Help regarding disk encryption visibility of cortex xdr

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Help regarding disk encryption visibility of cortex xdr

L0 Member

Could you please provide any documentation regarding Disk encryption in Cortex XDR? I would like to know if we need to manually enable BitLocker or if it can be enabled automatically by pushing the host disk encryption policy to all endpoints. Also, where are the BitLocker keys stored? Does Cortex XDR have BitLocker keys for every endpoint? 

Cortex XDR 

1 REPLY 1

L5 Sessionator

Hello @AakashShinde ,

 

Thanks for reaching out on LiveCommunity!

 

XDR doesn't execute the disk encryption it leverages the operating system tools to enforce compliance. For Windows Bitlocker is used and for macOS it is file vault. For Windows the bitlocker keys need to be stored in Active Directory and Group Policy should be used to control the policies.

The Cortex XDR Disk Encryption profile for Mac can encrypt the endpoint disk, however, it cannot decrypt it. After you disable the Cortex XDR policy rule on the endpoint, you can decrypt the endpoint manually.

 

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Disk-Encryp...

 

If you feel this has answered your query, please let us know by clicking on "mark this as a Solution". Thank you.

 

 

Ashutosh Patil
  • 866 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!