Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

CTE with Microsoft DFSR

Using the LDT Encryption Method

search

Please Note:

printsuggest an editpdf paneldownload

Using the LDT Encryption Method

If you want to encrypt your data using LDT, you need to create a Live Data Transformation policy and use that to create your GuardPoints. All encryption occurs in the background while users continue to access the data.

With LDT, the data will be automatically rekeyed periodically, based on the expiration date and the life span of the versioned key used to encrypt the data.

To use the LDT:

  1. Make sure you have created the required policy components for DFS(R) as described in Creating Required DFS(R) Policy Components.

  2. Make sure that you have a versioned encryption key.

  3. Create the LDT policy as described in Creating a LDT Policy for DFS(R).

  4. Create the GuardPoints you want to use as described in Creating a LDT GuardPoint for DFS(R).

    Note

    Make sure that all GuardPoints are at, or above, the level of the DFS(R) replication point. For example:

    • If the replication point is D:\, the CTE GuardPoint must also be at D:\. Adding a GuardPoint on a directory in D:\, such as D:\data\, fails.

    • If the replication point is D:\data\, you can add a GuardPoint at D:\data\ or D:\, but you cannot add a GuardPoint on a subdirectory of D:\data\ such as D:\data\HR-files\.

  5. Consider using QoS for optimal DFS(R) performance.

On this page