CDE ?

Whats the plan for CDE with CESM. I know currently we have the ability to push and configure the CDE from the CESM, but when will it be ready for business? At the current moment it is not designed for the business area. Looking on the CDE forums it seems to be a beta product for home users. If this is supposed to be a feature on the CESM that I purchased I expect there to be a product that works and is ready to go in a business environment.

Lacking features are as follow:

  • Ability to encrypt USB drives. Also the user needs to have the ability to right click on a USB drive and hit Encrypt. The current CESM setup does not allow the user to make any actions to the CDE.
  • Ability for challenge - response if a users forgot their password or can’t get into the unit.
  • Ability to authenticate via password OR usb drive. It’s current setup is you have to have the USB and type the password to get in. I would like to have the ability to us the USB, but if that user doesn’t have the USB they can type the password to continue.
  • Rescue and recovery if something were to go wrong with the encrypted drive.
  • Ability to change the password of the machine if password was forgotten or USB drive lost. (This ties into the challenge-response)
  • Boot GUI for the encrypted drive. The current DOS screen would scare non technical users.
  • Some type of drive monitor.

These are just some of the items that have popped into my head while testing the CDE on a test machine.

I am starting to feel like I paid to beta test the CESM.

From what I know right now comodo is working hard at getting new core technologies implemented, something that will effect home and business users. I believe that once these new technologies are implemented and working, not only will comodo sell better to home users but they will be able to concentrate on the business market more and really put a dent in symantec’s/mcafee’s hold on business security.

AFAIK Standalon CDE 2.0 BETA is availible.

https://forums.comodo.com/news-announcements-feedback-cde/comodo-disk-encryption-2013841324-beta-t54542.0.html

So after it release it will be integrated to CESM.

I have tried the beta with LOTS of problems. I am still trying to decrypt the drive as we speak. During the encryption process it locks up the machine and reboots and you start CDE back up and it starts back where it left off which is nice. The problem is it did this probably 10 times. It took a total of 4 days to encrypt a laptop drive. After it encrypted the machine would run extremely slow(with the lowest encryption for speed) and lock up. The decrypting is doing the same as the encrypting process of locking up and restarting. I am on day 3 of trying to decrypt this drive. You also don’t get a lot of options in the software. It seems very bland of course I am sure it will be added, but the current beta seems more like a alpha to me.

I would still like to seem more of the features I talked about make it into the CDE.

AFAIK CDE 2.0 is very different from 1.2.
Now it can continue encryption/decryption process after power failure.
But it steel very hardware-dependable.

What hardware do you use?

HP Elitebook 8530p

I’ll share this info with CDE team.

Thanks,

Just an FYI. 2.0 finally decrypted my drive after 3.4 days and I quickly uninstalled. I then installed the current active release and encrypted my drive and it was done in 2 hours. So there are some problems with the 2.0 beta. With that said the encryption is working fine with the officail release, but I would still like to see the features I mentioned above to be in the CDE for CESM business.

Thanks,

CDE 1.2 architecture is different from CDE 2.0.
Because CDE 2.0 encrypt ENTIRE driver while CDE 1.2 only one partition.

So for CDE 2.0 it simply takes more time to encrypt entire disk.
Moreover, it cannot “ignore free space”.

CDE 2.0 is realtime encryption, so you can even turn your computer off, and continue later.
CDE 2.0 can do it. CDE 1.2 - couldn’t.

Thats great and all, but it should take days to encrypt a drive and fail over and over. I understand it’s still beta, but the encryption should atleast work. We use PGP whole disk encryption in our labs and it only takes about 4 hours for a 300GB drive.

Hope it will be improved.