search cancel

What is, “Double-Writing Sectors”, as mentioned in the SEE Policy Administrator Guide?

book

Article ID: 150545

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

 

Resolution

The SEE Policy Administrator Guide mentions double-writing sectors as follows:

An advanced Drive Encryption feature lets you specify double-writing sectors during encryption or decryption.

 Double-writing sectors during encryption or decryption guards against the remote possibility of losing a single data sector during power interruption. The power interruption must take place at the exact moment a disk sector is physically written. Selecting this option does not affect the performance of on-the-fly encryption and decryption (see Note 1). Power-loss protection is always enabled during fixed disk encryption and decryption. This option does not affect power-loss protection. If the computer is turned off or enters sleep or hibernation mode, the encryption or the decryption process continues automatically when power is restored.”

The double-writing sector option makes a copy of a sector before encrypting/decrypting.
This is done so that in case of power interruption at the exact moment an encrypted/decrypted disk sector is physically written (data loss), we can recover the data sector from the backup during the next normal boot.

 

Note 1:

The Policy Administrator Guide says the following:

Selecting this option does not affect the performance of on-the-fly encryption and decryption.

 

Yet, in the SEE Manager Console, when creating a client package on the “Drive Encryption Installation Settings – Encryption” page, in the “Advanced Options” section is says the following:

Double-writing sectors during encryption or decryption (May significantly increase encryption and decryption time)”

 

What this means is that double-writing sectors will increase the time it takes to do the initial encryption or full decryption. Double writing works during Encryption and Decryption of the disk but not during on the fly encryption and decryption (i.e. the read/write operation when the disk is encrypted). Hence it does not affect the performance of on the fly encryption/decryption.

 

http://www.symantec.com/docs/DOC9133 - Symantec Endpoint Encryption 11.1.x Policy Guide