Implementing EFS

  • Thread starter Thread starter SPS
  • Start date Start date
S

SPS

What is the best way to implement EFS to encrypt 500GB of data-at-rest stored
on a NAS server that is sitting in a backend domain/DMZ. This share has to be
accessed by web servers sittings on a front end domain/DMZ. The DMZs are
separated by a FW that only allow traffic over specific ports between these
domains. We do not have PKI implemented at the enterprise in this network
setup. Do we need to have PKI for EFS?
 
Say, for testing purposes... the IIS running on the web server(on
ParentDomain.com) has a virtual directory that points to a NW share(on
childDomain.parentdomain.com) that is encrypted using EFS.
what is the best way to accomplish access to encrypted storage from the
webserver?
 
SPS wrote:
> What is the best way to implement EFS to encrypt 500GB of
> data-at-rest stored on a NAS server that is sitting in a backend
> domain/DMZ. This share has to be accessed by web servers sittings on
> a front end domain/DMZ. The DMZs are separated by a FW that only
> allow traffic over specific ports between these domains. We do not
> have PKI implemented at the enterprise in this network setup. Do we
> need to have PKI for EFS?

I can't answer your question but the following links may be of help:-

The Encrypting File System
http://www.microsoft.com/technet/security/...phyetc/efs.mspx

Best practices for the Encrypting File System
http://support.microsoft.com/kb/223316/en-us

How to back up the recovery agent Encrypting File System (EFS) private key
in Windows Server 2003, in Windows 2000, and in Windows XP
http://support.microsoft.com/kb/241201

How To Encrypt a Folder in Windows XP
http://support.microsoft.com/?id=308989

How To Remove File Encryption in Windows XP
http://support.microsoft.com/?id=308993

How To Encrypt a File in Windows XP
http://support.microsoft.com/?id=307877

HOW TO: Share Access to an Encrypted File in Windows XP
http://support.microsoft.com/?id=308991
 
Back
Top