Meraki

Community

Windows disk encryption through Systems Manager?

MrLeoChan
Comes here often
‎Aug 23 2017 12:39 PM
‎Aug 23 2017 12:39 PM

Windows disk encryption through Systems Manager?

I know for OSX, there is an option in the Systems manager to select FileVault. Does Windows have an option for that? If not, what programs are you using? Bitlocker?

0 Kudos
17 Replies 17
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 27 2017 12:21 AM
‎Aug 27 2017 12:21 AM

We only use BitLocker.

0 Kudos
felix_fx2
Conversationalist
‎Sep 25 2017 3:34 AM
‎Sep 25 2017 3:34 AM

I am using bitlocker, nope Systems manager has no option to enforce bitlcker nor can it monitor.

I am suffering due to it.

0 Kudos
In response to felix_fx2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 25 2017 11:34 AM
‎Sep 25 2017 11:34 AM

Can you control it via group policy?

0 Kudos
In response to PhilipDAth
felix_fx2
Conversationalist
‎Sep 27 2017 8:59 PM
‎Sep 27 2017 8:59 PM

Don't have a AD, Local group policy is not dependable and no visibility/reporting.

0 Kudos
In response to felix_fx2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 27 2017 9:04 PM
‎Sep 27 2017 9:04 PM

What about sending a command to every machine to turn on Bitlocker? If they have it enabled already nothing will happen. Otherwise it will turn it on.

I think the command would be something like:
manage-bde -on
or perhaps it might be safer to do:
manage-bde -on c:

Do this on a test machine first!

Here is some more info about the process:
https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-use-bitlocker-drive-enc...
0 Kudos
In response to PhilipDAth
felix_fx2
Conversationalist
‎Sep 27 2017 9:31 PM
‎Sep 27 2017 9:31 PM

I am already rolling out via another tool i have (a script agent), couldn't wait.
Now this is Geared towards reporting and enforcing, comparing with whats there for OSX in meraki MDM

 

on my wish list is systems that are enforced have the bitlocker recovery key escrowed to dashboard (instead of AD)

 

0 Kudos
In response to felix_fx2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 27 2017 9:34 PM
‎Sep 27 2017 9:34 PM

Are you by chance using Office 365?
0 Kudos
In response to PhilipDAth
felix_fx2
Conversationalist
‎Oct 19 2017 9:34 PM
‎Oct 19 2017 9:34 PM

we are powered by Google

0 Kudos
In response to felix_fx2
Phil1
Here to help
‎Jun 6 2018 9:34 PM
‎Jun 6 2018 9:34 PM

Following topic as I would also love a solution to this. I am in the same boat as we are powered by google. @felix_fx2 did you manage to get any decent solution in place?
0 Kudos
In response to Phil1
PatrickL
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jun 14 2018 1:12 PM
‎Jun 14 2018 1:12 PM

Hi everyone,

 

We have an early beta version of BitLocker management in testing right now. If anyone is interested in providing feedback, please fill out this form and we'll reach out if we see a match!

In response to PatrickL
felixfx2
Here to help
‎Jul 24 2018 1:17 AM
‎Jul 24 2018 1:17 AM

Beam me up scotty !

0 Kudos
In response to PatrickL
AITS
New here
‎Apr 23 2019 8:08 AM
‎Apr 23 2019 8:08 AM

Is Meraki close to a production release of Systems Manager to support BitLocker?

0 Kudos
In response to AITS
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 23 2019 12:42 PM
‎Apr 23 2019 12:42 PM

I don't know, but there was a BitLocker beta running last year.

0 Kudos
In response to PhilipDAth
KPA
New here
‎Sep 13 2019 5:13 AM
‎Sep 13 2019 5:13 AM

We were told by our Rep that Meraki Systems Manager would manage and enforce BitLocker but that does not seem to be the case. We ended up using TruGrid BitLocker Management since it works whether or not you have Active Directory. TruGrid does not require any scripting and does not require GPO.

Kay

0 Kudos
In response to KPA
ChemistryGP
Here to help
‎Sep 17 2019 4:57 AM
‎Sep 17 2019 4:57 AM

Not interested in paying for another application for Bitlocker management - SM should do this out the box.

 

@PhilipDAth You mentioned earlier in the thread O365 accounts - is there a workaround here?

0 Kudos
In response to ChemistryGP
T1
Building a reputation
‎Sep 17 2019 5:25 PM
‎Sep 17 2019 5:25 PM

The way they Bitlocker support is "implemented" right now, Meraki enables it and user is prompted to sign in with Microsoft account to store decryption key OR save decryption key to an external device so we had to disable it as it creates confusion.
GreenMan
Meraki Employee
Meraki Employee
‎May 12 2022 2:53 AM
‎May 12 2022 2:53 AM

An old thread, but people here may be interested in recently upgraded support for Bitlocker in Systems Manager, from Windows 10 v1803 onwards:   https://documentation.meraki.com/SM/Apps_and_Software/Windows_BitLocker_Encryption_with_Meraki_Syste...

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.