Cryptoshop Help! Cryptoshop Contact! Cryptoshop Memo! Cryptoshop Shopping Cart! Place your order! Change to german site!
+ Products
· · · · · · · · · · · · · · · · · · · · · · ·
+ Solution
  Authentication  
  Identification  
  Encryption  
  Development  
  Company Card  
  Winmagic SecureDoc  
  Installation etc  
  Entrust Group Share  
  Entrust IdentityGuard  
  Entrust Messaging Server  
  Gemalto - DAS  
  Gemalto - Protiva SA  
· · · · · · · · · · · · · · · · · · · · · · ·
+ Service
· · · · · · · · · · · · · · · · · · · · · · ·
     
Management
· · · · · · · · · · · · · · · · · · · · · · ·
Security Officer
· · · · · · · · · · · · · · · · · · · · · · ·
System Engineer
· · · · · · · · · · · · · · · · · · · · · · ·
Purchasing
· · · · · · · · · · · · · · · · · · · · · · ·
Maintenance
· · · · · · · · · · · · · · · · · · · · · · ·
 
 

Winmagic SecureDoc - Hard Disk Encryption Solution
 
INFO & KNOWLEGDE
 
SecureDoc from Winmagic Inc. is a performant application which is protecting sensitive information of a company or organisation, especially on mobile devices like notebook. This is done by encrypting the complete hard disk (including operating system) and strong user authentication.

More about how file encryption solutions are working


But the most striking feature of SecureDoc is the management via the SecureDoc Enterprise Server and its deep integration into MS Windows environment (Active Directory, Windows PKI, MS-SQL), and its scalability. Using SecureDoc Enterprise Server (SES), Secure Doc can be installed and administered remotely without any "Master Password".

Therefore SecureDoc is using "pre-boot authentication", which means, that the user has to authenticate before the operating system is loaded (because it is encrypted, of course). This authentication can be done in various ways, with simple passwords, smart cards, USB-Token and certificates of a PKI, based on PKCS#11.

Other configurable features are e.g. the encryption of external media, so that, besides USB-Sticks, on this computer made CD-ROMs are also encrypted, or e.g. the "zeroise"-function, a central administrator is able to deactive a computer remotely, (and reactivating is only possible with a certain recovery-CD)

You are interested in an presentation of Winmagic SecureDoc by an IT-Security Expert from Cryptas?
We'll show you how Winmagic SecureDoc is working! Click on:


Winmagic SecureDoc - Functionality & Criteria   What is the functionality of SecureDoc Hard Disk Encryption Solution from Winmagic. To which standards is it compliant? Which certifications are fulfilled. What is the benefit for an organisation.

Winmagic SecureDoc - Operating effort   What are the implications to the organisation workflows, when Winmagic Securedoc is deployed.

Winmagic SecureDoc - Solution in general   What is Securedoc with SES able to do, which functionality, how does it work, how does it look, what does it need? How to integrate into the environment of the organisation.

Winmagic SecureDoc - Components   What are the single components, the SecureDoc Hard Disk Drive Encryption Solution consists of.


Secure Doc Hard Encryption Client - Licencing   WinMagic’s SecureDoc Hard Disk Enryption is protecting sensitive and confidential data on notebooks by encryption of the whole hard disk with AES 256 algorithm, avoiding all problem areas of encryption and is fullfilling all the security requirements of an organisation for mobile workers.

Secure Doc Enterprise Server - Licencing   The SecureDoc Enterprise Server eases the rollout and adminstration of WinMagic SecureDoc Disk Encrpytion, as well as the recovery of passwords, smart cards or token.

Secure Doc Client - details   How is authentication and ecryption via key files realized. Which smart cards and reader will be supported in Pre-Boot?


Installation etc   Follow an installation, configuration and administration of Winmagic Securedoc and see how the user experiences this encryption solution.


ARTICLE
 
Interessting information you should know, when you are comparing various encryption solutions.
- Principle of file encryption
- How is an encryption solution working
- Problem areas of encryption
STUDY
 
But there is such an encryption solution by microsoft!

No, by no means! The Vista Bitlocker is far from Winmagic Securedoc in its features.

Limitations of MS Bitlocker for Vista
Available for Enterprise and Ultimate editions only. Not available as a separate package.
There is no support or third-party support for non-Vista platforms, including older versions of Windows (Vista has a new boot process that supports the TPM and BitLocker functionality).
If TPM-only protection of the decryption key is used with no PIN or USB device required during boot, as long as the computer is in its original state it can still be booted and subjected to normal login attack scenarios.
TPM-based deployments will likely require BIOS updates on all but the newest machines.
There is no support for smart-card-based strong authentication for release of the decryption key.
In the case where USB devices are used for added protection, it is likely that the USB key will be stored in proximity to the computer, defeating this additional layer of protection.
The first release encrypts only the boot volume and cannot be used to protect user data partitions, even on the same hard drive. In all likelihood this will be fixed in early 2008.
The first release cannot be used to protect partitions on separate physical disks, including USB-attached hard drives. This will probably get fixed in early 2008.
There is no support for removable USB flash drives in RTM or planned for SP1. Separate solutions, such as using EFS, will be required.
The 1.5 GB hidden, active, system partition may conflict with some OEM configurations (such as recovery partitions).
BitLocker is not consistent with encryption protection offered by current Windows Mobile-based devices.
By license restriction, BitLocker is not licensed for use on virtualized systems.
If using Active Directory for storing key recovery, BitLocker requires Active Directory extensions for key recovery and requires Windows Server 2003-level Active Directory with SP1 installed.
There is no architecture to change the encryption algorithm with "plug and play" CryptoAPI. AES 128 and 256 (with optional diffuser algorithm) are the only choices.
The current version is not integrated into Windows setup but is supported with unattended setup and other software push technologies.
While companies have previously had to manage the large-scale updating of BIOS, and Service Packs have updated early boot code (OS Loader), the large-scale updating of the SRTM components (which include the BIOS and OS loader) has not yet been proven.


Back to previous page!Top of page!To the startpage of Cryptoshop.com!
  Secure Doc Hard Encryption Client - Licencing  
  Secure Doc Client - details  
  Secure Doc Enterprise Server - Licencing  
  Winmagic SecureDoc - Functionality & Criteria  
  Winmagic SecureDoc - Operating effort  
  Winmagic SecureDoc - Solution in general  
  Winmagic SecureDoc - Components  
 
  SecureDoc Installation - Console & Database  
  SecureDoc Installation - SD Connex & AD Sync  
  SecureDoc Installation - Online Password Recovery  
  SecureDoc Configuration - Basics, Admins & Imports  
  SecureDoc Configuration - Building Profiles  
  SecureDoc Configuration - Client Installation Pack  
  SecureDoc Operation & Administration  
  SecureDoc - User's View  
 
Legal notice Terms and Condtitions Consumer notice Privacy Newsletter Copyright © 2004 CRYPTAS. All rights reserved