Neverfail Continuity Engine interoperability with BitLocker

Neverfail Continuity Engine interoperability with BitLocker

Summary

This article provides information on how Neverfail Continuity Engine inter-operates with  BitLocker.
BitLocker volume encryption feature lies "beneath" Continuity Engine replication layer, thus Engine is unaware it's there. That means Engine doesn't replicate setting it up or any eventual changes to the BitLocker configuration performed on the active server. Engine will clone the setup (when adding the standby HA/DR servers),  but it can be also set up to have different passwords on active and passive, or even BitLocker configured on just one Engine node. However, there are a few requirements / best practices regarding Continuity Engine interoperability with BitLocker.

Installing Continuity Engine on a system having a BitLocker encrypted volume

Continuity Engine Management Service installation

  1. Fully supported - no special requirements.

Continuity Engine installation

  1. Requirement: all of the disks encrypted/locked with BitLocker must be unlocked on the target server (Primary to be), otherwise the installation will be vetoed (unknown disk type)

Cloning BitLocker volumes when deploying Continuity Engine standby servers 

  1. BitLocker configuration from the active server will be cloned on the passive server. 
    1. Note: BitLocker configuration (setup and/or changes) performed post-Engine cluster deployment on the active server won't be replicated on the passive servers. This means BitLocker may have have different passwords on active and passive nodes, or even be configured on just one Engine node.


Replicating BitLocker encrypted volumes with Continuity Engine

BitLocker encrypted volume is part of Continuity Engine data replication set
  1. Requirement: all of the disks encrypted/locked with BitLocker must be unlocked on all of the Engine nodes. This way the data written/changed on the active server BitLocker volumes will be successfully replicated on the passive nodes
    1. Note: if the BitLocker volumes are kept unlocked on any of the passive nodes, then Engine replication will stop (VetoedEffectiveFilter)  
    2. Note: if the BitLocker volumes are kept unlocked on all of the Engine nodes (active/passive), then Engine won't replicate the BitLocker volumes and replication won't be affected (it simply ignores (won't see) the BitLocker volumes) 
BitLocker encrypted volume is not part of Continuity Engine data replication set
  1. no replication for BitLocker volumes; no impact or special requirements for Continuity Engine functionality.


Applies to:

Neverfail Continuity Engine v8.5

    • Related Articles

    • Neverfail Continuity Engine v8.5 - Release Notes

      Summary This Knowledge base article provides information about the 8.5 release of Neverfail Continuity Engine and all subsequent updates to this release. Neverfail Continuity Engine v8.5 Update 7 The following information applies to ...
    • Neverfail and Anti-Virus Tools - General Advice Regarding Interoperability with Anti-Virus Scanners

      Summary This Knowledgebase article provides general information about interoperability with anti-virus scanners. More Information Please consult and implement the Anti-Virus manufacturer’s advice, as Neverfail guidelines will often follow these ...
    • Continuity Engine Product Architecture

      Learning objectives At the completion of this session, you should be able to: Identify major components of the Neverfail Continuity Engine product architecture. Describe major component configuration. Identify advantages of the Neverfail Continuity ...
    • Neverfail Continuity Engine v8.1 - Release Notes

      Summary This Knowledge base article provides information about this specific release of Neverfail Continuity Engine v8.1 More Information Supporting Documentation A listing of technical documents supporting this version of Neverfail Continuity ...
    • Continuity Engine Troubleshooting - Synchronization Failures

      Neverfail Continuity Engine provides protection to your applications by replicating data to a passive server. Continuity Engine attempts to synchronize protected data on all servers and continually replicates changes to that data. This article ...