Secure Start Overview
Secure Start offers data protection for applications which start earlier in the boot sequence than VMD (Vormetric Daemon). For example, the Microsoft Active Directory (AD) system service starts very early in the boot sequence. To determine if another application qualifies, contact Thales technical support.
Note
-
Secure Start is included with CTE. You do not have to purchase it separately.
-
Secure Start is supported on Windows Server 2008 R2 and later versions.
-
When Secure Start is enabled, communication with CipherTrust Manager is required for security. After the Windows boot process completes, the CTE agent attempts to communicate with CipherTrust Manager for 2 minutes. If CipherTrust Manager cannot be reached after 2 minutes, then the CTE Agent initiates a reboot of the system.
-
The challenge/response or password feature is disabled with secure boot GuardPoints.
There are three methods for encrypting the AD directory: