Dual-boot Operating System Compatibility and Symantec Drive Encryption (previously PGP Whole Disk Encryption)

Article:TECH148982  |  Created: 2006-10-30  |  Updated: 2013-07-22  |  Article URL http://www.symantec.com/docs/TECH148982
Article Type
Technical Solution


Environment

Issue



Symantec Drive Encryption also known as PGP WDE does include support for dual-boot operating system environment

 


Solution



The following article describes the options available to encrypt a dual-boot system.

Symantec Drive Encryption

The Symantec Drive Encryption feature is available for use on a dual-boot system as long as you boot to an operating system supported by Symantec Drive Encryption. The currently supported operating systems include Windows XP, Windows 2000, Windows Vista, Windows 7, Ubuntu and Redhat Linux.

See the Release Notes for compatible Linux systems:

PGP Whole Disk Encryption for Linux 10.2.1 Release Notes

http://www.symantec.com/docs/DOC5543

Symantec Drive Encryption 10.3.0 for Linux Release Notes

http://www.symantec.com/docs/DOC6204

 

Note: Symantec Drive Encryption is only supported on dual-boot systems on a single hard disk.  Performing encryption on two separate hard disks is not supported.  Symantec Encryption Desktop must be installed on both operating systems before encrypting the disk.

Warning: With versions prior to PGP Desktop 10.0, do not use PGP Whole Disk Encryption to encrypt server hardware.

 

Partition Encryption

Be aware when using Partition mode encryption, this mode only supports dual-booting with another operating system (such as Linux) as long as you encrypt only the Windows partition. The unsupported operating system must be on separate non-encrypted partition.  If encrypting both OS partitions is desired, Full Disk encryption mode must be used instead of Partition mode.

For a common dual-boot-environment with Windows and Linux, install them as usual - Windows first and then Linux afterwards. You can install grub in the MBR of the system disk, typically /dev/sda. When using a version of Linux that is not supported by PGP Desktop/Symantec Encryption Desktop, you have to only encrypt the Windows partition. When you boot, the bootguard will come up and you can authenticate. Grub will be loaded with the usual menu and you can load the encrypted Windows or the other, non-encrypted operating system.

Note: For additional information on partition encryption, please read the article at the following link. Partition encryption for Windows




Legacy ID



679


Article URL http://www.symantec.com/docs/TECH148982


Terms of use for this information are found in Legal Notices