I agree. And although we've also been using OST files all along, we have close to 100 laptops deployed here, all using PGP WDE, never a hint of an issue. I think the vendor has some broken widgets they haven't identified yet, though that's just an instinct.
On Mon, Oct 3, 2011 at 6:06 AM, James Rankin <[email protected]> wrote: > Did this issue show itself when they tested the outsourced solution on your > first lot of guinea-pig users? or has it just shown up since a full > migration? > > I'm still disinclined to believe that the PGP product is simply > "incompatible". Have they managed to prove this beyond a reasonable doubt > yet? > > > On 3 October 2011 14:01, David Lum <[email protected]> wrote: > >> " Other than outsourced Exchange, what else has changed?" >> Nothing. At. All. >> >> We've followed their recommendations and given some uses new machines with >> SSD drives, i5 processors, etc, no change. I have been forwarding your guys' >> comments to our team that's working this, so I really appreciate your guys' >> input! >> >> From PGP's documentation - wrappage ( >> http://www.google.com/url?sa=t&source=web&cd=2&ved=0CDMQFjAB&url=http%3A%2F%2Fdownload.pgp.com%2Fpdfs%2Fwhitepapers%2FHWDEW_WP.pdf&ei=F7GJTtq3LqriiAL39cmkDA&usg=AFQjCNEmg2M8ZQVBWdVogIxSLCwCok7m7w >> ) >> >> " A boot sequence executes during the startup process of Microsoft® >> Windows, Apple Mac OS X, or Linux® operating systems. The boot system is the >> initial set of operations that the computer performs when it is switched on. >> A boot loader (or a bootstrap loader) is a short computer program that loads >> the main operating system for the computer. The boot loader first looks at a >> boot record or partition table, which is the logical area “zero” (or >> starting point) of the disk drive. Whole disk encryption modifies the zero >> point area of the drive. >> >> File System Basics >> During the boot process, the system initializes file systems. >> When a user requests access to a file (i.e., creates, opens, or deletes a >> file), the request is sent to the operating system input/output (I/O) >> manager, which forwards the request to the file system manager. The file >> system manager processes data in blocks. >> >> Life with Encryption: Business as Usual >> Most whole disk encryption software operates in conjunction with the file >> system architecture. It filters I/O operations for one or more file systems >> or file system volumes. When a drive is encrypted with whole disk encryption >> for the first time, it converts unencrypted drive blocks into encrypted >> blocks one at a time (Figure 2). >> >> Decrypted data is never available on the disk. >> When a user access a file, PGP Whole Disk Encryption decrypts the data in >> memory before it is presented for viewing. If the user makes any changes to >> the file, the data is encrypted in memory and written back to the relevant >> disk drive blocks just as it would be without encryption. Because PGP Whole >> Disk Encryption operates in conjunction with the file system, there is no >> additional wear and tear or performance impact beyond normal disk operation. >> As far as the user is concerned, it’s business as usual, and the underlying >> mechanism of encryption/decryption is completely transparent." >> >> Not quite as detailed as what Michael sent about Bitlocker >> >> -----Original Message----- >> From: Ken Schaefer [mailto:[email protected]] >> Sent: Saturday, October 01, 2011 6:55 AM >> To: NT System Admin Issues >> Subject: RE: Outsourcing Exchange >> >> This is all rubbish. >> >> If PGP works a file system filter driver (Microsoft's API for AV etc for >> hooking into disk read/writes) then either PGP is corrupting the files >> (unlikely since you never had this problem before), or some other FSF driver >> is causing the problem (again unlikely, since you've never had this problem >> before), or something else is causing the problem. Other than outsourced >> Exchange, what else has changed? >> >> Cheers >> Ken >> >> -----Original Message----- >> From: David Lum [mailto:[email protected]] >> Sent: Saturday, 1 October 2011 2:45 AM >> To: NT System Admin Issues >> Subject: RE: Outsourcing Exchange >> >> We have talked about Bitlocker, but there's no guarantee that will be any >> better. Heck our Exchange provider didn't know PGP was an issue, and 'll bet >> PGP is more prevalent than Bitlocker. >> >> We're being steered to Win7/Office 2010/Remove PGP as all being needed to >> help resolve these issues. At 500 employees at least 450 are on XP / Office >> 2007 and 300+ have PGP on them. The Win7/2010 end state is desirable, it's >> the compressed timeframe that isn't. >> >> Dave >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < >> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > ****** IMPORTANT INFORMATION/DISCLAIMER ***** > > This document should be read only by those persons to whom it is addressed. > If you have received this message it was obviously addressed to you and > therefore you can read it, even it we didn't mean to send it to you. > However, if the contents of this email make no sense whatsoever then you > probably were not the intended recipient, or, alternatively, you are a > mindless cretin; either way, you should immediately kill yourself and > destroy your computer (not necessarily in that order). Once you have taken > this action, please contact us.. no, sorry, you can't use your computer, > because you just destroyed it, and possibly also committed suicide > afterwards, but I am starting to digress...... * > > * The originator of this email is not liable for the transmission of the > information contained in this communication. Or are they? Either way it's a > pretty dull legal query and frankly one I'm not going to dwell on. But > should you have nothing better to do, please feel free to ruminate on it, > and please pass on any concrete conclusions should you find them. However, > if you pass them on via email, be sure to include a disclaimer regarding > liability for transmission. > * > > * In the event that the originator did not send this email to you, then > please return it to us and attach a scanned-in picture of your mother's > brother's wife wearing nothing but a kangaroo suit, and we will immediately > refund you exactly half of what you paid for the can of Whiskas you bought > when you went to Pets** ** At Home yesterday. * > > * We take no responsibility for non-receipt of this email because we are > running Exchange 5.5 and everyone knows how glitchy that can be. In the > event that you do get this message then please note that we take no > responsibility for that either. Nor will we accept any liability, tacit or > implied, for any damage you may or may not incur as a result of receiving, > or not, as the case may be, from time to time, notwithstanding all > liabilities implied or otherwise, ummm, hell, where was I...umm, no matter > what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * > > * The comments and opinions expressed herein are my own and NOT those of > my employer, who, if he knew I was sending emails and surfing the seamier > side of the Internet, would cut off my manhood and feed it to me for > afternoon tea. * > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- David _____________________ *Worry is the darkroom where negatives can develop. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
