Microsoft recently released Microsoft Desktop Optimization Pack (MDOP) 2014 which bring Microsoft BitLocker Administration and Monitoring (MBAM) 2.5.
The main features of MBAM 2.5 are:
- Support for Federal Information Processing Standard (FIPS 140-2)
- Improved compliance and enforcement policies
- Support for enterprise scenarios and topologies
I/ Support for FIPS 140-2It's add two functionalities to BitLocker:
- Data Recovery Agent (DRA) which uses certification authority to protect and recover volume, supported since Windows 7.
- In Windows 8.1 improving the Recovery Key Password protector in order to be FIPS compliant using the FIPS algorithms for encryption.
II/ Improved compliance and enforcement policiesIn order to help IT to enforce BitLocker protection even if the users postpone the encryption, it's possible to provide a grace period to automatically protect the volume. It's also possible to disable the postpone feature.
In addition if the PIN code is used, a policy could enforce it by avoiding weak PIN like: 123456, 654321, 456789, 222111, etc.
III/ Support for enterprise scenarios and topologiesIt's now possible to use one MBAM infrastructure for trusted Active Directory Forest, which simplify the deployment by removing MBAM servers for each forest using the fully qualified name (FQDN).
The frequently asked feature appear, named high availability for each MBAM components:
- SQL Server AlwaysOn availability groups
- SQL Server clustering
- Network load balancing (NLB)
- SQL Server mirroring
- Volume Shadow Copy Service (VSS) Backup
For more information about this version: http://technet.microsoft.com/en-us/library/dn656930.aspx
How to get MDOP: http://curah.microsoft.com/2867/how-do-i-get-mdop