Large Archive Solution for Encrypted images.

You could just mount the decrypted disk with Encase and image the mounted disk with FTK imager (Using maximum compression).

But do you really need to do this?

If you are just creating an archive then you could just copy the data that needs to be archived.

Why do you need full disk images?

Do you suspect wrongdoing in the past?

Yes, we need full backups of these drives. Can you compress encrypted hard drive images using FTK in E01 format?

Can you save a decrypted file image - this would then compress

A ZFS array using Nas4Free (or an alternative OS if required) ?

You can achieve massive data storage capacity, with relatively low cost hardware.

If all the laptops have Gigabit Ethernet ports, get a dedicated Gigabit switch (~$20 for a 5-port) and start creating dd images on a NAS solution with Gigabit. Boot them all with a Linux build and use guymager. You could also play around with the EWFCompression parameter (0 none, 9 high) and see how well that works in this setup.

Thank you guys for all the great answers. I have been told that "You can't compress a encrypted image using FTK" is this true?

No, I can't get a decrypted image, each computer requires us to request a decrypt key from the vendor and that would take way too much time.

Speed is going to be an issue. I use a 'SOHO' 9TB NAS setup as RAID-5, but this gives me transfer rates over 1GB Ethernet cable equivalent to a USB2.0 drive. OK as a large storage device, but slow.

When doing disk images, any cache in a NAS will be maxed out very quickly and you need to find a device that will sustain high speed transfers rather than a burst transfer.

If you want to image multiple drives in parallel it will be slow, but at the same time you can probably get it to run overnight. If you do one (or two) at a time it might need drives changing every few hours.

If you need to request a decrypt key, then are you sure you can obtain one later. Otherwise, you just have a few hundred GBs of random data

Yes, we are a very large organisation (65,000 Employees). I just wanted to make sure I could compress an encrypted image. This is a the deal, we have a stack (50~100) laptops that are all encrypted that we need to create a full drive image of "incase" of later legal actions. My solution was hook it up to a drive blocker, and use FTK Image and compress each of the laptops. In the past we need need to decrypt a key we have our legal dept request it and since we own the laptop and the data we have never had a problem obtaining one.

Summery of what I want
1) Full drive images of each laptop WHILE ENCRYPTED
2) Compress to save space.
3) Large archive solution that is expandable.

Let me know which of the solutions you guys have suggested would be the best option now you have more of an idea of what i'm needing.

I would double check your values you think you will gain by compression.

Most encryption increases entropy (randomness) into the data, making compression less effective.

I suggest try a few and see what it takes to encrypt and compress, and see how much you gain in disk space for the time it takes to compress. Ex. if it is 10% less of original, but it takes 12 hours, does it worth it?

On a different point -
I highly suggest you take the previous suggestion of take a live, decrypted image, through network or otherwise.

if you do not have a "root" or "administrative" key to decrypt any and all of the SafeBoot drive, your implementation is seriously wrong.

This is what will happen -
You will make a backup of the encrypted image.
You may compress it.
You will store it.
The IT staff will change.
The user will leave.
The original machine will be re-provisioned.
The software vendor will change the encryption product.
Five years down the road you will be looking to read the data because the courts are demanding it.
You will have no way of decrypting because you lost the password, or no longer have the software to do it.

I have seen this repeatedly in large firms.