![]() In version 2010 and earlier, to use the recovery service, you need at least one management point not in a replica configuration. This configuration doesn't affect the functionality of BitLocker management in Configuration Manager. Starting in version 2103, since clients use the secure client notification channel to escrow keys, you can enable the Configuration Manager site for enhanced HTTP. If any clients are on version 2010 or earlier, they need an HTTPS-enabled recovery service on the management point to escrow their keys. When both the site and clients are running Configuration Manager version 2103 or later, clients send their recovery keys to the management point over the secure client notification channel. For example, help desk administrators can help users with key recovery. Encryption status per volume or per deviceĪllow other personas in your organization outside of the Configuration Manager console to help with key recovery, including key rotation and other BitLocker-related support. ![]() When a user unlocks the OS drive, specify whether to unlock only an OS drive or all attached drives. Manage BitLocker policies and escrow recovery keys for on-premises and internet-based clientsįor example: choose drive encryption and cipher strength, configure user exemption policy, fixed data drive encryption settings.ĭetermine the algorithms with which to encrypt the device, and the disks that you target for encryption.įorce users to get compliant with new security policies before using the device.Ĭustomize your organization's security profile on a per device basis. ![]() FeaturesĬonfiguration Manager provides the following management capabilities for BitLocker Drive Encryption: Client deploymentĭeploy the BitLocker client to managed Windows devices running Windows 8.1, Windows 10 or Windows 11. For more information on using Intune, see Windows Encryption. To manage encryption on co-managed Windows 10 or later devices using the Microsoft Intune cloud service, switch the Endpoint Protection workload to Intune.
0 Comments
Leave a Reply. |