How to determine whether a volume or partition is recognised by SafeGuard Enterprise as a boot volume.
Known to apply to the following Sophos product(s) and version(s)
SafeGuard Device Encryption
All supported versions.
What To Do
Check the following:
If one of the following files or folders exists on the volume/partition, SafeGuard Enterprise will handle the volume/partition as a boot volume:
- Documents and Settings
Please Note: This will only be verified during the installation of the SafeGuard Enterprise Client.
As a result of this the following must be considered:
- If drive C: (boot volume) and drive D: (with pagefile.sys) already existed before the SafeGuard Enterprise Client installation and an encryption policy is defined to encrypt ‘Boot Volumes’, both drives will be encrypted initially.
- If a new drive is added after the SafeGuard Enterprise Client installation, and the pagefile.sys is moved to this partition, this drive will not be encrypted if you have only assigned a ‘Boot Volumes’ encryption policy to the system.
Furthermore, partitions/volumes with the above mentioned files on it will only be encrypted with the corresponding machine key regardless of which "Key to be used for encryption" is set within an encryption policy.