Create PGP Virtual Disks with PGP Encryption Desktop for Windows (Symantec Encryption Desktop)
search cancel

Create PGP Virtual Disks with PGP Encryption Desktop for Windows (Symantec Encryption Desktop)

book

Article ID: 153500

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption PGP Command Line PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

This article describes how to create and use PGP Virtual Disks as a disk or as a folder with PGP Encryption Desktop for Windows (Symantec Encryption Desktop)

Resolution

A PGP Virtual Disk is an area of space, on any disk connected to your computer, which is set aside and encrypted. PGP Virtual Disks are much like a bank vault, and are very useful for protecting sensitive files while the rest of your computer is unlocked for work.

A PGP Virtual Disk looks and acts like an additional hard disk, although it is actually a single file that can reside on any of your computer disks. It provides storage space for your files you can even install applications, or save files to a PGP Virtual Disk but it can also be locked at any time without affecting other parts of your computer. When you need to use the applications or files that are stored on a PGP Virtual Disk, you can unlock the disk and make the files accessible again.

  • The size of a PGP Virtual Disk is limited to the space remaining on your hard drive and/or your computer's file system.
  • A PGP Virtual Disk cannot be used for whole disk encryption.
  • PGP Virtual Disks cannot be used for multi-user read/write access to a network share. Only the system where the disk was mounted will have write access. All other users of that PGP Virtual Disk will see the share as Read-Only.

 

Create a PGP Virtual Disk to be Mounted as a Drive Letter

To create a PGP Virtual Disk to mount as a drive letter:

  1. Open PGP Desktop.
  2. Click the PGP Disk control box on the left pane of the PGP Desktop main screen, then click New Virtual Disk. Alternatively, select File > New > PGP Virtual Disk. The New Virtual Disk screen is displayed in the right pane of the screen.
  3. In the Name field, type the name that you would like for the new PGP Virtual Disk.
  4. In the Disk File Location field, accept the default location for the PGP Virtual Disk volume you are creating, or click Browse to specify another location.
  5. From the Mount as menu, select the drive letter that you would like for the new PGP Virtual Disk.

You can:

  • Accept the drive letter that PGP Desktop suggests for you.
  • From the Mount as menu, select an available drive from the list.
  1. Select Mount at startup to have your new PGP Virtual Disk volume mount at startup automatically. When selected, you are prompted for your PGP Virtual Disk passphrase when you start your computer.
  2. Select Unmount when inactive for... to have the PGP Virtual Disk unmount if you have not used your computer for a specific time interval that you specify (in minutes). This is helpful if you often leave your computer unattended. This enables an additional safeguard that locks your PGP Virtual Disk if you forget to.
  3. From the Capacity menu, select the desired type of PGP Virtual Disk. Your choices are:
  • Dynamic (resizable). This type of disk grows in capacity as files are added to it, yet it stays small until the additional space is needed. PGP Desktop manages this process, you only need to set the maximum size that you would like the disk to be. You can also compress this disk later, if you choose.
  • Fixed size. This type of disk remains the same size, regardless of how many files are added to it.
  1. From the Capacity menu, set the size (in the case of Dynamic disks, the maximum size) for your new PGP Virtual Disk. Use whole numbers; no decimal places. Choose KB (kilobytes), MB (megabytes), or GB (gigabytes) from the menu.

    The maximum allowable size for a PGP Virtual Disk depends on the size and format of your hard disk.

  2. Specify a file system format for the volume:
PGP Virtual Disk - Minimum file size requirements

  • FAT - 100 KB
  • FAT32 - 260 MB
  • NTFS - 5 MB (12MB for Windows Vista)

 

  1. Specify the encryption algorithm you want to use to protect your data:
  • AES (256 bits). AES (Advanced Encryption Standard) is a block cipher that can be used at 128, 192, or 256 bits. The more secure 256-bit version is used for creating PGP Virtual Disk volumes by default.
  • CAST5 (128 bits). CAST is a 128-bit block cipher. CAST is a strong, military-grade encryption algorithm that has a solid reputation for its ability to withstand unauthorized access.
  • Twofish (256 bits). Twofish is a 256-bit block cipher, symmetric algorithm. It was one of five algorithms that the U.S. National Institute of Standards and Technology (NIST) considered for the AES (Rijndael was selected).
  1. You must have at least one user who can access your new PGP Virtual Disk. In the User Access section, specify who you want to give access to, and what method they use for access:

User Key - To add users who authenticate with public-key cryptography:

  • Click Add User Key. The Add Key Users box is displayed, displaying the keypairs currently on your keyring.
  • From the Add Key Users box, select the key users you want by double-clicking the listing. Alternatively, you can drag the listing from the left side to the right, or select a listing and click Add. Click OK when you are finished.

Passphrase User - To add users who authenticate with a passphrase:

  • Click New Passphrase User. The Create New User dialog box is displayed.
  • For each new passphrase user, type a name for that user, type a passphrase for them, then type the passphrase again to confirm. Click OK to create the passphrase user. If you want to authorize more passphrase users, repeat the process.
  • To modify the passphrase for a passphrase user, select that user, then click Change Passphrase.
  1. Click Create to start creating the new PGP Virtual Disk. A progress bar indicates how much of the PGP Virtual Disk has been initialized and formatted. When complete, your new PGP Virtual Disk is displayed in the PGP Disk control area.
  2. The first user you create is granted administrator status, and there can only be one administrator at a time. However, you can grant administrator status to any of your other users, regardless of whether they are public key or passphrase users. Click their name in the User Access list, then click Make Admin.
  3. Delete any user, other than the Administrator, by selecting their name and clicking Delete User. To delete the Administrator, first grant administrator status to another user, then delete the former administrator.

Create a PGP Virtual Disk to be Mounted as an NTFS Folder

To create a PGP Virtual Disk to mount as an NTFS folder, do the following:

  1. Open PGP Desktop.
  2. Click the PGP Disk control box on the left pane of the PGP Desktop main screen, then click New Virtual Disk. Alternatively, select File > New > PGP Virtual Disk. The New Virtual Disk screen is displayed in the right pane of the screen.
  3. In the Name field, type the name that you would like for the new PGP Virtual Disk.
  4. In the Disk File Location field, accept the default location for the PGP Virtual Disk volume you are creating, or click Browse to specify another location.
  5. From the Mount as menu, select Folder for the new PGP Virtual Disk.
  6. Enter a location for your PGP Virtual Disk or select Browse.
  7. Select Mount at Startup to have your new PGP Virtual Disk volume mount at startup automatically. When selected, you are prompted for your PGP Virtual Disk passphrase when you start your computer.
  8. Select Unmount when inactive for... to have the PGP Virtual Disk unmount if you have not used your computer for a specific time interval that you specify (in minutes). This is helpful if you often leave your computer unattended. This enables an additional safeguard that locks your PGP Virtual Disk if you forget to.
  9. From the Capacity menu, select the desired type of PGP Virtual Disk. Your choices are:
  • Dynamic (resizable). This type of disk grows in capacity as files are added to it, yet it stays small until the additional space is needed. PGP Desktop manages this process, you only need to set the maximum size that you would like the disk to be. You can also compress this disk later, if you choose.
  • Fixed size. This type of disk remains the same size, regardless of how many files are added to it.
  1. From the Capacity menu, set the size (in the case of Dynamic disks, the maximum size) for your new PGP Virtual Disk. Use whole numbers; no decimal places. Choose KB (kilobytes), MB (megabytes), or GB (gigabytes) from the menu.

    The maximum allowable size for a PGP Virtual Disk depends on the size and format of your hard disk.

  2. Specify a file system format for the volume:
PGP Virtual Disk - Minimum file size requirements

  • FAT - 100 KB
  • FAT32 - 260 MB
  • NTFS - 5 MB (12MB for Windows Vista)

 

  1. Specify the encryption algorithm you want to use to protect your data:
  • AES (256 bits). AES (Advanced Encryption Standard) is a block cipher that can be used at 128, 192, or 256 bits. The more secure 256-bit version is used for creating PGP Virtual Disk volumes by default.
  • CAST5 (128 bits). CAST is a 128-bit block cipher. CAST is a strong, military-grade encryption algorithm that has a solid reputation for its ability to withstand unauthorized access.
  • Twofish (256 bits). Twofish is a 256-bit block cipher, symmetric algorithm. It was one of five algorithms that the U.S. National Institute of Standards and Technology (NIST) considered for the AES (Rijndael was selected).
  1. You must have at least one user who can access your new PGP Virtual Disk. In the User Access section, specify who you want to give access to, and what method they use for access:

User Key - To add users who authenticate with public-key cryptography:

  • Click Add User Key. The Add Key Users box is displayed, displaying the keypairs currently on your keyring.
  • From the Add Key Users box, select the key users you want by double-clicking the listing. Alternatively, you can drag the listing from the left side to the right, or select a listing and click Add. Click OK when you are finished.

Passphrase User - To add users who authenticate with a passphrase:

  • Click New Passphrase User. The Create New User dialog box is displayed.
  • For each new passphrase user, type a name for that user, type a passphrase for them, then type the passphrase again to confirm. Click OK to create the passphrase user. If you want to authorize more passphrase users, repeat the process.
  • To modify the passphrase for a passphrase user, select that user, then click Change Passphrase.
  1. Click Create to start creating the new PGP Virtual Disk. A progress bar indicates how much of the PGP Virtual Disk has been initialized and formatted. When complete, your new PGP Virtual Disk is displayed in the PGP Disk control area.
  2. The first user you create is granted administrator status, and there can only be one administrator at a time. However, you can grant administrator status to any of your other users, regardless of whether they are public key or passphrase users. Click their name in the User Access list, then click Make Admin.
  3. Delete any user, other than the Administrator, by selecting their name and clicking Delete User. To delete the Administrator, first grant administrator status to another user, then delete the former administrator.
PGP Recommendations:

Although the encrypted .pgd file associated with each volume is safe from unauthorized users, it can still be deleted by anyone who might potentially gain access to your computer. PGP recommends that you keep a backup copy of your encrypted .pgd file.



 

Additional Information