Endpoint Encryption

 View Only
  • 1.  Endpoint Encryption 11.0

    Posted Nov 08, 2014 08:29 PM

    I am attempting to encrypt a virtual Windows 2012 server on ESXi using the new 11.0 console.  I was able to successfully encrypt the C drive.  I have a second disk attached but when I try to encrypt that drive, it never starts.  Any ideas what I am doing wrong?

    Also, is there a command line with documentation for this version? 



  • 2.  RE: Endpoint Encryption 11.0

    Posted Nov 10, 2014 07:01 PM

    Hi Tedkar,

    At this time SEE V11 does not support multiple seperate drives for encryption, it will secure partitions on a a single basic disk. You can find the documentation(Including a CLI guide) here:

    http://www.symantec.com/business/support/index?page=content&key=55414&channel=DOCUMENTATION

    I'm not sure what the official support statement is on Windows Server running on ESXi, but Symanted Drive Encryption V 10.3.2 should be better able to handle your use case.



  • 3.  RE: Endpoint Encryption 11.0

    Posted Nov 18, 2014 10:33 PM

    Hi, that is odd because when I contacted sales and described exactly what I wanted to do they said it supported it.  In addition, prior to using  11.0.0, I attempted to use 10.3.2 and ran into the same problem.

    I found the command line documentation for this product so thank you.

    I will attempt again to try to use 10.3.2 to see if I can encrypt a second disk.  The crazier question after that is it possible to encrypt a shared disk in a cluster?  For example, two windows servers with Microsoft Failover Cluster installed, there is a shared disk between them.  Can you encrypt that disk even with 10.3.2?  Pre Sales guy said it should be able to be done.

     



  • 4.  RE: Endpoint Encryption 11.0
    Best Answer

    Broadcom Employee
    Posted Nov 24, 2014 05:42 AM

    Hi tedkar,

    Regarding shared disk in cluster I would verify if it meets our Best Practice Symantec Drive Encryption criteria

    http://www.symantec.com/docs/TECH149543

    --snip--

    Supported Disk Types

    • Desktop or laptop disks, including solid-state drives (either partitions, or the entire disk).
    • External disks, excluding music devices and digital cameras.
    • USB flash disks.
    • GPT partitions with UEFI: Refer to article TECH203071 for more details and requirements on UEFI support and Symantec Drive Encryption (Windows 7 UEFI is supported only with 64-bit and Symantec Drive Encryption 10.3.2 and above).
    • The following formatted disks or partitions are supported: 04 (FAT16), 06 (FAT16B), 07 (NTFS), 0B (FAT32).


    Unsupported Disk Types

    • Dynamic disks.
    • SCSI/SAS drives/controllers.
    • Software RAID disks.
    • Diskettes and CD-RW/DVD-RWs.
    • exFAT formatted disks.
    • Any configuration where the system partition is not on the same disk as boot partition.

    -----------------