locked
Forefront and Bitlocker RRS feed

  • Question

  • We use Forefront Client Security on our client systems.  We are considering using Bitlocker for Windows 7 later this year.  My question is how FCS and Bitlocker behave together?  Also, we use WSUS for client definition updates.  How do the updates get installed in an encrypted environment?  Is there any documetation covering these topics?

    Thanks.
    Monday, January 11, 2010 10:55 PM

Answers

  • Hi,

     

    Thank you for the post.

     

    As far as I know, BitLocker is a full-volume encryption tool that supports custom protection and authentication methods. And FCS provides unified malware protection for operating systems. I think they can co-existing together.

     

    Regards,


    Nick Gu - MSFT
    • Proposed as answer by Nick Gu - MSFT Tuesday, January 12, 2010 3:06 PM
    • Marked as answer by Nick Gu - MSFT Tuesday, January 19, 2010 7:27 AM
    Tuesday, January 12, 2010 3:06 PM
  • We have both technologies deployed in our internal environment with ~200 laptops without any issues. Most of our clients run Windows 7, and Bitlocker encryption and password recovery policies are managed through Group Policy. WSUS / FCS don't care if the machine's laptop is encrypted with Bitlocker. Once a machine is booted into Windows, the encrypted hard disk is available for manipulation by traditional systems management processes, including virus scans and signature updates.

    You'll want to check out the references at http://technet.microsoft.com/en-us/library/cc731549%28WS.10%29.aspx.

    Josh
    • Marked as answer by Nick Gu - MSFT Tuesday, January 19, 2010 7:28 AM
    Monday, January 18, 2010 11:21 PM

All replies

  • Hi,

     

    Thank you for the post.

     

    As far as I know, BitLocker is a full-volume encryption tool that supports custom protection and authentication methods. And FCS provides unified malware protection for operating systems. I think they can co-existing together.

     

    Regards,


    Nick Gu - MSFT
    • Proposed as answer by Nick Gu - MSFT Tuesday, January 12, 2010 3:06 PM
    • Marked as answer by Nick Gu - MSFT Tuesday, January 19, 2010 7:27 AM
    Tuesday, January 12, 2010 3:06 PM
  • We have both technologies deployed in our internal environment with ~200 laptops without any issues. Most of our clients run Windows 7, and Bitlocker encryption and password recovery policies are managed through Group Policy. WSUS / FCS don't care if the machine's laptop is encrypted with Bitlocker. Once a machine is booted into Windows, the encrypted hard disk is available for manipulation by traditional systems management processes, including virus scans and signature updates.

    You'll want to check out the references at http://technet.microsoft.com/en-us/library/cc731549%28WS.10%29.aspx.

    Josh
    • Marked as answer by Nick Gu - MSFT Tuesday, January 19, 2010 7:28 AM
    Monday, January 18, 2010 11:21 PM