Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 5527 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to View Slaved Drive Data.

BenjaminSkripnik

I have slaved a Sophos SafeGuard encrypted drive to my computer and added the boot key to my ID in Safeguard, but I am not able to open the volume on a Windows machine or mount the volume on a Mac.  I am logged in as myself and have the boot key for the machine that the drive was in added to my ID in Safeguard.  I am needing to pull the data off of the drive and onto another machine, but I don't know if I am missing anything or what the issue may be.  Please help.

Thank you,



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Ben,

    You might just have the wrong key assigned, does the drive show with a red key against it?

    These instructions describe how to slave a drive to an SGN client, and decrypt that slaved drive. Upon completion, in order to boot to the drive the MBR must be re-written. Start by following the process in KBA 108156, page 15, to slave a drive and find the right key:

    Article ID: 108156
    Title: SafeGuard Enterprise: Recovery scenarios
    URL: sophos.com/.../108156 

    Once the hard drive is slaved you will need to create a decryption policy. Decryption is never automatic, it must be manually triggered from the client machine.

    1. Create a new device protection policy in the Management Center
    2. Set the target to 'Local Storage Devices\Drive Letters'. This will allow you to decrypt any hard drive connected to the computer.
    3. Set the Media encryption mode to 'Volume based'
    4. Change the setting 'User may decrypt volume' to Yes
    5. Change the Media encryption mode to 'No encryption'
    6. Click Save
    7. Apply this policy to the OU or group containing the user or computer that will be decrypting the slaved hard drive. Click Save.
    8. Synchronize the client. You should have received new policies. After receiving the new policies you should be able to right click the slaved drive in Windows Explorer and see that the 'Encryption' context menu item is no longer greyed out, and you can now click 'Decryption'
    The drive will take roughly as long to decrypt as it did to encrypt. Once decrypted you may want to re-write the MBR to skip over the SafeGuard kernel. You can use either a Windows disk or WinPE (KB 108805) to do this.

    Article ID: 108805
    Title: Recovering data from a volume-based encrypted SafeGuard Device Encryption Client
    URL: https://sophos.com/kb/108805

    The following related KBA may also be of some assistance

    Article ID: 108411
    Title: How to allow a user to decrypt a SafeGuard Enterprise Client
    URL: https://sophos.com/kb/108411

    Hope that helps Ben.

Reply
  • FormerMember
    0 FormerMember

    Hi Ben,

    You might just have the wrong key assigned, does the drive show with a red key against it?

    These instructions describe how to slave a drive to an SGN client, and decrypt that slaved drive. Upon completion, in order to boot to the drive the MBR must be re-written. Start by following the process in KBA 108156, page 15, to slave a drive and find the right key:

    Article ID: 108156
    Title: SafeGuard Enterprise: Recovery scenarios
    URL: sophos.com/.../108156 

    Once the hard drive is slaved you will need to create a decryption policy. Decryption is never automatic, it must be manually triggered from the client machine.

    1. Create a new device protection policy in the Management Center
    2. Set the target to 'Local Storage Devices\Drive Letters'. This will allow you to decrypt any hard drive connected to the computer.
    3. Set the Media encryption mode to 'Volume based'
    4. Change the setting 'User may decrypt volume' to Yes
    5. Change the Media encryption mode to 'No encryption'
    6. Click Save
    7. Apply this policy to the OU or group containing the user or computer that will be decrypting the slaved hard drive. Click Save.
    8. Synchronize the client. You should have received new policies. After receiving the new policies you should be able to right click the slaved drive in Windows Explorer and see that the 'Encryption' context menu item is no longer greyed out, and you can now click 'Decryption'
    The drive will take roughly as long to decrypt as it did to encrypt. Once decrypted you may want to re-write the MBR to skip over the SafeGuard kernel. You can use either a Windows disk or WinPE (KB 108805) to do this.

    Article ID: 108805
    Title: Recovering data from a volume-based encrypted SafeGuard Device Encryption Client
    URL: https://sophos.com/kb/108805

    The following related KBA may also be of some assistance

    Article ID: 108411
    Title: How to allow a user to decrypt a SafeGuard Enterprise Client
    URL: https://sophos.com/kb/108411

    Hope that helps Ben.

Children
No Data
Unfiltered HTML