Bitlocker network unlock server 2016
Your server’s UEFI setup program should allow you to set one or more startup passwords that prevent the system from unauthorized startup. Make sure to place your servers in physically-secured areas, preferably monitored with security cameras. Note Preventing Unauthorized UEFI ChangesĪn important IT security truism is that an attacker with physical access to your server makes software-based protections far less effective. Figure 1-1 shows the appropriate UEFI setup screen from a Lenovo notebook computer. Consult your documentation or visit the vendor’s website to find out which keystroke to use. The method for starting your server into UEFI setup depends entirely on the original equipment manufacturer (OEM). Windows Server 2016 fully supports all UEFI features, especially Secure Boot. Unified Extensible Firmware Interface (UEFI) is the successor to the older Basic Input Output System (BIOS) firmware interface we’ve had since the first PCs any new server hardware you purchase nowadays uses UEFI firmware. We’ll cover UEFI, BitLocker Drive Encryption with and without the TPM chip, how Network Unlock works, and how we configure BitLocker Drive Encryption through Group Policy. In this section we’ll tackle a host (pun intended) of hardware security features that aren’t all specific to Microsoft Windows Server operating systems, but are fully supported. Manage EFS and BitLocker certificates, including backup and restore
#Bitlocker network unlock server 2016 password#
Implement BitLocker Recovery Process using self-recovery and recovery password retrieval solutionsĬonfigure BitLocker for Hyper-V virtual machinesĭetermine usage scenarios for Encrypting File System Determine hardware and firmware requirements for Secure Boot and encryption key functionalityĮnable BitLocker to use Secure Boot for platform and BCD integrity validationĭeploy BitLocker Drive Encryption with and without a Trusted Platform ModuleĬonfigure BitLocker Group Policy settingsĬonfigure BitLocker on Clustered Shared Volumes and Storage Area Networks