KB #240099: Integrating Encryptionizer and Double-Take

Information

Instructions on deploying Encryptionizer for SQL Server with Double-Take (aka Double Take or DoubleTake)

Secure SQL Server on all nodes. All nodes should share the same key(s). You should use the following options:
- Specify “Encrypt New Databases” and “Encrypt Backups”, or create a Rule Mask such that the following file types are encrypted: MDF, LDF, TRN, Backup files.
On each node, run Regedit.exe and navigate down to one of these keys (whichever appropriate):
- HKLM\System\CurrentControlSet\Services\NLEMSYS
- HKLM\System\CurrentControlSet\Services\NLEMSQL
- HKLM\System\CurrentControlSet\Services\NLEMSQL64
Edit the Value Group and change it from “FSFilter Encryption” to “FSFilter Anti-Virus”.
Next, navigate to the key below. If it does not exist, ignore this step.
HKLM\SYSTEM\CurrentControlSet\services\NLEMSYS\Instances\Nlemsys Instance
In the right pane edit the Value Altitude and change to 320001
Exit Regedit
Make sure DoubleTake is disconnected. Alternatively, Stop the Double-Take Service.
Encrypt the database(s) on all nodes. Alternatively delete the databases on the secondary node(s) and encrypt them on the primary node.
Reboot the nodes.
Reestablish Double Take connections and allow initial syncronization to complete.

Last modified: 5/6/2021