Full drive encryption products like McAfee Endpoint Encryption for PC operate as a “bump in the stack” transparently encrypting and decrypting every block that is written and read from the encrypted drive rendering it unreadable to a hacker.

 

In the good old days, a good enough “bump in the stack” was sufficient because the spinning drive (HDD) could not handle data beyond a certain rate. Essentially, the mechanically constrained hard drive was the bottleneck. Everything changed last year as solid state drives (SSDs) started to mainstream and become really affordable. Most users would concur, that once you use a laptop with a fast SSD, it is almost unbearable to go back to a regular spinning drive.

 

SSDs don’t have to deal with a mechanical arm to read and write data on platters. So, they can literally drink data from a fire hose. With a SSD, your laptop can boot in seconds, your Outlook client seems amazingly responsive and your users are happy and very productive.  To not drag down the great SSD performance, the good enough “bump in the stack encryption” has to become great.

 

How do we get there?

 

The good news is that every Intel i5 and i7 system comes with a CPU instruction set called Advanced Encryption Standard New Instructions (AES-NI). When utilized efficiently, an encryption product can offload the majority of the processing and operate at near native performance! Near native genereally means we are within 95-99% of native performance throughput an users cannot perceive the difference.

 

After collaborating closely with Intel for several months, we are happy to report that we have been able to achieve near native performance even on extremely fast, cutting edge SSDs.  Upgrade to Endpoint Encryption for PC’s v7.0 (shipping since Dec 2012), to leverage this new capability.

 

For the very technically inclined, additional details can be found at KB66256