Robust Endpoint Information Leakage Prevention
Safend Protector is a component of the Safend Data Protection Suite
Stop Information Leakage through Endpoints and Removable Media
Safend Protector is the industry's most comprehensive, secure and easy-to-use endpoint data leakage prevention solution - controlling every endpoint and every device, over every interface.
Safend Protector monitors real-time traffic and applies customized, highly-granular security policies over all physical, wireless and storage interfaces, including:
Safend Protector detects and allows restriction of devices by device type, model or even specific device serial number. For storage devices, Safend Protector allows security administrators to either block all storage devices completely, permit read-only or encrypt all data. It also monitors, blocks and logs files that are downloaded to or read from these devices. WiFi controls are based on MAC address, SSID, or network security level.
Policy Administration
Security Policy – Flexible Strategy, Simple Implementation
Safend Protector creates forensic logs of all data moving in and out of the organization, allowing administrators to create policies that don’t necessarily restrict device usage, but allow full visibility device activity and content traffic.
Through a flexible management console, Safend Protector allows administrators to create comprehensive and granular endpoint security policies.
With built-in alerting capability, administrators can get immediate notifications of any activity that needs immediate response. Alerts are available via email, SNMP, Syslog, Windows Event Viewer, popup messages and even custom scripts.
Tamperproof Agent
Uncompromised Control with Tamper-Proof Agent
Safend Protector’s lightweight and tamper-proof agents are easily deployed, installed silently at the endpoint. The Protector agent operates at the kernel level, and includes redundant, multi-tiered anti-tampering features to guarantee permanent control over endpoints. Even local administrators can’t circumvent security policy. In addition, agents are invisible to end-users until a non-approved device is connected, at which time a custom-defined notification appears.
Features
Safend Protector Advantages
Granular control - detects and restricts data transfers by device type, device model or unique serial number.
Data Awareness - controls the transfer of files both to and from external storage devices according to the file types. inspects files for their type and controls the transfer of unauthorized file types to and from external storage devices.
Removable Media Encryption – encrypts corporate data in motion on removable storage devices, external hard drives, and CD/DVDs.
Track offline usage of removable storage - tracks file transfers to/from Safend encrypted devices on non-corporate computers (offline).
Built-in compliance policies - includes detailed configurations for achieving security policies that are mapped to specific regulatory compliance standards such as PCI, HIPAA and SOX.
Granular WiFi control - by MAC address, SSID, or the security level of the network
Anti bridging - prevents hybrid network bridging by blocking WiFi, Bluetooth, Modems or IrDA while the PC is connected to the wired corporate LAN.
Anti hardware keylogger - blocks or detects both USB and PS/2 hardware keyloggers.
U3 and autorun control - turns U3 USB drives into regular USB drives while attached to organization endpoints, protecting against auto-launch programs by blocking autorun.
Flexible and intuitive management - automatically synchronizes with Microsoft Active Directory and Novell eDirectory.
Interface for content inspection add-on - examines file “content”, before it is allowed to be downloaded to an external storage device.
