The Device Whitelisting allows assigning of permissions for authorized devices to user or user group, and by default those devices not authorized are not allowed and automatically blocked by the Endpoint Protector Security Agent.
Eliminates unknown or unwanted devices in your network, reducing the risk of data leakage, accidental data loss or data theft.

The device type based policies reflect Endpoint Protectors ability to apply different security policies based on the type of device being used. This allows administrators to apply more or less rigorous policies on PCs, users or groups depending on what devices are allowed to connect to the protected PC.
Certain user groups like a specific company department can the use of digital cameras allowed that are required for everyday work while other user groups are not able to connect them to their protected work computers.

Endpoint Protector is able to protect against and block U3 and other autorun devices that could potentially host malware and other malicious self-executing code. This is an important feature because it can prevent automatic system infections through malware or Trojans.

The complete functionality of the management interface can be accessed through an Internet browser and does not require the installation of a management application.

The Device-Centric Firewall Engine enables the client-side “USB Firewall” to allow or deny devices based on their unique characteristics (IDs). For instance, a rule can be created to allow only devices from a certain manufacturer to connect to protected computers and disallow all others from doing so. This feature gives the administrator significant control over what devices are used on protected clients. A device-centric firewall is also critical to blocking device-based intrusions intending to spread Trojans and other malicious code based on removable storage devices.
Knowing that only safe devices are being used in the companies’ environment, preventing infiltration of malicious code is a key benefit.

While on the road and without a connection to the office network, devices can be allowed by the Administrator for a specific period from 30 minutes to 30 days.

Even in networks where employees have administrative privileges on their PCs the improved Client Self Defense is making it extremely difficult to circumvent the application on their PCs. The Self Defense feature also requires the user to enter a centrally managed password when trying to uninstall the software.

The predefined security agent modes allow the use of pre-defined functionality modes for the protected PCs security agent. These modes include Stealth Mode, Transparent Mode and Panic Mode besides the customizable Normal Mode.

The Client Security Engine Self-Defense Mechanism ensures that the actual Client Security Agent Engine can not be stopped by a user who attempts to circumvent security policies, even if the user has local administrator privileges.

The communication of policies, files, and authentication information between clients and server is encrypted with a secure encryption algorithm (RC4 128bit) to prevent viewing or manipulation of the firewall policy and transmitted data.

All management capabilities are integrated into one Management Application.

User-based Policies give the Endpoint Protector Client Security Agent the capability to apply policies based on the user logged in to the protected computer.
This allows the policy to follow the user wherever that user might log in within the protected network.

Computer (Machine)-based Policies give the Endpoint Protector Client Security Agent the capability to apply policies based on the computer being used.
This allows a consistent policy on a particular PC regardless of who is using it.

User / Administrator Policy Arbitration give the system the capability that administrators can customize a particular user’s level of control of their security policy.
It includes the capability of preventing the power user from overriding enterprise security policy settings.

Leverages user and user group definitions in existing Active Directory.
This feature gives administrators one more way to differentiate users from each other and control them without having to re-create the user list manually.

Group Inheritance of Policies describes the capability to have sub-groups take on the properties of the parent group(s).
This allows for more granular administrative control.

The Group-Based Administrative Rights & Privileges with Detailed Logs allow an administrator to grant specific administrative rights and privileges for specific groups of administrators to perform certain operations. All administrative actions are logged as are all client-server communications.
Group-based rights facilitate the appropriate distribution of administrative rights throughout the organization while detailed logging provides accountability.

Real-time Client Status Monitoring allows to monitor the status of clients (user, OS, security policy/profile, etc) in real-time

System Tray notification messages displayed to end user are signaling if desired the denied access to connected removable devices.

Disconnected/Offline Remote Computer protection provides constant security by keeping a local copy of the last list of policies and permissions on the disconnected PC.
Secures computer regardless of network connection and ensuring that remote or disconnected users are also protected.

Permission changes for devices can be pushed to one user or groups at once. Implements new policies regarding device use immediately – no reliance on reboot or restart of network connection.

Only authorized files (e.g. product brochures PDFs) can be transferred to authorized devices. All other files are blocked and attempted file transfers are recoded and reported.

File Shadowing (Data Shadowing) is a powerful feature for administrators. When enabled, it creates exact replicas of all files in transit from removable storage and stores them on either local or network storage as physical evidence for later audits.

File Tracing when enabled, logs all data-related activity (accesses) and stores it for later auditing. All actions such as read, write, file deletion, file renamed, etc. are recorded, along with the user who performed them and the device the data originated from or which it was copied to.

The Endpoint Protector client is capable to record detailed security-related information that is reported to the Endpoint Protector Server (even from disconnected/offline clients). Detailed information is essential when it comes to analyzing of security problems and troubleshooting (Activity Logs on the Management Server and the Client Activity Logs, System Logs, File Traffic Logs and File Shadow Logs).

The Online Device Report allows the administrator to generate and display USB and all other removable devices that are currently connected to computers in the protected network.

All displayed log entries can be saved and exported in Excel file format for detailed analysis.

Administrators can search logs and sort results; multiple entries can be stacked together to condense information for a detailed and easy to interpret report.
Powerful log analysis is enabling a quick drill down to a specific security issue.

Detailed and Comprehensive Management Server Logs record all significant events: administrator activity such as logging in, changing policies, viewing logs, creating accounts; management server system events such as service started/stopped; client activity such as client downloaded new policy, etc are all recoded in detail for future reference.

All logs are stored and displayed in a common format.
This delivers a powerful forensic analysis by identifying the relationship between device, user, PC and traced and shadowed files.

Shadow files, file trace logs and general log files are stored with each application server, maintaining central access from the management console.

Bi-Directional Shadowing records complete files that is read from and/or written to a removable device.
Captures the flow of information into and out of the protected network, reducing risk and containing data leakage.

No more unencrypted data will be stored on portable storage devices. This feature reflects the Endpoint Protector Security Agents ability to recognize and allow the usage of certain types of devices. The use of TrustedDevices gives the security that in a corporate environment all the endpoint devices are not only authorized and controlled via Endpoint Protector and security policies but also certified and trusted to protecting sensitive and confidential data in transit. This will assure that in the event a device is stolen or lost all the data stored on it is encrypted and therefore not accessible if it gets into the wrong hands. Depending on hardware budgetary and security level requirements, the TrustedDevice technology offers solutions for all industries and requirements.

The integrated support for TrustedDevices reflects the Endpoint Protectors ability to handle certified and trusted devices via the TrustedDevices technology. TrustedDevices are available in four security levels (1-4). A detailed explanation of the TrustedDevice technology can be found here.