How to install funtions Full Disk Encrypt by SafeGuard.

December 28, 2018 Micheal Others, Security, Sophos, Storage, Windows Server 0

Overview

  • This article will guide you to install Full Disk Encryption on Windows Client

Network Diagram

  • In the previous article, we have configured Sophos SafeGuard Server on DC-SafeGuard Server computerand Sophos SafeGuard Client on Client 1-2-3 computer.
  • In this article, we will install functions Full Disk Encryption on Client 1-2-3 computer.

Configurting

On DC-SafeGuard Server

  • Select button Start> Active Directory Users and Computer
  • Right-click trungnghia.local and select New > Organizational Unit.
  • Type BitLocker Test and select OK.
  • Select Computers.
  • Click and drag Client1 from Computers to BitLocker Test.
  • Open SafeGuard Management Center and enter your password to login.
  • Select Root in the tree-view, then select the Synchronize tab.
  • In the Directory SDN drop-down select DC=trungnghia,DC=local and click Search.
  • Tick BitLocker Test and select Sychronize.Select OK.Click Policies -> Policy Items.
  • Right-click Policy Items -> New -> Authentication.
  • Name the policy Test BitLocker POA.
  • In the tool bar click the Show default values icon to toggle between displaying and hiding the default values that will be applied for the policy
  • In Authentication session -> BitLocker Options choose TPM for BitLocker Logon Mode for Boot Volumes and choose Password for BitLocker FallBack Logon Mode for Boot Volumes.
  • Click Save to Save Policies.
  • Right-click Policy Items -> choose Device Protection.
  • Name the policy Test BitLocker Encryption.
  • Select the “Deivice Protection target” as Local Storage Devices >
  • Internal Storage > Boot volumes and then select OK
  • In the “Device Protection” pane, select the “Media Encryption Mode” as Volume based and Select the “Fast initial encryption” as Yes and select Save.
  • Right-click Policy Group >New > New Policy Group.
  • Name the group Test BitLockerDrag and Drop the two new policies (Test BitLocker POA and Test BitLocker Encryption) from Available Policies pane to Member pane and click Save.
  • In Users and Computer session, expand trungnghia.local node and select BitLocker Test in the tree-view.
  • Select Polices tab.
  • Expand Policy Groups in the “Available Policies” pane on the right and then drag the Test BitLocker policy group from the Available Polices pane to the Policy pane.
  • Tick No Override
  • Click Save to Save this config.

On Client 1 Computer

  • Double-click on the SafeGuard tray icon, to start another synchronization task
  • In the “Sophos SafeGuard BitLocker Encryption” window that appears, enter your password.
  • Click Restart and Encrypt.
  • When prompted for the “BitLocker drive encryption” password, fill in the newly created password.
  • Encryption progress is being made.
  • Encryption drive by BitLocker completed.
  • Click This PC and you will see that your drive be encrypted.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.