Forum Discussion

boi's avatar
boi
Icon for Nimbostratus rankNimbostratus
Dec 01, 2020

Using hard drive encryption endpoint checks with BitLocker

I'm looking to see if I can get some advice on implementing Client Side Endpoint Checks that will check to see if the machine requesting VPN access has their hard drives encrypted with BitLocker.

 

Our organization would like to up our security posture by implementing hard drive checks on all machines that log on to the VPN. When testing this I got about a 50% success rate but I'm not sure why some machines are getting through but others aren't. (We have a policy that all computers must be BitLockered)

 

Our current rule looks like this:

and we get error messages in our logs that look like this:

Session variable 'session.check_software.last.hd.item_1.errors' set to '-32 - Access denied - Invoke(MID_HDENCRYPTION_GETENCRYPTIONSTATE, &locationProp, &stateProp) -32 - Access             denied - Invoke(MID_HDENCRYPTION_GETENCRYPTIONSTATE, &locationProp, &stateProp) '

 

I haven't found a lot of information that is helpful and that is why I'm asking this question here. I will try and answer any questions that you have as quickly as I can. Does anyone have any hints or suggestions?

 

No RepliesBe the first to reply