VM inside volume encryption

Discussion in 'Royal Signals' started by TA_sig, Feb 12, 2007.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Basically - does anyone know a caps baseline product that will encrypt a logical volume and be able to run a virtual OS inside it?

    Only other tools I can find run wholedisk which is kind of backwards to what I'm trying to do.

    Datavault failed.
  2. what are you trying to achieve here, secure virtualisation or something else?
  3. Hmm....Datavault certainly sounded like the ideal thing. What about encryption at the hard disk level, for example Flagstone? I'm sure you can search for CESG and CAPS on Google and get the full product list.
  4. Thanks for the tips, I've talked to the BeCrypt bods and they expect it may be possible.. or I can do things inside out if can get it approved. Time to get some trials run.

    CESG publish a list of CAPS products on their website by the way folks (heh, it costs the companies enough!) - but just wondered if anyone on here had tried anything similar rather than get trials for a ton of stuff.

  5. Have you tried TRUECRYPT, it's one of the most secure encrytion methods going. As for virtualising an OS in there....i've never tried but it should be poss
  6. I have actually got a solution, unfortunately I can't go into details, but it is actually blindingly simple using one of the basic encryption products out there and a little trial and error time :) Still needs to go through some testing, but there's a white paper out on its way to through the chain and probably end up within the CESG community in due course.
  7. I've had a little play with the latest version (5a) of Truecrypt (www.truecrypt.org) and it looks like it could do what you're after with a bit of fiddling. All that aside, has anyone put a GEMS or similar suggestion forward to use an open source encryption programme for restricted and below. I'm in the process of putting a business case together for Becrypt so that my folks can continue to use external hard drives (we have need to carry large amounts of data about - not personal info and not above restricted). Becrypt is expensive and has an ongoing annual cost, but it's the only thing approved for use so far. If approved, open source encryption could save the MOD a lot of cash thus leaving money for us all to have a pay rise!
  8. IS Ski Geek

    IS Ski Geek War Hero Moderator

    As PD says.

    Following MOD guidlines (if MOD Laptop) then go for full disk encryption with Flagstone.

    Virtualisation runs no problem on top of this.