BitLocker vs. GuardianEdge or other 3rdparty solution
We're doing a comparison of BitLocker device restriction and I have a few questions: 1) Does Bitlocker to go have a reporting capability? or , is there a 3rd party or MS reporting solution? 2) Is there a way to determine the date\time a device was connected to the machine? 3) Is there a location where I could see a sample report and the type of data that MS records for bitlocker to go? 4) What advantages does BitLocker to Go have over 3rd party solutions, like GE? Thanks JasonJason Yates
October 27th, 2010 4:38pm

Hi, Thanks for posting in Microsoft TechNet forums. For question 1, you can launch Event Viewer, navigate to Applications and Services Logs->BitLocker-Provisioning-Microsoft-IT for detailed information. Question 2, check event viewer for the exact time. Question 3, You can use SCCM to check the record. Question 4, please see below: a. You can configure group policy to limit computers running Windows 7 so that they can only write data to BitLocker encrypted USB devices that have a specific configured organizational identifier. b. It is easily integrated into Active Directory for the purposes of data recovery. Group Policy can be configured to back up BitLocker passwords as well as configure data recovery agents. c. BitLocker protects the integrity of the boot process. This means that the user of a computer protected by BitLocker will be aware in the event that their computer is tampered with. Over all, BitLocker and BitLocker to Go are great solutions for stopping unauthorized third parties from recovering data stored on lost or stolen laptop computers or USB storage devices. Best Regards Magon Liu TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
October 28th, 2010 5:49am

Well this helps to some extent. I'm finding that there really isn't good reporting. At least, it doesn't sound like there is. I know about GP. I'm less aware of SCCM. When you say, check the record, will this allow me to view USB \ pnp events- as in an audit trail?Jason Yates
October 28th, 2010 1:13pm

Hi, Thanks for posting in Microsoft TechNet forums. For question 1, you can launch Event Viewer, navigate to Applications and Services Logs->BitLocker-Provisioning-Microsoft-IT for detailed information. ” I just encrypted a flash drive and am reviewing the events in event viewer. This log you mentioned isn't listed. The only Bit locker log i have found is Bit-locker drive preparation tool. What am I missing?Jason Yates
Free Windows Admin Tool Kit Click here and download it now
October 28th, 2010 1:49pm

Hi, I am sorry to say what I mean is there is no log but only the events you saw in event viewer. Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
October 29th, 2010 3:26am

Hi, I am sorry to say what I mean is there is no log but only the events you saw in event viewer. You can refer to http://social.technet.microsoft.com/Forums/en-US/configmgrinventory/thread/5c9f9681-e665-4b3f-a83a-b554be65a921 on the SCCM product. Regards, Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
Free Windows Admin Tool Kit Click here and download it now
October 29th, 2010 3:26am

Hi, Thanks for posting in Microsoft TechNet forums. As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish. BTW, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts. Best Regards Magon Liu TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
November 2nd, 2010 11:40pm

Hi, I am sorry to say what I mean is there is no log but only the events you saw in event viewer. You can refer to http://social.technet.microsoft.com/Forums/en-US/configmgrinventory/thread/5c9f9681-e665-4b3f-a83a-b554be65a921 on the SCCM product. Regards, Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” You misunderstand me. I don't want to appear rude, but let me clarify-- I CANNOT find any events. I cannot locate the log you mentioned. And the SCCM link you sent me seems more in lines with BDE rather than B2G. I'm still looking for eventing documentation. I'm curious how MS does removable device management. If you find something relevant in regards to BitLocker to Go and eventing, please let me know. The only events I found was in the DriversFrameworks-UserMode operational log. Jason Yates
Free Windows Admin Tool Kit Click here and download it now
November 3rd, 2010 2:18pm

Hi, I am sorry to say what I mean is there is no log but only the events you saw in event viewer. You can refer to http://social.technet.microsoft.com/Forums/en-US/configmgrinventory/thread/5c9f9681-e665-4b3f-a83a-b554be65a921 on the SCCM product. Regards, Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” You misunderstand me. I don't want to appear rude, but let me clarify-- I CANNOT find any events. I cannot locate the log you mentioned. I'll look into SCCM. In the meantime, can you help me find something relevant in regards to BitLocker to Go and eventing? The only events I found was in the DriversFrameworks-UserMode operational log. Jason Yates
November 3rd, 2010 2:18pm

Jason, 1) Does Bitlocker to go have a reporting capability? or , is there a 3rd party or MS reporting solution? If you encrypt, decrypt or suspend bitlocker protection, we log that in system logs. BitLocker uses AD to backup RecoveryInformation. If you have SCCM 2007 in your environment, you can use it to generate compliance reports for your devices. 2) Is there a way to determine the date\time a device was connected to the machine? We generate an event in log that device was connected to the machine. 3) Is there a location where I could see a sample report and the type of data that MS records for bitlocker to go? If you have configure the GPO for bitlocker to backup the recoveryinformation, you can see the information in AD. Using SCCM 2007 you can generate reports and pull the data. 4) What advantages does BitLocker to Go have over 3rd party solutions, like GE? BitLocker to Go - can be enabled by a Standard User. You can configure GPO to Deny access to BTG devices not protected by BitLocker. So if a user connects his BTG device to a machine, we gice him 2 options - A> To enable bitlocker and then use his device and get Read+Write Access B> If he chooses not to enable bitlocker, then he gets Read Access Only. BTG devices - you can access data on legacy OS like Wiindows XP and Windows 2003 also. I hope this answer your questions. Thanks, ManojRegards, Manoj Sehgal
Free Windows Admin Tool Kit Click here and download it now
November 23rd, 2010 2:18pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics