Wednesday, November 26, 2008 3:13 PMIf I were to use Bitlocker on a 2008 web and database server, would I be able to connect as ususal from an XP workstation. (My thought was yes, of course.) And will bitlocker slow down the DB & web service running on the server. The server is TPM compliant and attached to the same AD as the XP workstation.
Thursday, November 27, 2008 1:52 PMGood morning Tim.
You are correct concerning client connectivity. Here several references for BitLocker / deployment, with flowcharts, and so on:
BitLocker Drive Encryption Technical Overview
Description of the BitLocker Drive Preparation Tool
Indeed, BitLocker does have an impact on disk access throughput; the tradeoff, is, of course, between efficiency and security. The below paper (published by Microsoft) has the information your are seeking.
AES-CBC + Elephant diffuserOur AES implementation uses about 20 cycles/byte for AES-CBC on a a Pentium 4. The
A Disk Encryption Algorithm for Windows Vista
diffuser takes about 10 cycles/byte. The overall cipher speed is just over 30 cycles per byte,
including various overhead. This implies that the cipher is faster than the peak data rate
of a typical disk.
Our current BitLocker implementation manages to limit the loss of performance to around
5% averaged over our test cases. Our typical end-user test scenarios show an even smaller
overhead. This is good enough to allow widespread adoption of this security technology.-------------
Please let me know if I have adequately answered your questions.
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM