Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Using hard drive encryption endpoint checks with BitLocker

boi
Nimbostratus
Nimbostratus

‎01-Dec-2020 12:28

I'm looking to see if I can get some advice on implementing Client Side Endpoint Checks that will check to see if the machine requesting VPN access has their hard drives encrypted with BitLocker.

 

Our organization would like to up our security posture by implementing hard drive checks on all machines that log on to the VPN. When testing this I got about a 50% success rate but I'm not sure why some machines are getting through but others aren't. (We have a policy that all computers must be BitLockered)

 

Our current rule looks like this:

0691T000009jxutQAA.png

and we get error messages in our logs that look like this:

Session variable 'session.check_software.last.hd.item_1.errors' set to '-32 - Access denied - Invoke(MID_HDENCRYPTION_GETENCRYPTIONSTATE, &locationProp, &stateProp) -32 - Access             denied - Invoke(MID_HDENCRYPTION_GETENCRYPTIONSTATE, &locationProp, &stateProp) '

 

I haven't found a lot of information that is helpful and that is why I'm asking this question here. I will try and answer any questions that you have as quickly as I can. Does anyone have any hints or suggestions?

 

Labels:
0 REPLIES 0
Copyright © 2023 Khoros, LLC