EMBASSY® Remote Administration Server Remote Management for Encrypted Hard Drives and Trusted Platform Modules
Wave Systems’ EMBASSY Remote Administration Server (ERAS) enables centralized IT administration to remotely deploy and manage PC clients that are secured with hardware or software encryption technologies.
ERAS remotely manages any or all of the following hardware and software security environments:
· Self-encrypting hard drives by Seagate and Samsung
· OPAL-compliant self-encrypting hard drives from any
· SafeNet ProtectDrive FDE software for systems that do not
contain self encrypting hard drives
· Trusted Platform Modules (TPM) from any manufacturer
ERAS-Enabled Trust Network
Embedded TPM technology puts a hardware root-of-trust in each individual TPM-enabled PC. The TPM root-of-trust enables unprecedented levels of security across a wide range of applications.
ERAS provides enterprise wide management of distributed TPM-enabled PC platforms. This means that all the distributed TPM root-of-trust platforms in the organization can be managed and controlled from a central location. All of the individual root-of-trust platforms can be melded into a unified trust network. Management of hard drive encryption software and self-encrypting hard drives across the network ensures further protection and regulatory compliance for data protection.
ERAS reduces the cost and complexity of deploying TPM-enabled PCs and self-encrypting drives. This also includes software-base hard drive encryption.
- Centralized control of distributed TPM systems to provision identities and authorizations from Active Directory.
- Remote ownership and automatic management of TPMs that are already present in enterprise PCs.
- Server-based scripting for configuration and routine management.
- Remote administration of Seagate Trusted Drives for management and control of hardware-based full disk encryption.
- SafeNet ProtectDrive FDE software remote management.
- Enables IT Administrators to remotely control security for enterprise deployment of TPM systems, any Opal-compliant drive, and/or software-base hard drive encryption.
- Removes complexity of providing a totally secure environment for enterprise productivity.
- Facilitates easy deployment of TPM systems, any Opal-compliant drives, and/or SafeNet ProtectDrive FDE software.
- Provides significant cost savings for deployment of advanced security.
- Boosts productivity of network administrators for dealing with TPMs, any Opal-compliant drive, and/or SafeNet ProtectDrive FDE software.
- Provides a consistent management interface for systems containing secure hardware.
- Aids in proving regulatory compliance for data protection.
- Remote management of TPM systems, any Opal-compliant drive, and SafeNet ProtectDrive FDE software.
- Integrated with Active Directory.
- Centralized security policy control and auditing for risk assessment and regulatory compliance purposes.
- MMC, scripting, or command line operations.
- TPM remote management including:
- TPM enrollment, ownership, and enablement
- TPM user management
- Password management and reset
- Delegation of owner rights to users
- Detailed TPM system information
- Opal-compliant drive and ProtectDrive FDE software remote management including:
- Initialization and administration
- Password management, control and recovery
- User management
- Pre-boot authentication setup
- Re-commissioning and de-commissioning of drives
(self-encrypting hard drives)
- Encryption and decryption of drives (software-based hard drive encryption)
Microsoft, Windows, and BitLocker are either registered trademarks or trademark of the Microsoft group of companies.