Implementing new security policies often impedes productivity as users can no longer perform some familiar tasks and have to change the way they perform others. The challenge for IT departments is to find a balance between maximizing security and preserving the continuity of business processes.
Data security made easy — It takes just a few steps to significantly increase the security of your corporate data and to eliminate the dangers from uncontrolled use of USB and other ports. With DriveLock you can put an end to the use of unapproved devices. To keep your information secure in transit, DriveLock can encrypt the data on internal and external drives and other storage devices. This includes hard drives, USB flash drives, SD media, eSATA drives and even CDs and DVDs you burn. Encryption can be enforced if your corporate policies require that all data on portable storage devices must be secured. Administrators have access to simple-to-use helpdesk tools to quickly and securely restore access to a device if someone forgets a password. No knowledge or transmission of a central password is required to generate a one-time passcode that restores access.
DriveLock is a leading solution for controlling your endpoints. It can protect desktop computers and laptop computers, but also virtual desktops and thin clients. In addition to comprehensive port control, DriveLock offers extensive encryption options and comprehensive application control - all of this is configured and administered centrally using a single management console that is available in multiple languages. And because DriveLock's architecture is so straightforward, it is successfully used worldwide to protect small networks as well as large enterprises. DriveLock offers dynamic access control for drives (floppy disks, CD-ROMs, USB flash drives, etc.) and also controls all other device types, such as Bluetooth, Palm, Windows Mobile, BlackBerry, and other smart phones. Using whitelist rules (based on device type and hardware ID), you can specify exactly who can use which device at what time. You can even create detailed rules for the use of removable drives based on the drive's manufacturer, model and unique serial number to achieve granular definition and implementation of access rules. Other features let you enable access to specific authorized media, set time limits and create exceptions for certain users, groups, computers and networks. These are just a few of the customization options that are available to let you enforce the exact device usage policies you require. To give a user temporary access to a blocked device, you can use temporary unlocking, even when the computer is offline and not connected to your network.
DriveLock policies are very easy to configure, and distribution of the policy settings to client computers is just as easy. Because of DriveLock's integration with Active Directory Group Policy, no separate infrastructure or servers are required to apply policy changes to clients. If Active Directory is not available (for example in Novell networks), you can instead distribute policies to a single computer or an entire network by using configuration files. To help create a stress-free implementation phase, DriveLock includes a Simulation Mode, which lets you test all policy settings without impeding user productivity because of configuration errors or unanticipated effects of policy enforcement. The built-in Agent self protection lets you decide whether you want complete protection against any tampering with the DriveLock Agent or whether administrators and helpdesk personnel are allowed to disable the Agent for troubleshooting. At every step along the way, you will experience DriveLock's "simple but secure" philosophy.
DriveLock doesn't force you to adjust the way you work to the tools you're using. Instead, you can customize DriveLock to make it work according to your needs. The modern-looking and intuitive DriveLock Console is implemented as an MMC snapin. Experienced IT administrators will immediately feel at home and can take advantage of the flexible configuration options. You can easily adjust the management console to your preferences and experience level. Choose the classic MMC mode or the taskpad mode, which provides additional information about the available configuration choices. To help you get started with DriveLock, there's also a Starter Mode that assists you with the initial configuration steps. Once you're proficient, you can turn off this mode and get access to all configuration settings.
DriveLock can help you increase security awareness among your staff. For example, you can configure DriveLock to let users access to removable devices only after they have reviewed your corporate policy and have indicated that they will comply with it. Of course you can audit and document which users have signaled accepted. You can even make device access dependent on a password that you only provide to users who have attended a security training class. Instead of placing the burden of security on your IT department, you can incorporate your entire staff and DriveLock into your forward-looking security strategy.
The integrated leading-edge application control can help protect your network against some of the most dangerous threats: zero day exploits, brand-new Trojan horse programs, industrial espionage and data theft. DriveLock lets you utilize the full breadth of this technology. You simply decide which users can run which applications on which computers; DriveLock's Application Launch Filter takes care of the enforcement. The power of DriveLock's application control vastly exceeds the basic protection in Windows 7 and offers unique flexibility. You can choose from several criteria for specifying allowed applications: hash values of executable files (for a single file, or based on a scan of an entire computer), certificate checking and file ownership. You can easily combine these criteria and use them to either enable or prevent the starting of any program. Other rule types let you easily configure access to common groups of applications, such as Windows system files. Other device control solutions require you to configure complicated sets of rules that need to be frequently updated. With DriveLock you can often achieve the same protection with just a few rules that require minimal or no updating.
Using administrator-defined network profiles, DriveLock instantly detects the network a computer is connected to and can automatically adjust configuration and policy settings. You can also disable wireless connections whenever computers are connected to your corporate network to prevent cross-network links between your network and unauthorized wireless networks. Finally, network profiles let you block applications, such as Skype, when a computer is connected to the corporate network, while unblocking these applications when a user is on the road. It's hard to imagine endpoint security that's more effective.
Security in terminal server environments and the Cloud. DriveLock can handle this too. DriveLock lets you control and secure the use of USB flash drives on thin clients and on server-based desktops in a virtual client infrastructure. You can even use DriveLock's file filter to limit data transfers to only allowed file types, such as Microsoft Office documents. You get maximum flexibility for enforcing corporate policies without impeding employee productivity. DriveLock can be an important element in securely and efficiently migrating clients into to a centrally managed environment.
Compare DriveLock to similar security solutions and you'll quickly realize that DriveLock not only includes all protection mechanisms they do, but it also adds unique features that no competitor can match. DriveLock makes it easy to centrally control the protection of your data, without requiring additional servers. Quick Links: » Core Protection: Drives and Devices » Removable Media Encryption - DriveLock Encryption 2-Go » Full Disk Encryption » Reports and Auditing » Application Launch Filter (Application Control) » Administration » System Requirements
DriveLock 6, the newest version of the award-winning endpoint security solution, was released in April 2010. DriveLock 6 contains many improvements to existing features and also includes the following new functionality. Quick Links: » DriveLock Application Launch Filter » Reporting und Analysis » New Drive Control Functionality » Architectural Changes » Re-Designed User Interface » Quick and Easy Implementation
Because you can easily combine criteria for allowing or blocking applications, you only need to create a few rules before DriveLock can enforce your settings. Compare this to other solution that require you to define a complicated set of rules that need to be updated frequently. DriveLock's simplicity makes it an ideal tool for implementing effective application control in both small organizations and large enterprises without requiring extensive administrative resources.
The new release of DriveLock contains a completely re-designed and much improved version of the Application Launch Filter (ALF). If you previously used the ALF, you will still find all familiar features, including the test mode, the application hash database (which can be based on all applications on an entire hard drive) and rules that cover all programs that are part of the operating system or all .NET applications. You can also continue to use a combination of whitelist and blacklist rules for maximum flexibility. This wide spectrum of options for configuring which users can run which programs on which computers lets you define policies that reflect your organization's unique security requirements. The DriveLock Application Launch Filter takes care of implementing your policies. The functionality provided by DriveLock goes far beyond the basic application control included in Windows 7 and affords you unique flexibility.
DriveLock 6 adds two new types of application rules that you can use to block or allow applications based on additional criteria: File Owner Rules and Certificate Publisher Rules. When enforcing a File Owner Rule, the DriveLock Agent checks whether the ownership of a program file, for example Administrator or System, matches the policy setting. Because Windows automatically sets the file ownership when a program is installed, you can use this type of rule to easily allow the use of all applications that were installed by an authorized administrator or a trusted service account. Applications that were installed by any other user or standalone applications are automatically blocked. One advantage of using File Owner Rules is that DriveLock continues to enforce the current policy even after a program is updated centrally or locally by an authorized administrator.
Certificate Publisher Rules can verify the origin and version of a program file. You can use this type of rule to allow or deny the use of applications based on a specific software certificate, the certificate's issuer, the software publisher or the program version. For example, you only need a single rule to easily allow the use of all in-house applications that are signed with your organization's software certificate or all applications published by a trusted software vendor.
DriveLock 6 lets you view a report of all configuration settings and save the configuration as an XML file. This lets you easily document your current configuration settings and make it available for compliance reporting.
The biggest change in DriveLock 6 is how it re-defines the analysis of security data. The new DriveLock Control Center contains all tools you need to quickly generate a relevant overview of your entire DriveLock deployment and endpoint activity. In addition to comprehensive and flexible reporting features, the DriveLock Control Center contains tools to enable forensic analysis of events. It lets you easily pinpoint relevant monitoring data and investigate all aspects of client activity that are unusual or that represent security risks. The report types that were available in previous versions have been enhanced with more powerful filtering options and they are complemented by new report types.
You can use the DriveLock Control Center to drill down into your data to discover the background of event data and to discover hidden connections between events. Your starting point could be a specific user, a single file or a flash drive you found in the parking lot. For example, you can start with a report that identifies all files that were copied to a specific flash drive during a certain time period. Taking this information you can then easily find out which other flash drives these files were copied to and all computers where those drives were used. As you are adjusting your search criteria you can easily back-track, return to the original data and investigate other aspects that are hidden in your event data. The flexibility of this method allows you to gain insight into what's going on in your network and helps you assess the impact of security incidents.
In addition to the drive types you could control using previous versions, DriveLock 6 lets you control the use of SD cards and internal drives. You can also control the increasingly popular external eSATA drives, which connect to computers using the same hardware bus as internal SATA drives.
Drive whitelist rules can now include multiple file filter templates, enabling you to use a combination of allowed and blocked file types in such rules. You can now also enforce all drive rule options on a per-user or per-group basis, including enforced encryption and automatic execution of scripts. For example, you can now require encryption for all flash drives but still allow helpdesk personnel to use unencrypted drives.
If you want to give your users autonomy over the use of removable drives instead of categorically blocking them, you can enable users to authorize the use of such drives themselves, for example by typing a password you gave them. Because user education is a critical component of network infrastructure security, you can also configure DriveLock to display a notification before a user can access a removable drive. Such a notification can contain tips for securely using removable media, an excerpt of your organization's security policy, or a warning that the use of removable media is allowed and user activity is logged. You can even configure the notification to play a video file. The new notification capabilities can help you improve users' security awareness without much effort.
Previous versions of DriveLock included the ability to create shadow copies of files that users accessed on removable drives or copied to such drives. DriveLock 6 extends this functionality to CDs and DVDs that users create. If you allow the use of CD/DVD burners, DriveLock can create a complete copy of each disc and save it to a central location. The shadow copy is stored as an ISO file and is a complete image of the disc. You can use many common tools to view the data that is contained in an ISO image
DriveLock 6 replaces the Security Reporting Center (SRC), including the SRC Server and the SRC Management Console, with new components. Only the central SQL database remains in place and is being expanded. Instead of the SRC, DriveLock uses the new DriveLock Enterprise Service to combine the functionality of the following older components into a central service:
As a result of the new architecture there is no longer a need to run Microsoft Internet Information Services on the central server. The DriveLock Enterprise Service can run on a dedicated server or it can be co-located on any existing server that meets the hardware requirements. The DriveLock Enterprise Service can use an existing instance of Microsoft SQL Server, either on the same server or on a remote server. You can also use the free SQL Server Express version, which is sufficient for many smaller environments.
The new DriveLock Control Center (DCC) replaces the SRC Management Console. The DCC is a standalone application instead of an MMC snap-in, which means fewer limitations to appearance and functionality of the application. This results in faster performance and better usability in the current version and will enable additional functionality in future versions.
The architectural changes allow for an even easier installation experience because there are fewer system and network prerequisites. As a result, daily use and administration are less complex and many tasks can be performed more efficiently. System stability is increased and if a problem occurs, troubleshooting is streamlined and easier.
The DriveLock Management Console has been updated to include a modern user interface that is visually appealing, consistent with current design standards and even easier to navigate. Many of the existing Task Views have been redesigned and let administrators view the current configuration settings without having to switch to the "Classic MMC View". This can simplify and streamline both administration and troubleshooting.
The DriveLock Management Console contains a new Basic Configuration section (Starter Mode) to make it easier for you to configure most common aspects without being distracted by advanced settings. This process is aided by many wizards. Administrators who are new to DriveLock or don't frequently configure DriveLock policies will find administration tasks to be much easier to perform. At the same time they can be confident that they configured everything that's required to implement DriveLock without missing critical settings. Experienced DriveLock administrators can hide the Basic Configuration.
Administering whitelist rules is made easier by the addition of folders. To help you keep track of a large number of whitelist rules, you can now create folders and subfolders to organize these rules. For example, you can group whitelist rules by department or by device type (one folder for rules covering Kingston flash drives, another folder for rules covering SanDisk flash drives). Similarly, file filter templates can be grouped into folders, for example one folder for all Microsoft Office file types.
The goal of the changes to the DriveLock Management Console is to make it even easier to get started implementing DriveLock and to enable you to quickly and easily integrate DriveLock into your current network and security infrastructure. The main benefits are improved data security and reduced administration costs.
The previous versions of DriveLock included a test mode for the Application Launch Filter that lets you test policy settings in a live environment without negatively impacting users. This test mode has been expanded and now covers all areas of DriveLock. You can now extensively test all policy settings, including whitelist rules, for as long as you need to be confident that everything works as expected. In test mode the DriveLock Agent analyzes policy settings but doesn't block drives, devices or applications. The Agent performs all event reporting and displays all configured user notifications and dialog boxes. Once you have confirmed that everything works as expected, you can change your policy to enforce the settings. It's hard to imagine how implementing ednpoint protection could be any easier.
DriveLock is available in several editions that include different protection mechanisms. The following table shows the differences between these editions and the features included in each of them.
Full Disk Edition
Legende: ... Included ... Available as add-on
DriveLock
About CenterTools
Helpful Links
Terms Of Use | Privacy Statement | Copyright 2010 by CenterTools