Bitlocker

All replies

• 

  

  0

  Sign in to vote

  Hi,
  
  This is available if you use the Stirling SHA/SHV. See http://technet.microsoft.com/en-us/library/dd641598.aspx for more information.
  
  -Greg

  • Proposed as answer by Greg LindsayMicrosoft employee Wednesday, April 29, 2009 10:20 PM

  Wednesday, April 29, 2009 10:20 PM
• 

  

  0

  Sign in to vote

  Thank you for the link.  In reading this do I need to purchase and install forefront clients and server to implement this? 
  
  Dan

  Thursday, April 30, 2009 12:07 PM
• 

  

  0

  Sign in to vote

  Hi,
  
  For the link that I provided, the answer is yes. Essentially, you need to have a SHA (client side) and SHV (server side) that can monitor (client) and validate (server) bitlocker. The bitlocker client service talks to the SHA, which in turn reports to the enforcement client that communicates with NPS for validation.
  
  There can be other SHAs written to perform this function, but I'm not aware of these yet. Others may know, and more might be written in the future.
  
  I know that Forefront does much more than just monitor Bitlocker, so you're getting a lot more than you asked for here. I wish the WSHA monitored this, but it doesn't have this capability yet.
  
  -Greg

  • Proposed as answer by Greg LindsayMicrosoft employee Friday, May 1, 2009 1:44 AM
  • Marked as answer by Greg LindsayMicrosoft employee Thursday, May 7, 2009 9:19 PM

  Friday, May 1, 2009 1:44 AM