|BitLocker Drive Encryption / Encrypting with BitLocker managed by SafeGuard Enterprise|
The security officer can create a policy for (initial) encryption in the SafeGuard Management Center and distribute it to the BitLocker endpoints where it is executed. It triggers the BitLocker encryption of the drives specified in the policy.
As the BitLocker clients are managed transparently in the SafeGuard Management Center, the security officer does not have to specify any special BitLocker settings for encryption. SafeGuard Enterprise knows the client status and selects the BitLocker encryption accordingly. When a BitLocker client is installed with SafeGuard Enterprise and volume encryption is activated, the volumes are encrypted by BitLocker Drive Encryption.
A BitLocker endpoint processes policies of type Device Protection and Authentication.
The following settings are evaluated on the endpoint:
For details see Device Protection.
For details see Authentication.
All other settings are ignored by the BitLocker endpoint.