does WHS Vail support full volume encryption solutions now ?

All replies

• 

  

  0

  Sign in to vote

  Since one of our customer (a NAS provider) want to use new WHS, and they care data security very much. I want to know:

  1) can any full volume encryption solution work on DE volumes of new WHS ?

  2) can I write a volume filter driver to encrypt these DE volumes transparently ?

  Best regards.

  Please read the release notes (specifically, the Storage section).

  • Proposed as answer by Ken WarrenModerator Friday, August 13, 2010 4:57 PM
  • Marked as answer by Theo van ElsbergModerator Sunday, August 29, 2010 10:44 PM

  Friday, August 13, 2010 2:21 PM

  Moderator
• 

  

  0

  Sign in to vote

  Thanks for your quick reply, Ken.

  I did read Vail's beta release note, it only says as following:

  "Running low-level software storage tools—for example, defragmentation, full disk encryption, or volume imaging—on server folders may cause issues. These tools have not been fully tested in this release."

  Have you any update on this known issue now?

  For example, we add a volume filter driver layer about one WHS volume, this filter will encrypt the volume's content on the fly. I wonder, if such a layer will bring troubles to WHS volume ? Such as, since WHS volume can recycle obsolete data blocks into global WHS storage pool, will a full volume encryption layer above the volume object bring troubles to this WHS volume function ?

  If a full volume encryption solution is impossible on WHS volumes, do you have any other proposed alternatives to encrypt WHS shared data ? (can EFS support share folder's multi-users scenario ? EFS seems not support 3rd party symmetric crypto engine yet, am I right ? )

  Best regards.

  Monday, August 16, 2010 3:02 AM
• 

  

  0

  Sign in to vote

  I think that the statement in the release notes actually makes it pretty clear: Microsoft hasn't tested the scenario you're interested in, probably because it's a very low priority for the home users who are the target audience for this product. Any official update to this statement will have to come from Microsoft; it's their product. Anything from a user is anecdotal: "I tried this, and in limited testing it seemed not to mess my data up." sort of stuff. :) Or perhaps some vendor of disk encryption tools will step forward and say that they've tested their tool on Vail and it works fine. Failing that, you can test and evaluate on your own. If you decide to go that route, I recommend that you test very thoroughly, and don't forget to test recovery scenarios.

  Note that I haven't tested this scenario either, because I have no need of full disk encryption. So I won't make any recommendations here.

  ---

  I'm not on the WHS team, I just post a lot. :)

  Monday, August 16, 2010 12:27 PM

  Moderator
• 

  

  0

  Sign in to vote

  ok, Ken, thanks very much!

  Wish Microsoft add the volume encryption feature soon, it's really a great add-value. 

  Hope any WHS team member can answer my question, I cite it here once more:

  "would a volume level encryption bring any troubles to WHS volumes, such as its obsolete block auto recycle feature or ... ?"

  I know you have not thoroughly tested volume encryption softwares yet, but, if you have already found such encryption solutions do conflict with WHS volumes, and you don't want to support such solutions in the near future (I mean, you don't want to support them in several formal releases at the beginning.) , please let us know. Your answer is very import to our product planning.

  Thanks in advance !

  Tuesday, August 17, 2010 2:02 AM