First, let me start off by saying that my event yesterday was in Saratoga, Ca. Not San Jose. Not Cupertino. Not Santa Clara. It was Saratoga.
Second, I found a very small bar that does Karaoke and went last night. The bar is Woodham Sports Lounge and was located by our concierge, Melissa. Not only did she run a great registration desk for us but she helped me find the karaoke bar. The bar is tiny, but had decent sound and a fair number of regulars. I sang twice – "Black Coffee in Bed" by Squeeze and "How Much I Feel" by Ambrosia. Good Times.
But I guess you are really reading this post because you want to know about BitLocker. I had some great question at the event on BitLocker. In fact I fielded too many questions which threw me off schedule, but I hope I at least answered most of the questions the crowd had. One questions that I opted to verify was – "Does BitLocker ship in they Vista Business Edition?". I thought it did but opted to check first. Turns out, BitLocker only ships in the Ultimate and Enterprise editions. I personally think it is silly that it does not ship in the Business edition, but I don’t make the rules on what features ship with what products.
So….to that end, my pledge is to ping the product group and ask them why it isn’t in the Business edition. I will post the results here when I have them.
There were also a series of questions around the partitioning requirement for BitLocker —
Why do we need at least two partitions?
What are the partition size requirements?
Those answers can be found in detail at the Technet BitLocker Drive Encryption page. But, in short….
At least two partitions are needed because there are pre-startup authentication system integrity checks that must happen outside of the encrypted environment.
It is recommended that the SYSTEM partition be at least 1.5 gigs in size to accommodate WinPE, the boot files, and other files that are related to system setup or updates. The remaining partitions can be any size we need for our environment.
One question that I am surprised did NOT come up was around the type of encryption used to protect the keys. The chart below give a break down of that.
Finally, I would recommend reading the BitLocker FAQ on the Technet site. I know a lot of our FAQ pages are pretty lean, but this one is quite good.