ZENworks Full Disk Encryption supports encryption of standard hard disks of type IDE, SATA, and PATA. Encryption of SCSI and RAID hard disks is not supported.
The Disk Encryption page shows the fixed disk volumes that are encrypted and the algorithm to use for the encryption. In addition, you can choose whether or not to allow users to create Emergency Recovery Information (ERI) files that can be used to regain access to encrypted volumes if a problem occurs with the device.
Displays the encryption settings to be applied to the device. The only setting you can change is the setting:
Block 1394 (FireWire) port: The 1394 interface provides direct memory access, or DMA. Direct access to system memory can compromise security by providing read and write access to stored sensitive data, including encryption and authentication data used by ZENworks Full Disk Encryption. Select this option to prevent direct access to memory through the 1394 port.
Displays the algorithm and key length used for encryption.
An Emergency Recovery Information (ERI) file is required to regain access to encrypted volumes if a problem occurs with the device. When the policy is applied to a device, or the policy changes, an ERI file is automatically created and uploaded to the ZENworks Server. You can also enable users to manually create ERI files and store them locally.
Allow user to create ERI files: Select this option to enable users to create ERI files. This is done through the ZENworks Full Disk Encryption Agent’s About box.
Require user to provide a strong password when creating an ERI file: The ERI file is password-protected to ensure that no unauthorized users can use it to gain access to the encrypted device. The user enters the password when creating the file. Select this option to force the user to provide a password for the file that meets the following requirements:
Seven or more characters
At least one of each of the four types of characters:
uppercase letters from A to Z
lowercase letters from a to z
numbers from 0 to 9
at least one special character ~ ! @ # $ % ^ & * ( ) + { } [ ] : ; < > ? , . / - = | \ ”
For example: qZG@3b!