|
|
|
The Client File System Agent (CFSA) can affect the operation of the BitLocker To Go encryption feature on endpoint machines.
Specifically, if the CFSA is installed on an endpoint machine and configured to control files being saved to USB devices, BitLocker will be unable to initialize USB devices for encryption (that it, it will be unable to give these devices the "lockdown treatment"). This is because the BitLocker initialization process is denied write access to the USB device by the CFSA.
Note that this problem only occurs if the CFSA is explicitly configured to apply policy to USB devices. Also, if a USB device has been initialized by BitLocker running on a different machine, the device can used on any client machine hosting the CFSA, regardless of whether or not the CFSA is configured to apply policy to USB devices.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |