Does this hard disk drive support hardware-based full disk encryption? What are some effective interrogation tactics?

I am trying to determine if a particular hard disk drive supports hardware-based full disk encryption. I know I can use the model number and check the manufacturer's website, but that is only feasible if I were doing this for a handful of computers. I have a fleet of about 1000 computers that I want to check for this.

Is there some utility or script that I can run on a remote computer that will query a hard disk drive and find out whether it supports hardware-based full disk encryption? What are some effective hard disk interrogation tactics?

I spent some time searching for a way to do this, but I ended up in a dark alley hearing whispers of IOCTL_ATA_PASS_THROUGH and got scared away.

The vast majority of computers I would like to check are running Windows (XP, Vista, and 7), but I do have several Mac OS X computers that I would like to check, too.


You can run gwmi win32_diskdrive | foreach {$_.model} to retrieve drive models. This can easily be expanded to run across the enterprise. More importantly than the drive is going to be whether the bios and/or controller firmware support the drive. While you can install a hardware encrypted drive in any system, not every system will turn on the encryption.


I would start with gathering inventory of hardware you have; probably, it's not so many hard drive models at the end. For instance, you can use smartctl from smartmontools (they have a Windows version) and some simple scripting to run smartctl -a sda > logFile on each machine and send you the report. The first few lines of the log file will contain the drive model.

When it comes to the interrogation techniques take a look here.


I would use OCS Inventory NG to collect information on all of your hardware, including hard drive and system/motherboard model numbers. I would then run a very simple SQL query against the OCS configuration database (which is implemented comprehensibly using MySQL) to identify the different combinations of system and HDD that you have in place.