paul

  • Sorry - completely missed that...Yes you'd need Enterprise/Ultimate for BitLocker. Is there a good reason why you wouldn't upgrade the PC's to Win10 with the support for Win7 rapidly running out?

Reply Children
  • No good reason, money maybe the only one I can think of dude - anyways I have asked to see if they can transfer the licences to my Sophos Central - lets see what they say.

     

    Are there any other disk encryption products out there that you would suggest?

  • I'd push for that regardless, you're out of extended support from Jan 2020 and this should be a factor in Finance making their decision. Sooner you install Win10 the better really - not that I'm plugging MS here, but for security and support it's best to move on. 

    I'll not recommend any other products here, but will send you a DM. We looked at a few products when we purchased SSG quite a good few years ago and there's more competition now. To be honest if they're as good/worse I'm not too sure.