Skip to Content

EMBASSY® Remote Administration Server Remote Management for Encrypted Hard Drives and Trusted Platform Modules

Wave Systems’ EMBASSY Remote Administration Server (ERAS) enables centralized IT administration to remotely deploy and manage PC clients that are secured with hardware or software encryption technologies.  

ERAS remotely manages any or all of the following hardware and software security environments:

·    Self-encrypting hard drives by Seagate and Samsung
·    OPAL-compliant self-encrypting hard drives from any
·    SafeNet ProtectDrive FDE software for systems that do not
     contain self encrypting hard drives
·    Trusted Platform Modules (TPM) from any manufacturer

ERAS-Enabled Trust Network

Embedded TPM technology puts a hardware root-of-trust in each individual TPM-enabled PC. The TPM root-of-trust enables unprecedented levels of security across a wide range of applications.

ERAS provides enterprise wide management of distributed TPM-enabled PC platforms. This means that all the distributed TPM root-of-trust platforms in the organization can be managed and controlled from a central location. All of the individual root-of-trust platforms can be melded into a unified trust network.  Management of hard drive encryption software and self-encrypting hard drives across the network ensures further protection and regulatory compliance for data protection. 

ERAS reduces the cost and complexity of deploying TPM-enabled PCs and self-encrypting drives. This also includes software-base hard drive encryption.

ERAS Key Features

  • Centralized control of distributed TPM systems to provision identities and authorizations from Active Directory.
  • Remote ownership and automatic management of TPMs that are already present in enterprise PCs.
  • Server-based scripting for configuration and routine management.
  • Remote administration of Seagate Trusted Drives for management and control of hardware-based full disk encryption.
  • SafeNet ProtectDrive FDE software remote management.

ERAS Key Benefits

  • Enables IT Administrators to remotely control security for enterprise deployment of TPM systems, any Opal-compliant drive, and/or software-base hard drive encryption.
  • Removes complexity of providing a totally secure environment for enterprise productivity.
  • Facilitates easy deployment of TPM systems, any Opal-compliant drives, and/or SafeNet ProtectDrive FDE software.
  • Provides significant cost savings for deployment of advanced security.
  • Boosts productivity of network administrators for dealing with TPMs, any Opal-compliant drive, and/or SafeNet ProtectDrive FDE software.
  • Provides a consistent management interface for systems containing secure hardware.
  • Aids in proving regulatory compliance for data protection.

ERAS Key Components

  • Remote management of TPM systems, any Opal-compliant drive, and SafeNet ProtectDrive FDE software.
  • Integrated with Active Directory.
  • Centralized security policy control and auditing for risk assessment and regulatory compliance purposes.
  • MMC, scripting, or command line operations.
  • TPM remote management including:
    • TPM enrollment, ownership, and enablement
    • TPM user management
    • Password management and reset
    • Delegation of owner rights to users
    • Detailed TPM system information
  • Opal-compliant drive and ProtectDrive FDE software remote management including:
    • Initialization and administration
    • Password management, control and recovery
    • User management
    • Pre-boot authentication setup
    • Re-commissioning and de-commissioning of drives
      (self-encrypting hard drives)
    • Encryption and decryption of drives (software-based hard drive encryption)




Microsoft, Windows, and BitLocker are either registered trademarks or trademark of the Microsoft group of companies.