PDA

View Full Version : The New FileVault




Blipp
May 2, 2011, 11:05 AM
Can anyone answer 2 questions about the new FileVault featured in Lion? I understand that it only shares it's name with the current version and that everything else is completely new. This is potentially fantastic news as it could allow us to start transitioning to FileVault instead of our current train-wreck encryption solution.

My questions:

1: How does the new FileVault deal with power on authentication? Are system files stored on a separate partition and the rest of the drive unlocked at the standard log-in screen or do you enter your password to even begin the boot process? The answer to this question could spark a laundry list of additional questions.

2: Does anyone have any experience testing the new FileVault's central manageability (currently we're using JAMF to manage our environment) and reporting abilities? We need to be able to monitor the encryption process, get updated once encryption is completed and be able to regularly query the computer to determine if it's still encrypted or if it's been re-imaged and encryption needs to be pushed again. Auditing our logs to prove a system was encrypted and was still encrypted the last time it checked in to the network is definitely a deciding factor.

I've been waiting to gain access to the Lion developer preview for a while now but since I work for a large corporation it's taking forever for our lawyers to review the license agreement. Any additional information you can offer up on the new FileVault's viability in a secure environment would be much appreciated. I'm really hoping it's more than just a security toy for home users.