| |
Endpoint Access Manager secures the use of removable media and portable storage devices by:
• Preventing information leakage from PCs and laptops
• Defining and enforcing endpoint security policies
• Complying with regulations like HIPAA and SOX by monitoring and auditing endpoint activities
• Providing flexible access rules as well as USB lock and device lock capabilities
ControlGuard Endpoint Access Manager includes the following
features and benefits:
Intelligent and Granular Policies
Endpoint Access Manager enables authorization of individual USB devices, media and interfaces for specific PCs and users leveraging enterprise directory services. The information security policies are communicated to the endpoints in real-time and immediately enforced by the Endpoint Agents. Administrators can grant temporary permissions to on-line and mobile users.
Intelligent Distribution
Endpoint Agents are distributed and installed seamlessly and efficiently across your network. The Agents can also be distributed by common enterprise software distribution tools like Microsoft System Management Server.
Hot-Plug Support
Endpoint Agents monitor Plug-and-Play device drivers that are installed at the endpoint. Based on the information security policy of that endpoint, the Agent will report the newly installed device to the Management Server and enforce the appropriate access permissions.
Mobile Users Support
Mobile user endpoints are monitored and protected. The Endpoint Agent continues to enforce the information security policy even when the endpoint is not connected to the network. It may apply different access permissions to interfaces (like WiFi) when the endpoint is off the network. Security administrators can temporarily grant mobile users access to a required removable device.
Real-Time Notifications and Auditing
All I/O activities of the managed endpoints are notified in real-time to the Management Server and logged in a database. The events are displayed on the Management Console and communicated to security administrators in a variety of formats such as popup messages and email. The events are also made available to enterprise management systems in SNMP traps.
Advanced Security Agent
The Endpoint Agent is protected from attacks by processes, drivers, services and malicious code on your endpoint. It cannot be bypassed even by users who have administrative privileges to their endpoints.
Live Update Mechanism
The Live Update function controls the software version of the Endpoint Agents. It automatically deploys updates when necessary, minimizing the administrative overhead.
Directory Integration
Endpoint Access Manager is integrated with enterprise directory infrastructure such as Microsoft Active Directory and Novell eDirectory. This enables administrators to leverage the existing organizational logical layout of objects and groups. It also allows dynamic discovery of new objects added to the network, and optionally installing an agent on any new endpoint.
Enterprise Management Systems Integration
Endpoint Access Manager is integrated with enterprise management systems such as CA Unicenter, CA eTrust and HP OpenView. This enables administrators to leverage existing management infrastructure and consolidate endpoint security events in unified logs and existing management consoles.
Comprehensive Reporter
Endpoint Access Manager records all endpoint I/O events in an SQL database. A flexible and intuitive reporting module allows administrators to submit customized queries and generate comprehensive reports on endpoint and end user activities. |
|
