By deploying GuardianEdge Device Control, organizations can:
- Restrict Usage to Approved Devices – Allow appropriate connection of devices aligned with policy, and prevent other connections
- Prevent Data Loss or Theft – Monitor copying of data to external storage devices, alert on or block inappropriate transfer.
- Protect Mobile Data – Through seamless integration with GuardianEdge Removable Storage ensure authorized transfer of sensitive information to removable media is protected through strong encryption
- Protect organizations from the risks associated with the loss or leakage of trade secrets, intellectual property, and private information.
- Safeguard critical mobile data by ensuring only the authorized transfer of files to portable devices and portable media
- When combined with GuardianEdge Removable Storage Encryption, allow employees to safely take work home, or information to be securely transferred to partners, suppliers, or customers without putting mobile data at risk.
- Speed deployment and control operational costs by leveraging existing Microsoft Active Directory and Novell eDirectory infrastructure
- Save time and reduce complexity and expenses by managing a complete data protection solution including full disk encryption, removable media encryption, and port and device control through a single management console.
Standard and Platform Editions
- Platform Edition - Integrates with the GuardianEdge suite of data protection products using Active Directory-based policy services and management
- Standard Edition - Supports Novell eDirectory or the GuardianEdge-provided Policy Server for synchronization, policy deployment, auditing, etc.
Wireless Connections
- WiFi, Bluetooth, IrDA
- WiFi control includes MAC address, SSID and security level of network
- Prevents bridging by blocking other ports while connected to the wired corporate LAN
External Ports
- Disable or restrict read and write access
- USB, FireWire, PCMCIA, Secure Digital (SD), parallel, serial, modem
Internal Ports
- Logging and Alert on change
- IDE, SCSI, ATA, SATA, PCI and PCI-X
Storage Control
- Restrict data transfer activity
- Removable storage devices, external hard drives, CD/DVD, floppy, tape
Supported Devices
- All devices connected to ports, by type, serial number, manufacturer, etc.
- Whitelist of devices approved for use
File Control
- Control file types allowed to be read/written to devices
- Approximately 200 built-in file types and 15 file categories
CD / DVD Media White lists
- Allow use or viewing of only approved specific CDs and/or DVDs
Anti-Hardware Keylogger
- Blocks USB and PS/2 hardware keyloggers
U3 and Autorun Control
- Allows access to U3 drives only as regular USB drives
- Protects against auto-launch programs by blocking autorun
Internal / External Database support
- Supports either the internal, provided SQL database or an external SQL compatible database of your choice
Platform Edition - File Shadowing
- Log and/or mirror a copy of all files written to removable media to a central file share
Platform Edition - Active Directory Integrated Administration and Management
- Tightly integrated with Active Directory, enabling GPO-based policy deployment
- Role-based policy administration
- Detailed audit records to verify policy enforcement
Platform Edition - GuardianEdge Removable Storage Integration
- Closely integrated for complete protection of data on removable storage devices using encryption
- Unified reporting provides complete visibility into data transfer activity and security status
OS Support
- Microsoft Windows® XP, Windows 2000, Windows XP Tablet PC, Windows 2003 Server, Windows Vista
- The industry’s only native Active Directory integration
- Single-console administration for endpoint data protection products
- Proven ease of operation
- Non-disruptive user experience
- Simple-to-administer and highly granular data protection policies
- Whitelists of approved devices
- Enables restricting wireless connectivity to authorized networks
- The industry’s only native Active Directory integration
GuardianEdge’s unique approach to management is based on an MMC snap-in architecture, MSI and EXE files for deployment, as well as Microsoft® Active Directory® GPOs for policy control. This approach leverages the significant investment that organizations have already implemented in Active Directory—a scalable, robust and familiar management environment. It includes existing organizational structures such as groups, OUs and domains, role-based administration, training, replication and failover. The result is the industry’s lowest total cost of ownership, with minimal training requirements for IT staff and fast deployments.
back to top
- Single console administration for endpoint data protection products
Enterprises also need common administration for data protection solutions. GuardianEdge enables common policy management, reporting, role-based administration, help desk, key management and other administrative actions for GuardianEdge applications (Hard Disk Encryption, Removable Storage Encryption and Device Control) from the same single management console.
back to top
- Proven ease of operation
GuardianEdge Removable Storage Encryption builds on a 13-year track record of success in creating and managing endpoint data protection solutions. It boasts the highest success rates on deployment, as well as a long list of satisfied blue chip customers. Additionally, service and support for GuardianEdge products—a key component of any enterprise-class solution—meets the highest standards for availability, customer satisfaction and expert assistance.
back to top
- Non-disruptive user experience
GuardianEdge Device Control delivers full protection with minimal intrusion into users’ daily use of their machines. This best-in-class user experience includes customized error messages on detection of restricted actions, simple deployment, offline help desk capability and background operation.
back to top
- Simple-to-administer and highly granular data protection policies
Simple selections for industry best practices or customized policies for either whole organizations, groups, individual machines or other organizational units—combined with the capability to simply and easily tailor policies and simply deploy policies with GPO or native mechanisms—make Device Control easy to customize and manage.
back to top
- Whitelists restrict access to only approved devices
Allows administrators to create whitelists of approved devices and CD/DVDs—either organization-wide (with exceptions if required) or by Active Directory or eDirectory groups and machines.
back to top
- Administrators can restrict wireless connectivity to authorized networks
Enables organizations to protect data from loss over unsecured networks by limiting access to only approved and secured networks. For instance, allow use on internal company wireless networks while rejecting connections to others.
back to top
|
|