GFI EndPointSecurity

More Information

Control network access of portable storage devices and drives, such as USB drives, iPods and PDAs

You have invested in network anti-virus software, firewalls, email and web content security to protect against external threats.  Yet any user can come into the office, plug in a USB drive the size of the average keychain and take in/out over 80 GB of data.  This poses a tremendous threat: Users can take confidential data or they can unknowingly introduce viruses, trojans, illegal software and more – actions that can affect your network and company severely.  Yet, as an administrator you have no way to control this!  Group policy offers no control and total lock down of USB ports is no sustainable solution.

Prevent data theft and virus infection from within with endpoint security software

According to a 2005 FBI Computer Crime Survey, 44% of organisations have reported network intrusions from within their own organisations.  Technology analyst Gartner warns that portable devices containing a USB or FireWire connection are a serious new threat to businesses.  In their report, Gartner named portable storage devices as a significant security risk in the workplace and advised that these can be used both to download confidential data, and also to introduce a virus into the company network.

Regain control over your network with GFI EndPointSecurity

GFI EndPointSecurity allows administrators to actively manage user access and log the activity of:

• Media players, including iPod, Creative Zen and others
• USB drives, CompactFlash, memory cards, CDs, floppies & other portable storage devices
• PDAs, BlackBerry handhelds, mobile phone and similar communication devices
• Network cards, laptops and other network connections.

Why choose GFI EndPointSecurity?

• Blocks insider data theft by fully controlling access to portable storage devices like memory cards, CDs, USB drives and more
• Prevents the introduction of viruses and unauthorised software by controlling all endpoint connectable devices such as PDAs, laptops and more
• Allows administrators to exercise group-based control over a wide array of portable devices without affecting authorised users
• Prevents productivity loss by blocking unauthorised uploads of games and other personal files from portable storage devices
• Ships with three protection policies: for laptops, workstations and servers.  

Features

Control user access and log the activity of portable storage media like USB memory sticks, SD cards and more

USB sticks are one of the main threats as they are small, easily hidden and can store up to 4 GB of data.  GFI EndPointSecurity recognises USB storage sticks in addition to any device that can be mounted as a hard disk (whether accessed via USB, FireWire, etc.).  For example, plugging a digital camera into a USB port gives users access to storage on an SD card; SD cards are available in several sizes including 2 GB and over.  View screenshot.

Control access to CDs and floppies

You can centrally disable users from accessing CD/DVD drives as well as from reading or writing data to and from floppy disks.  This way, you can block normal users from bringing in data that could be harmful to your network, such as viruses, trojans and other malware.  Although you can switch off CD and/or floppy access from the BIOS, in reality this solution is impractical: You would have to physically visit the machine to temporarily switch off protection and install software.  In addition, advanced users can hack the BIOS.

Protect your network against the threats posed by non-removable media devices

GFI EndPointSecurity protects your network against non-removable media devices by allowing you to lock down a machine to a specific hardware level, guaranteeing protection against Bluetooth devices, network cards and more.

Easily configure group-based protection control via Active Directory

You can configure and categorise computers into different protection groups: For each group you may specify different levels of protection and devices to allow or disallow access to.  You can also leverage the power of groups and make an entire department a member of the group and easily change the settings for the entire group.  Configuration of GFI EndPointSecurity is effortless and leverages the power of Active Directory and does not require the administrator to remember and keep track of which policies were deployed to which computers.  Other storage control software requires cumbersome per-machine administration, forcing you to make the changes on a per-machine basis and update the configuration on each machine before the settings can take effect.

Granular access control

GFI EndPointSecurity enables you to allow or deny access to a device as well as to assign read only or full access privileges (where applicable) over every supported device (such as PDAs) on a user by user basis.

Log device-related user activity

With GFI EndPointSecurity you can log device-related user activity to both the event log and a central SQL Server.  A list of files accessed to/from the device is recorded whenever users plug in devices both successfully and unsuccessfully.

NEW! – Get full reports on device usage with the GFI ReportPack add-on

The GFI EndPointSecurity ReportPack is a full-fledged reporting add-on to GFI EndPointSecurity.  This reporting package can be scheduled to automatically generate graphical IT-level and management reports based on data collected by GFI EndPointSecurity, giving you the ability to report on devices connected to the network, device usage trends, files copied to and from devices (including actual names of files copied!) and much more.

Includes remote deployment tool

The GFI EndPointSecurity remote deployment tool can deploy the agent network-wide in a few minutes.  You can configure to deploy domain-wide, per computer or to a list of computers.

Centralised control facilitates temporary access

Because you can easily add/remove a user to a group in Active Directory, it is simple to grant temporary access to a removable media, floppy or CD.  Temporary access may be occasionally required, but should not mean that you cannot control access the rest of the time.

Other features:

Support for operating systems in any Unicode-compliant language

Report Pack Add-on

Get full reports on device usage - including actual filenames transferred to and from devices - with the GFI ReportPack add-on

The GFI EndPointSecurity ReportPack is a full-fledged reporting add-on to GFI EndPointSecurity.  This reporting package can be scheduled to automatically generate graphical IT-level and management reports based on data collected by GFI EndPointSecurity, giving you the ability to report on devices connected to the network, device usage trends by machine or by user, files copied to and from devices (including actual names of files copied) and much more.

The GFI EndPointSecurity ReportPack allows you to create different types of reports, including:

• Executive reports: Provide an overview of blocked devices and portable storage device usage trends
• Statistical reports: Provide portable device access and usage statistics
• Technical reports: Provide a list of filenames copied to/from your network to devices broken down by user
• Top 20 reports: List the top 20 users, machines, devices and application which peaked connection activity.  

To view some sample reports, check out the examples in the library.

NOTE: The GFI EndPointSecurity ReportPack is an add-on to the GFI EndPointSecurity software; please download and install GFI EndPointSecurity before installing the ReportPack.