Table of Contents
Advertisement
Check Point Full Disk Encryption Recovery
If system failure prevents the operating system from starting on a client computer, Check Point
Full Disk Encryption has these options:
Full Recovery with Recovery Media - Decrypts the failed disk. This takes more time than Full
Disk Encryption Drive Slaving Utility and Dynamic Mount Utility that let you access data quickly.
If system failure prevents the operating system from starting on a client computer, you can
use Full Disk Encryption Recovery Media to decrypt the computer and recover the data.
Client computers send recovery files to the Endpoint Security Management Server one time
during the initial deployment so that you can create recovery media if necessary. After the
recovery, the files are restored as decrypted, like they were before the Full Disk Encryption
installation, and the operating system can run without the Pre-boot.
After the recovery, you must install Full Disk Encryption on the computer.
Recovery Media:
n
Is a snapshot of a subset of the Full Disk Encryption database on the client.
n
Contains only the data required to do the recovery.
n
Updates if more volumes are encrypted or decrypted.
n
Removes only encryption from the disk and boot protection.
n
Does not remove Windows components.
n
Restores the original boot record.
Users must authenticate to the recovery media with a username and password. There are
the options for which credentials to use:
n
Users that are assigned to the computer and have the Allow use of recovery media
permission (in OneCheck User Settings rule > Advanced > Default logon settings)
can authenticate with their regular username and password.
n
When you create the recovery media, you can create a temporary user who can
authenticate to it. A user who has the credentials can authenticate to that recovery
media. Users do not require Allow use of recovery media permission to use the
recovery media. Smart Card users must use this option for recovery.
Creating Data Recovery Media
You can create Full Disk Encryption recovery media that can run on a failed computer to
decrypt it. Create the recovery media on the server or with an external tool.
The media can be on a CD/DVD, USB device, or REC file.
Note - Creating a recovery media on a USB flash disk formats the device and
removes all previous content.
Check Point Full Disk Encryption Recovery
R81 Harmony Endpoint Server Administration Guide | 201
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the HARMONY R81 and is the answer not in the manual?