1.6 Full Disk Encryption

The following new features have been introduced in Full Disk Encryption:

  • TCG Opal is now the supported technology for self-encrypting drives. Drive Trust is no longer supported. For a list of supported Opal 1.0 and 2.0 drives, see Hard Disks: Self-Encrypting in System Requirements in the ZENworks 11 SP3 Full Disk Encryption Agent Reference.

  • The Disk Encryption policy is supported on Windows 8 devices that use traditional BIOS firmware. Windows devices that use UEFI firmware are not supported.

  • The Disk Encryption policy includes an option to block the 1394 (FireWire) port. The 1394 interface provides direct memory access, or DMA. Direct access to system memory can compromise security by providing read and write access to stored sensitive data, including encryption and authentication data used by ZENworks Full Disk Encryption. This option lets you prevent direct access to memory through the 1394 port. For more information, see Disk Encryption Policy Settings in the ZENworks 11 SP3 Full Disk Encryption Policy Reference.

  • The Full Disk Encryption Agent’s About box displays a progress bar for volume encryption and decryption.