Wave BitLocker Manager 35-001049-6 Leaflet
Product codes
35-001049-6
Simplifying Encryption and Authentication
Wave Systems Corp.
480 Pleasant Street, Lee, MA 01238
(877) 228-WAVE • fax (413) 243-0045
www.wave.com
Copyright © 2010 Wave Systems Corp. All rights reserved.
Wave “Juggler” and EMBASSY logo are registered trademarks of Wave Systems Corp. All other brands are the property
of their respective owners. Distributed by Wave Systems Corp. Specifications are subject to change without notice.
03-000282/version 1.05
Access Recovery and the Help Desk
Wave for BitLocker Management reduces the operational
costs associated with BitLocker by providing centralized
access recovery and role-based Help Desk functions. Using
TPM-based access controls improves the security BitLocker
costs associated with BitLocker by providing centralized
access recovery and role-based Help Desk functions. Using
TPM-based access controls improves the security BitLocker
provides and in doing so binds the hard drive to a particular
PC. Wave for BitLocker Management provides remote reset
and re-provisioning of TPM-based access credentials without
requiring the drive contents to be decrypted and subsequently
re-encrypted. This facilitates a smooth migration of a drive
from one PC to another in the event of hardware failure and,
in addition, provides access recovery for users who have
forgotten their TPM PIN.
PC. Wave for BitLocker Management provides remote reset
and re-provisioning of TPM-based access credentials without
requiring the drive contents to be decrypted and subsequently
re-encrypted. This facilitates a smooth migration of a drive
from one PC to another in the event of hardware failure and,
in addition, provides access recovery for users who have
forgotten their TPM PIN.
The use of “roles” allows organizations the ability to define
and delegate tasks within groups, while functioning across
the organization — off-loading non-IT specific tasks to
other individuals, such as help-desk personnel. Wave for
BitLocker Management can be used to manage role definitions,
task definitions and role assignments. Wave’s pre-defined
browser-based Help Desk role allows for:
and delegate tasks within groups, while functioning across
the organization — off-loading non-IT specific tasks to
other individuals, such as help-desk personnel. Wave for
BitLocker Management can be used to manage role definitions,
task definitions and role assignments. Wave’s pre-defined
browser-based Help Desk role allows for:
Drive migration in the event of a damaged PC motherboard
•
User access recovery in the case of lost or forgotten
•
access credentials
Changing access rights when a PC is passed from one
Changing access rights when a PC is passed from one
•
employee to another
Periodically changing access credentials based on
Periodically changing access credentials based on
•
internal policy
Auditing and Reporting
Wave for BitLocker Management comes with a standard set
of activity reports that can be used to provide the status of
your enterprise-wide BitLocker installation. In addition to
static reports, Wave for BitLocker Management also generates
detailed server logs of all BitLocker events on a per machine
basis. These logs include a real-time view of when BitLocker
is initialized, locked and unlocked and when access passwords
and recovery keys are created or changed. Wave for BitLocker
Management reports and server logs are essential tools for
compliance — delivering a secure record of proof that data was
protected in the event of a lost or stolen PC.
of activity reports that can be used to provide the status of
your enterprise-wide BitLocker installation. In addition to
static reports, Wave for BitLocker Management also generates
detailed server logs of all BitLocker events on a per machine
basis. These logs include a real-time view of when BitLocker
is initialized, locked and unlocked and when access passwords
and recovery keys are created or changed. Wave for BitLocker
Management reports and server logs are essential tools for
compliance — delivering a secure record of proof that data was
protected in the event of a lost or stolen PC.
Logs include activation/deactivation, user access, PIN
•
reset and password recovery events
Reports are comprised of standard and ad hoc queries with
Reports are comprised of standard and ad hoc queries with
•
detailed information on both user and device status
Provides export of the full log database for assimilation
Provides export of the full log database for assimilation
•
with 3rd-party reporting tools for graphic rendering and
complex data analysis
complex data analysis
Fast Facts:
Provides remote discovery and activation
3
of BitLocker client machines
Enforces consistent policy settings across
3
BitLocker clients
Secures BitLocker recovery passwords in
3
an encrypted database
Logs that have access to BitLocker recovery
3
passwords and can record their usage
Reports on the state of BitLocker settings,
3
keeping an active log of changes
Monitors all BitLocker events for
3
activation, policy management and user
access and recovery
Simplifies TPM activation for BitLocker
3
key protection and core route of trust
measurement (CRTM)
Wave for BitLocker
Management
Trusted Platform
Module
USB Start-up Key
Password/PIN
Authentication
ERAS Core:
Management Control
SQL Database:
Auditing/Reporting
Help Desk:
Recovery
BitLocker
Client
BitLocker
GPO
Corporate Network
Microsoft, Windows, and BitLocker are either registered trademarks or trademark of the Microsoft group of companies.