Full Disk Encryption versus Sleep

As part of my Symantec Endpoint Encryption (SEE) upgrade, I verified that the new version worked with our main computer models.   During that testing, I looked at how boot/shutdown times changed, and verified that the system could still reboot and enter/exist sleep and hibernate correctly.  The only problem that came out of that testing was …

Continue reading ‘Full Disk Encryption versus Sleep’ »

Symantec EndPoint Encryption Installer

Symantec Endpoint Encryption (SEE) 8.0.1 is my first upgrade since Symantec purchased GuardianEdge.  It is a newer version inspite of being a lower number than GuardianEdge 9.5.x.    I guess it is really too soon to expect big changes.   I was hoping they would address some of the installer annoyances. With SEE, you install a management server, …

Continue reading ‘Symantec EndPoint Encryption Installer’ »

Migrating FDE Vendors

I was asked recently via email how to pragmatically uninstall GuardianEdge.   I’d been thinking about something similar, that is how do you migrate endpoint security vendors including Full Disk Encryption. To a certain extent this problem doesn’t affect very many people.   Is Full Disk Encryption installed at many companies outside the Federal Government and Government …

Continue reading ‘Migrating FDE Vendors’ »

Hibernate and FDE

Earlier this week, I read this article reporting on Passware’s presentation at Password^20.   It reported that if you are using BitLocker or TrueCrypt and you’ve ever used hibernate, then Passware Kit Forensic is able to recover the encryption key from the Hibernate file.   The recommendation was “NEVER EVER EVER EVER allow hibernation for any computer.” I found …

Continue reading ‘Hibernate and FDE’ »

GuardianEdge Windows 7 Looking Back

Like a lot of companies we are trying to go to Windows 7 sooner rather than later. We skipped Vista and XP is starting to seem a bit old. One of the things holding us back is GuardianEdge’s Full Disk Encryption product. Here’s our timeline. In October 2009 I asked GuardianEdge about Windows 7 support …

Continue reading ‘GuardianEdge Windows 7 Looking Back’ »

GuardianEdge 9.5.1 Patch 1

GuardianEdge 9.5.1 patch 1 was released to address the Dell issues that I previously wrote about. Support provided client installer packages so I could quickly see if this also fixed the issue I had with the Toshiba (sadly it did not).   Not sure if I’m going to get a chance to verify this patch resolves the …

Continue reading ‘GuardianEdge 9.5.1 Patch 1’ »

GuardianEdge 9.51 issues with some Dell

I’ve been doing more testing with GuardianEdge 9.5.1 since my last post on the subject.   A Dell E6500 with Windows 7 64 bit wouldn’t get to the GuardianEdge pre-boot authentication screen.  I attributed that to issues specific to Windows 7 64 bit and possibly a OEM drive partition.   So I went ahead and tried to upgrade …

Continue reading ‘GuardianEdge 9.51 issues with some Dell’ »

GuardianEdge 9.5.1, Windows 7 and Me

Long time readers, and anyone who has ever Googled “Guardian Edge” recall my intense dissatisfaction with GuardianEdge 8.7 and Vista on my Toshiba Laptop. Everything old is new again. GuardianEdge released 9.5.1 last month so we finally have support for Hard Disk Encryption with preboot authentication on Windows 7. The short version of the story …

Continue reading ‘GuardianEdge 9.5.1, Windows 7 and Me’ »

Symantec buys PGP and GuardianEdge

I’ve been waiting for Symantec to buy GuardianEdge ever since they started selling a rebranded GuardianEdge encryption product. It seems every other endpoint security company bought a dancing partner over the past year or two and Symantec was merely renting. When Symantec bought MessageLabs, I was very concerned. I like MessageLabs and was afraid of …

Continue reading ‘Symantec buys PGP and GuardianEdge’ »

BitLocker vs Third Party FDE

Like many organizations, we skipped Vista. So with Windows 7 we are facing the question “is Windows 7 good enough” or do we still need to pay for a third-party full disk encryption (FDE) product. This question was asked back in 2006 at the SANS Desktop Encryption Summit. The FDE vender’s felt their product was …

Continue reading ‘BitLocker vs Third Party FDE’ »