Controlled Device Types

Device Whitelisting

Allow or block access on computers for any device based just on its serial number. The Device White-listing feature enables you to assign permissions for devices to users or user groups and workstations. By default, the not allowed devices are automatically blocked by the Endpoint Protector Security Agent. This feature will help you eliminate unknown or unwanted devices in your network, reducing the risk for data leakage and data theft as well as the risk for infecting with unwanted malware.

Device Type-Based Policies

The device type based policies reflect Endpoint Protector’s ability to apply different security policies based on the type of device being used. Whenever the user connects a device, Endpoint Protector knows automatically if it’s a USB device, iPhone, iPad or other type of device. This will allow you to apply more or less rigorous policies on PCs, users or groups depending on what devices are allowed to connect to the protected PC. Certain user groups like a specific company department can use, for example, USB devices that are required for everyday work, while other user groups are not able to connect them to their protected work computers.

Protection Against U3 and Other Autorun Devices

Endpoint Protector is able to protect against and block U3 and other autorun devices that could potentially host malware and other malicious self-executing code. This is an important feature because it can prevent automatic system infections through malware or Trojans.

File Tracing /
File Shadowing

Track all data that was copied to and from USB flash drives or other portable storage devices directly from the Web management interface. With File Shadowing activated, you can even have access to hidden copies of all transferred files. A thorough record of all the flow of information in the network is essential to support audits and controlling data leakage.

File Tracing

In order to minimize data loss, you and the top management of the company will want to know what kind of files users are copying on USB devices. With Endpoint Protector, you will have this information for later auditing. When enabled, it logs all data-related activities (accesses) and stores it. All actions such as read, write, file deletion, file renamed, etc. are recorded, along with the user who performed them and the device the data originated from or which it was copied to.

File Shadowing

File Shadowing is a very powerful and helpful feature. When enabled, it creates exact replicas of all files in transit from USB removable storage devices and stores them on either local or network storage as physical evidence for later audits. This feature captures the flow of information into and out of the protected network, reducing risk and containing data leakage.

Online Device Report / Plug & Play Devices Report

The Online Device Report allows the administrator to generate and display USB and all other removable devices that are currently connected to computers in the protected network.

Detailed and Comprehensive Logs

The Endpoint Protector client is capable to record detailed security-related information that is reported to the Endpoint Protector Server (even from disconnected/offline clients). Detailed information is essential when it comes to analyzing of security problems and troubleshooting (Activity Logs on the Management Server and the Client Activity Logs, System Logs, File Traffic Logs and File Shadow Logs).

Log File Export

All displayed log entries can be saved and exported in Excel file format for detailed analysis.

Flexible Log Queries

Administrators can search logs and sort results; multiple entries can be stacked together to condense information for a detailed and easy to interpret report. Powerful log analysis is enabling a quick drill down to a specific security issue.

Detailed and Comprehensive Management Server Logs

If you want to see what activity a certain user performed regarding devices, you can. (Check at any time what device related activities a user performed inside the network). The Endpoint Protector client is capable to record detailed security-related information that is reported in the web administrative console. Detailed information is essential when it comes to analyzing security problems and troubleshooting (Activity Logs on the Management Server and the Client Activity Logs, System Logs, File Traffic Logs and File Shadow Logs). All displayed log entries can be saved and exported in Excel file format for detailed analysis.

Unified Log Management and Reporting

All logs are stored and displayed in a common format. This delivers a powerful forensic analysis by identifying the relationship between device, user, PC and traced and shadowed files.

Decentralized Files Storage

Shadow files, file trace logs and general log files are stored with each application server, maintaining central access from the management console.

Bi-Directional Shadowing Option

Bi-Directional Shadowing records complete files that is read from and/or written to a removable device. Captures the flow of information into and out of the protected network, reducing risk and containing data leakage.

Defining Rights

Simple device management policies will help you define User group permissions, allowing an efficient enforcement and maintenance of the predefined security policies across the network.
Being able to block USB flash drives or other portable devices and track data going on them will help you comply with government regulations, industry standards and IT governance in regard to data leakage prevention.

User-based Policies

You can give Endpoint Protector the capability to apply policies based on the user being logged on the protected computer. This allows a consistent policy for a particular user wherever that user might log in within the protected network.

Computer (Machine)-based Policies

You can give Endpoint Protector the capability to apply policies based on the computer being used. This allows a consistent policy on a particular PC regardless of who is using it.

Synchronization with Active Directory

Leverages user and user group definitions in existing Active Directory. This feature gives you one more ways to differentiate users from each other and control them without having to re-create the user list manually.

Group Inheritance of Policies

Group Inheritance of Policies describes the capability to have sub-groups take on the properties of the parent group(s).

Group-Based Administrative Rights & Privileges with Detailed Logs

Allow an administrator to grant specific administrative rights and privileges for specific groups of administrators to perform certain operations. All administrative actions are logged as are all client-server communications. Group-based rights facilitate the appropriate distribution of administrative rights throughout the organization while detailed logging provides accountability.

Real-time Client Status Monitoring

Real-time Client Status Monitoring allows to monitor the status of clients (user, OS, security policy/profile, etc.) in real-time.

Access/User Notifications

If a user connects a USB device when not allowed, Endpoint Protector will block the device and issue a notification for the user.

Disconnected/Offline Remote Computer Protection

If a computer doesn’t have access to the network, Endpoint Protector will maintain constant security by keeping a local copy of the last list of policies and permissions on the PC. Endpoint Protector secures computer regardless of network connection and ensures that remote or disconnected users are also protected.

Push Changes to Permissions

Permission changes for devices can be pushed to one user or groups at once. Implements new policies regarding device use immediately - no reliance on reboot or restart of network connection.

Device-based Policies

This feature enables you to allow or block USB flash drives or other devices based on their unique characteristics(Ids). For instance you can create a rule where you can allow a USB stick from a certain manufacturer to connect on certain computers and block it for all the others. This feature gives you significant control over what devices are used on protected clients.

Web-based Interface

The reporting and administration interface can be accessed directly through an Internet browser and does not require the installation of a management application.

Device-Centric Blocking Engine

A device-centric firewall is critical to blocking device-based intrusions intended to spread Trojans and other malicious code through removable storage devices. With Endpoint Protector, only safe devices will be used in your company environment.

Self Defense Feature

Even in networks where employees have administrative privileges on their PCs, the improved Self Defense Feature makes it extremely difficult to circumvent the application on their PCs. The Self Defense feature also requires the user to enter a centrally managed password when trying to uninstall the software.

Security Agent Predefined Modes

The predefined security agent modes allow the use of pre-defined functionality modes for the protected PCs security agent. These modes include Stealth Mode, Transparent Mode and Panic Mode besides the customizable Normal Mode.

Encrypted Client-Server Communication

The communication of policies, files, and authentication information between clients and server is encrypted with a secure encryption algorithm (RC4 128bit) to prevent viewing or manipulation of the firewall policies and transmitted data.

Integrated Policy Management, Distribution, Enforcement, and Reporting Server

All management capabilities are integrated into one Web administration and reporting application.