https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158075#M6089 <P>Hi CheckMates,</P><P>Base on the link below under Fundamental Functionality:</P><P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112693&amp;partition=Basic&amp;product=Harmony" target="_blank">ATRG: FDE E80.64 and above (checkpoint.com)</A></P><P>"<SPAN>Gather and deliver requested information back to the Endpoint Management"</SPAN></P><P><SPAN>"</SPAN>Generation of device/master key. Status shown and reported:<SPAN>&nbsp;</SPAN><STRONG>Init "</STRONG></P><P>Is the "device/master key" encrypted when uploading to EPMgmt? if yes what cipher is used and is it documented? or how Check Point secures the uploading of this key to the EPMgmt or EPMaaS?</P><P>&nbsp;</P> Mon, 26 Sep 2022 18:53:37 GMT Saul_Goodman 2022-09-26T18:53:37Z https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158075#M6089 <P>Hi CheckMates,</P><P>Base on the link below under Fundamental Functionality:</P><P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112693&amp;partition=Basic&amp;product=Harmony" target="_blank">ATRG: FDE E80.64 and above (checkpoint.com)</A></P><P>"<SPAN>Gather and deliver requested information back to the Endpoint Management"</SPAN></P><P><SPAN>"</SPAN>Generation of device/master key. Status shown and reported:<SPAN>&nbsp;</SPAN><STRONG>Init "</STRONG></P><P>Is the "device/master key" encrypted when uploading to EPMgmt? if yes what cipher is used and is it documented? or how Check Point secures the uploading of this key to the EPMgmt or EPMaaS?</P><P>&nbsp;</P> Mon, 26 Sep 2022 18:53:37 GMT https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158075#M6089 Saul_Goodman 2022-09-26T18:53:37Z https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158088#M6092 <P>I thought BitLocker operated using keys in the TPM of the device in question?<BR />In which case, we wouldn't have the keys.<BR />Though I believe we do have the recovery key.</P> Mon, 26 Sep 2022 23:20:49 GMT https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158088#M6092 PhoneBoy 2022-09-26T23:20:49Z https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158095#M6093 <P>So if the Management have the recovery key how is it delivered to the EP Management? and is it encrypted or not? or any documentation supporting this.</P> Tue, 27 Sep 2022 02:25:28 GMT https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158095#M6093 Saul_Goodman 2022-09-27T02:25:28Z https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158237#M6100 <P>The recovery key is a string of numbers and letters.<BR />I was trying to find documentation explaining where/how this stuff is documented.<BR />The most logical place for it to exist is here, where we have other similar details documented about our FDE implementation:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112693&amp;partition=Basic&amp;product=Harmony" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112693&amp;partition=Basic&amp;product=Harmony&nbsp;</A></P> <P>I'll see if I can get this documented.</P> Tue, 27 Sep 2022 21:42:13 GMT https://community.checkpoint.com/t5/Endpoint/Device-Master-Key-Filevault-Bitlocker/m-p/158237#M6100 PhoneBoy 2022-09-27T21:42:13Z