BitLocker Encryption for Windows Clients

BitLocker lets you encrypt the hard drives on a Windows computer, and is an integral part of Windows. Check Point BitLocker uses the Endpoint Security Management Server, Client Agent and the SmartEndpoint UI to manage BitLocker. BitLocker Management is implemented as a Windows service component called Check Point BitLocker Management. It runs on the client together with the Client Agent (the Device Agent). Check Point BitLocker Management uses APIs provided by Microsoft Windows to control and manage BitLocker.

You can:

• Configure the BitLocker encryption policy. See Configuring a BitLocker Encryption Policy.

• Switch the encryption engine for selected clients from Check Point Full Disk Encryption to BitLocker Management, or from BitLocker Management to Full Disk Encryption. See Switching Between Check Point Full Disk Encryption and BitLocker Management.

• Take control of unmanaged computers so that they are centrally managed, either by Check Point BitLocker Management or by Check Point Full Disk Encryption. See Taking Control of Unmanaged BitLocker Computers.

• Recover data from a computer that is encrypted with BitLocker. See BitLocker Recovery.

Configure the settings for BitLocker in SmartEndpoint in the Policy tab > Full Disk Encryption rules.