Does the Intel 520 Series SSD work with BitLocker to use the drive's intrinsic hardware encryption, instead of BitLocker's software encryption. We are testing a number of SSDs with Windows 8.1.
Some drives do this-- the encryption/decryption is immediate and offloads the encryption process from the CPU. I've gotten the Samsung 840 EVO line to do this, but not the Intel 520 Series.
Is BitLocker hardware encryption not supported by the Intel 520 Series drives? If not, which series Intel SSDs do support BitLocker hardware encryption?
Thanks for posting your question.
Intel® SSDs use a built-in hardware encryption which is independent from Bitlocker*. As far as I can see, http://windows.microsoft.com/en-us/windows-vista/hardware-requirements-for-bitlocker-drive-encryptio... Bitlocker's requirements just involve having 2 partitions and NTFS in the drive, besides TPM on the board.
I will update this thread if I find more information about this.
Joe-- Is your answer an official reply from Intel? Are you an Intel employee?
I think there is more to it than whether the SSD performs hardware encryption. The Samsung 840 line had a recent firmware upgrade that allowed the hardware encryption to be controlled by BitLocker. Prior to this upgrade, the Samsung SSDs were not compatible with BitLocker hardware encryption.
The SSD needs to pass the encryption key back and forth from the TPM chip for BitLocker to use intrinsic hardware encryption instead of BitLocker's usual software encryption.
Yes, I am.
It's pretty convenient because encryption/decryption is so fast (immediate).
If you open a command line in windows\system32 and type
manage-bde -status c:
it returns a description of the encryption status which includes a line
Encryption Method: Hardware Encryption - 220.127.116.11.1618.104.22.168
confirming that hardware encryption is being used.
To run eDrives with Microsoft BITLocker you need UEFI-Firmware 2.3.1 with support of "EFI_STORAGE-SECURITY_COMMANFD_PROTOCOL".
Do the Mainboards DZ87KTL-75K and DH87MC support this?
Klaus-- I'm a corporate IT person, in a department that is outfitted with HP Compaq Elite 8300 small form factor computers. These computers were delivered a few months ago, and have the firmware that was shipped (HP has no firmware updates listed).
We installed Windows 8.1 enterprise 64 bit (UEFI boot) on Samsung 840 EVO SSDs (having updated the firmware in the SSD) and eDrive hardware encryption worked. Same process and hardware encryption did not work on the Intel SSD.
I'd be happy to get you more information, but I don't know how to answer your question about the Intel Mainboards.
thank you for your answer.
I am planing a desktop-PC for private use with Samsung or INTEL SED. These INTEL-Boards are the only ones I found which support ATA-Security. But do they support eDrive hardware encryption with BITLocker?
I hope joe_intel can answer my question.
What about motherboard, chipsets, and BIOSes that support SED (self-encrypting drives)?
Apparently it requires support for the Opal 2.0 specification as well as few other things.
See http://forums.crucial.com/t5/Solid-State-Drives-SSD-Knowledge/System-Requirements-for-M500-Hardware-... System Requirements for M500 Hardware Encryption - Crucial Community
Intel® motherboards supporting SED or Hard Drive password are listed in this article:
http://www.intel.com/support/motherboards/desktop/sb/CS-034023.htm Desktop Boards; Hard disk drive password support