Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 5 subscribers
  • Views 10388 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't get Safegaurd to manage systems with multiple drives

mkinnick

My company has been trying to implement Safegaurd Enterprise but we are really stuck right now. Our systems are primarily Windows 8.1 laptops and about half of these have 2 drives, an SSD for the OS and a mechanical drive for data. On our laptops with just SSD's Safegaurd seems to work fine - after installing and rebooting the drive starts encrypting, and there is never a prompt for where to store the Bitlocker encryption key so the TPM module seems to be storing the keys for those. However on the ones with more than one drive the C: drive will start encrypting right away but we are prompted for a location to store the encryption key for the other drive. The laptops are a mix of different models with different models of hard drives and we've tried replacing the drives with all the different models that we have available and it does not make a difference. None of the hard drives we've tried are on Sophos' list of OPAL drives that are known to have issues with Safeguard managing Bitlocker on them.

I've had a ticket open with support for the last week or so and the only thing they've really been able to suggest is to clear the TPM and try installing again. Tried this a number of times and have had no luck. Help???

:55332


This thread was automatically locked due to age.
Parents
  • 0

    Hi mkinnick,

    I guess you are currently using SafeGuard Enterprise version 6.10 to protect your clients? In SafeGuard Enterprise 6.10 there is an own implementation for the auto-unlock of data drives (the BitLocker integrated automatic unlock function is not used). This means that:

    • Auto-unlock is activated by default but requires that the system volume is encrypted (or at least the encryption is started).
    • After applying the encryption policy, the user needs to manually store the start-up key of the data volume on the encrypted system volume. The key (a *.bek file) will be stored in the root of the volume but is hidden.

    This process has been changed / improved with the new release. As of SafeGuard Enterprise version 7.0 the BitLocker integrated unlock function is utilized and the process is transparent for the end user.

    Cheers,

    ChrisD

    :55346
Reply
  • 0

    Hi mkinnick,

    I guess you are currently using SafeGuard Enterprise version 6.10 to protect your clients? In SafeGuard Enterprise 6.10 there is an own implementation for the auto-unlock of data drives (the BitLocker integrated automatic unlock function is not used). This means that:

    • Auto-unlock is activated by default but requires that the system volume is encrypted (or at least the encryption is started).
    • After applying the encryption policy, the user needs to manually store the start-up key of the data volume on the encrypted system volume. The key (a *.bek file) will be stored in the root of the volume but is hidden.

    This process has been changed / improved with the new release. As of SafeGuard Enterprise version 7.0 the BitLocker integrated unlock function is utilized and the process is transparent for the end user.

    Cheers,

    ChrisD

    :55346
Children
No Data
Unfiltered HTML