ad-assurance - [AD-Assurance] RE: BitLocker operational issues
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: "Rank, Mark" <>
- To: "" <>
- Subject: [AD-Assurance] RE: BitLocker operational issues
- Date: Fri, 7 Jun 2013 21:47:34 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport01.merit.edu; dkim=neutral (message not signed) header.i=none
|
"And, if the latter is true, wouldn’t the tenant benefit from the disk encryption provided by the host?"
mark
--------------------------------------------------
Mark Rank
Project Manager - Identity & Access Mgt UCSF Information Technology Services (ITS)
email: phn:414-331-1476
--------------------------------------------------
From: [] on behalf of Michael W. Brogan []
Sent: Friday, June 07, 2013 2:40 PM To: Subject: [AD-Assurance] RE: BitLocker operational issues This link has a doc from MS that describes how to install Bitlocker on a Windows 2008 Hyper-V host. http://www.microsoft.com/en-us/download/details.aspx?id=6416
The link you cited below says
“BitLocker does not support the encryption of VHDs, but does permit storage of VHDs on a BitLocker-protected drive.”
and
“BitLocker is not supported for use within a virtual machine. Do not run BitLocker Drive Encryption within a virtual machine. You can use BitLocker in the virtual machine management operating system to protect volumes that contain configuration files, virtual hard disks, and snapshots.”
So, just to understand better, is it the case that you can’t install Bitlocker in the tenant OS but it can be installed on the Hyper-V host? And, if the latter is true, wouldn’t the tenant benefit from the disk encryption provided by the host?
--Michael
From: [mailto:]
On Behalf Of Ron Thielen
I raised the question about BitLocker operational issues, because something was nagging at the back of my mind. I asked the Windows admins and they pointed me in the right direction.
It turns out that there is a significant issue that may affect some institutions. BitLocker is not supported in virtual environments by either Microsoft or VMware. We run some of our domain controllers on VMware VMs, so this is certainly an issue for us. http://technet.microsoft.com/en-us/library/hh831507.aspx#BKMK_VHD and
I guess we have to decide whether to move our VMs to physical hardware and lose the advantages that virtualization provides or submit an alternative means statement for RC4.
Ron
|
- [AD-Assurance] BitLocker operational issues, Ron Thielen, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Rank, Mark, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Ron Thielen, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Rank, Mark, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Michael W. Brogan, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Rank, Mark, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Eric Goodman, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Ron Thielen, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Michael W. Brogan, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Rank, Mark, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Ron Thielen, 06/07/2013
- [AD-Assurance] RE: BitLocker operational issues, Ron Thielen, 06/07/2013
- Re: [AD-Assurance] RE: BitLocker operational issues, David Walker, 06/10/2013
- [AD-Assurance] RE: BitLocker operational issues, Rank, Mark, 06/07/2013
Archive powered by MHonArc 2.6.16.