Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 9 subscribers
  • Views 23461 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safeguard Encryption on a Terminal Server

MoeAye

 How can I let Terminal server users to access encrypted files? The client has a lot of remote users and uses terminal services. I'm wondering how to make it work with safeguard encryption since they can't access encrypted files without the safeguard client?



This thread was automatically locked due to age.
Parents
  • 0

    Hi MoeAye,

     

    As far as i know, you must use LanCrypt since Safeguard cannot be installed on servers (i´m assuming that the remote users don´t have the Safeguard client installed). So you have must use a different product.

  • 0 in reply to PeterRL

    Hi PeterRL,

    Thank you for your reply. No the remote users don't have the client installed. Will that make a difference? Will they be able to map safeguard client to the remote session?

    Now I just tried LanCrypt and the problem with LanCrypt is that it is not compatible with the existing Keyring. I can't import current keyring to LanCrypt. We have currently encrypted share folders with safeguard enterprise remote users need access to those files. I tried to use SGportable but not ideal for the same reason. In Sophos Lab, the bitlocker client is windows server 2012 R2 and the other is server 2008 I believe. And the client installer can be installed just fine. But I can't even install it on the server in real life. Let me know if you have any other ideas.

  • 0 in reply to MoeAye

    Hi,

    Well, if your remote users have the SafeGuard client installed, they will have the keyring available, thus, access to the encrypted information will be available.

    I never tested LanCrypt, but as far as i was informed, it´s not possible to use the SafeGuard keyring on LanCrypt. They are two different products with different key management. As stated, i never have tested (despite that i was informed officially) - so you can try to reach Sophos to double check with them.

  • 0 in reply to PeterRL

    Hey Peter,

     

    I don't think that will help. Because we tried it from local PC which has SG client installed and there no way to carried into RDP session. Thanks for your input. I'm contacting sophos as we speak. Hope they can help. I'll post the update.

  • 0 in reply to MoeAye

    Hi MoeAye,

    I can confirm what Peter has explained, as well as your findings.

    In order to access encrypted files in a TS session you need LAN Crypt (it has a special TS client). SafeGuard Enterprise doesn't allow you to do that.

    It is also not possible to mix both products, as they work differently. Or to be more precise: the difference is in the keys, and there is no way to export/import keys from one to the other.

    Hope this helps,

    Vince

  • 0 in reply to Vincent Vanbiervliet

    I haven't got any luck with Sophos support as usual. Do you guys know where I can download LanCrypt client? I found a compatibility Component but I can't find the actual client that is compatible with Terminal server. I found a release note for it but not the actual software. Can you guys help me out with that?

  • 0 in reply to MoeAye

    Hi MoeAye,

    SafeGuard LAN Crypt has a management part and a client part. To work with it you need both. If you have a license for it you can download it from 

    https://www.sophos.com/en-us/support/downloads/data-protection/safeguard-lancrypt.aspx

    If not you can request an evaluation from your local Sophos office.

    “First things first, but not necessarily in that order” – Doctor Who

Reply Children
No Data
Unfiltered HTML