[FDE] FDE - Can we manage it?

[Laundrup, Jens]

I too have looked at PGP but like many others, they do not play well
with other brands.  

Where I have gone so far: (this is all very preliminary!!)

http://www.pointsec.com/products/managementtools/ but they do not seem
to support Servers and mass storage, e-mail, DSS etc.

http://www.sun.com/encryption/index.jsp but they do not seem to address
PCs, laptops or e-mail

http://www.pgp.com/products/index.html Addresses most things but they do
not play well with the mainframe systems or DSS for other than e-mail.

http://www.ncipher.com/key_management/ But they do not seem to address
e-mail platforms or DSS (though they have an interesting management
system)

http://www.ce-infosys.com/CeiProducts_GlobalAdmin.asp Looks interesting
but I am not sure they work with mainframe systems, though it looks like
they are fairly flexible.
  

I am certain there are others that I have yet to find!

The big questions are; (add to the list!  Maybe Saquib would create a
spreadsheet for us so we can look at the different features and compare
products <please>).  

1.  What features should be important?

2.  If a single vendor is not used, will the system play well with
others?

3.  Is it capable of supporting multiple AD sub-forests?

4.  Will it work with Windows XP/Linux/Apple/Unix (could be separate
packages) 

5.  Does it support removable media?

6.  Does it support Tape storage systems?

7.  Does it support smartphone/blackberry/PDAs? (the seeming bane of my
existence!)

8.  Does it split the administrative (master key) into multiple segments
so that it requires 2 or more admins to decrypt media?

9.  Does it support a master key/corporate key so if an employee
suddenly leaves (or is being investigated) we can unlock what has been
enciphered?

10.  Does it play well with Windows networking AND Novell (at the same
time!)?  

And a million other questions.  

Jens