Safend Protector and Safend Auditor

Regain control of external devices connected to your Windows PCs

The Threat:

The proliferation of products using USB, Bluetooth and other protocols makes it easy to connect unauthorized external devices to enterprise PCs. This poses two distinct security threats: information leakage and targeted attacks.

Visibility:

The proliferation of products using USB, Bluetooth and other protocols makes it easy to connect unauthorized external devices to enterprise PCs. This poses two distinct security threats: information leakage and targeted attacks.

Control:

Safend Protector is an innovative end-point security solution, integrated with Microsoft Active Directory, that shields against network infiltration and data leakage by actively preventing unauthorized connections to local physical end-points such as USB, Firewire, PCMCIA; wireless end-points including WiFi, Bluetooth, and IrDA; and removable and physical storage devices.

With Safend Protector, IT administrators can quickly gain visibility and control over the myriad of devices users connect to their desktops and laptops, including media players, cameras, PDAs, Smart Phones, Disk on Keys, and other storage devices such as CD/DVD drives and iPods.

To regain control of your endpoints, you need to assess your risk, create a granular corporate policy, and implement it with minimal overhead and maximum protection.

Safend's 'Auditor' and 'Protector' provide comprehensive visibility and policy enforcement, enabling you to adopt technologies that enhance productivity without risking information security.

Safend Protector detects and allows restriction of devices by device type, model or even specific device serial number. For storage devices, Safend Protector allows security administrators to either block all storage devices completely or permit read-only. WiFi controls are based on MAC address, SSID, or network security level.

Auditing and Reporting

Device Control

Safend Auditor

Comprehensive auditing of all locally connected USB, FireWire, PCMICA devices

Safend Protector

Granular policy enforcement and control of physical ports, wireless ports, and removable storage media

Security Policy – Flexible Strategy, Simple Implementation

Safend Protector creates forensic logs of all data moving in and out of the organization, allowing administrators to create policies that don’t necessarily restrict device usage, but allow full visibility device activity and content traffic.

Through a built-in and flexible management console, Safend Protector allows administrators to create comprehensive and granular endpoint security policies. Policies are exported directly to Active Directory as Group Policy Objects (GPOs), ready to be assigned to relevant Organizational Units (OUs) and silently installed on clients.

With built-in alerting capability, administrators can get immediate notifications of any activity that needs immediate response. Alerts are available via email, SNMP, Syslog, Windows Event Viewer, popup messages and even custom scripts.

Uncompromised Control with Tamper-Proof Agent

Safend Protector’s lightweight and tamper-proof client-side agents are easily deployed, installed silently at the endpoint with no reboot required.

The Protector agent operates at the kernel level, and includes redundant, multi-tiered anti-tampering features to guarantee permanent control over endpoints. Even local administrators can’t circumvent security policy. In addition, agents are invisible to end-users until a non-approved device is connected, at which time a custom-defined notification appears.

Safend Protector Advantages

• Granular control -- detects and restricts devices by device type, device model or unique serial number
• Policy flexibility -- separate policies can be defined for any domain, group, computer, or user; policies are easily associated with Active Directory Organizational Units (OUs) for GPO update
• Advanced policy enforcement -- via independent, kernel-level, real-time analysis of low-level port traffic
• Secure agent – silent deployment, redundant multi-tiered anti-tampering prevents security policy circumvention
• Intuitive management -- seamlessly integrates into Active Directory or other network management software
• Easy auditing and visibility- Encrypted logs and alerts can be viewed in the management console or integrated with third-party software for comprehensive analysis or immediate notifications
• Multilingual – Safend Protector speaks your language, allowing easier local administration

What’s New in Safend Protector v3.1

The newest version of Safend Protector introduces additional strong security features and enhanced usability:

• Granular WiFi control - by MAC address, SSID, or the security level of the network
• File name logging – creates forensic logs of all data moving in and out of the organization via removable storage
• Cisco NAC integration - creates rules that mandate the presence of Safend Protector Client before the endpoint is allowed on your network
• U3 and autorun control – turns U3 USB drives into regular USB drives while attached to organization endpoints, and protects against dangerous auto-launch programs by blocking autorun
• Anti Hardware Key Logger - detects and blocks keyloggers connected to USB keyboards, preventing attempts to record your keystrokes
• Usability, management and other functional enhancements - tighter Active Directory integration, OTP for suspending agents securely, defining roles within the management console, server architecture, enhanced logging, alerting and reporting, and integral interfaces to third party management tools