Device Control, Data Loss Prevention, Endpoint DLP, USB Data Security, Mobile Device Management, Content Aware DLP

Centralized
Device Control

The Endpoint Protector 4 Web administration and reporting console offers you a complete overview of the device activity on your computers, whether you work with Windows, Mac or Linux platforms. You will be able to define access policies per user/computer/device and authorize devices for certain user or user groups. Thus, your company will stay productive while maintaining control over the device fleet use.

Controlled Device Types

USB Devices
USB Flash Drives (Normal USB Drives, U3, etc.)
iPhones / iPads / iPods
Smartphones / Blackberry / PDAs
Digital Cameras
MP3 Player / Media Player Devices
CD/DVD-Player/Burner (internal and external)
Memory Cards (SD, MMC, CF, Smartcard, etc.)
external HDDs (incl. sATA HDDs)
Printers
Floppy Drives
Card Readers (internal and external)
Webcams
WiFi Network Cards
FireWire Devices
Biometric Devices
Bluetooth Devices
ZIP Drives
ExpressCard SSD
Wireless USB
Serial Port
Teensy Board
PCMCIA Storage Devices

Device Whitelisting

Allow or block access on computers for any device based just on its serial number. The Device White-listing feature enables you to assign permissions for devices to users or user groups and workstations. By default, the not allowed devices are automatically blocked by the Endpoint Protector Security Agent. This feature will help you eliminate unknown or unwanted devices in your network, reducing the risk for data leakage and data theft as well as the risk for infecting with unwanted malware.

Device Type-Based Policies

The device type based policies reflect Endpoint Protector’s ability to apply different security policies based on the type of device being used. Whenever the user connects a device, Endpoint Protector knows automatically if it’s a USB device, iPhone, iPad or other type of device. This will allow you to apply more or less rigorous policies on PCs, users or groups depending on what devices are allowed to connect to the protected PC. Certain user groups like a specific company department can use, for example, USB devices that are required for everyday work, while other user groups are not able to connect them to their protected work computers.

Protection Against U3 and Other Autorun Devices

Endpoint Protector is able to protect against and block U3 and other autorun devices that could potentially host malware and other malicious self-executing code. This is an important feature because it can prevent automatic system infections through malware or Trojans.

Content Aware Protection

Content-Aware Data Loss Prevention (DLP) for Windows and Mac OS X offers detailed control over sensitive data leaving the company's network. Through efficient content inspection, transfers of important company documents will be logged, reported and blocked. Content Aware Protection by Endpoint Protector prevents data leakage through all possible exit points, from clipboard, screen captures, USB devices to applications including Microsoft Outlook, Skype, Yahoo Messenger or Dropbox.

Supported Applications

Web Browsers

Internet Explorer, Mozilla Firefox, Chrome, Opera, Safari, SeaMonkey, Maxthon, AOL Destop 9.6, K-Meleon, Aurora Firefox

E-mail Clients

Microsoft Office Outlook, Mozilla Thunderbird, Windows Live Mail, Outlook Express, Windows Mail, AOL Mail, Opera Mail, SeaMonkey Mail, Courier, IBM Lotus Notes

Instant Messaging

AIM, eBuddy, MySpace IM, ICQ, Google Talk, Skype, Windows Live Messenger, Yahoo! Messenger, mIRC, Trillian, MyChat, LingoWare, Chit Chat For Facebook, Nimbuzz, Facebook Messenger, Microsoft Communicator 2007, Facemoods, Gaim, LAN Chat Enterprise, OpenTalk, TurboIRC, WinSent Messenger, Pink Notes Plus, fTalk, XChat, ooVoo, TweetDeck, Pidgin Instant Messenger

Cloud Services /
File Sharing

iCloud, Google Drive, Microsoft SkyDrive, Dropbox, eMule, Kazaa, Shareaza, Morpheus, eDonkey, DC++, BitTorrent, Azureus, BitComet, uTorrent, iMesh

Social Media / Others

Facebook & Co. (through web-browser), InfraRecorder, iTunes, Nokia PC Suite 2008 / 2011, Samsung Kies, Sony Ericsson PC Companion, TeamViewer, HTC Sync for Android phones, Total Commander, LogMeIn, EasyLock, GoToMeeting, Windows DVD Maker, FileZilla

Supported File Types

Extension

Description

JPEG

JPEG/JIFF Image

PNG

Portable Network Graphics

GIF

Graphic Interchange Format

BMP

Windows OS/2 Bitmap Graphics

TIFF

Tagged Image Format File

EPS

Encapsulated PostScript

DJV

DjVu File

CGM

Computer Graphics Metafile

ICO

Windows Icon (Microsoft Corporation)

CCX

Corel Compressed Exchange File

TXT

Text File Format

RTF

Rich Text Format

PDF

Acrobat Portable Document Format

XLS

Excel Worksheet (Microsoft Corporation)

XLSX

Excel Microsoft Office Open XML Format Spreadsheet (Microsoft Corporation)

DOC

Word Document (Microsoft Corporation)

DOCX

Word Microsoft Office Open XML Format Document (Microsoft Corporation)

PPT

PowerPoint Presentation (Microsoft Corporation)

PPTX

Power Point Microsoft Office Open XML Format Presentation (Microsoft Corporation)

ONE

OneNote Note File (Microsoft Corporation)

XSN

InfoPath Dynamic Form/Template (Microsoft Corporation)

PUB

Microsoft Publisher Document File

ODS

Outlook Express Mailbox (Microsoft Corporation)

ODT

OpenOffice/StarOffice OpenDocument (Ver 2) Text Document

PST

Outlook Personal Folder File (Microsoft Corporation)

ZIP

Compressed Archive File

7-ZIP Compressed Archive File Format

ACE

WinAce Compressed File (e-merge GmbH)

RAR

WinRAR Compressed Archive (RarLab)

TAR

Tape Archive File

BAT

DOS batch file

CMD

Windows Command File

C/C++ Program File

CPP

C++ Program File

JAV

Java Source Code (Sun)

JAVA

Java Source Code (Sun)

ASC

ASCII Text

Python Script or Library (Python Software Foundation)

PAS

Pascal Source Code

UNIX/LINUX Shell Script

CSH

UNIX csh Shell Script

FORTRAN Source Code

XML

Extensible Markup Language File

DTD

ArcView UNIX Hyperhelp Supporting File (ESRI)

TEX

LaTeX Source (LaTeX3 Project)

EXE

Executable File (Microsoft Corporation)

SYS

System Configuration

DLL

Dynamic Link Library

Shared Object Library

AIF

Audio Interchange File Format

MP3

MPEG Audio Stream

M3U

Media Playlist File

M4A

MPEG-4 Audio File

MPA

MPEG-2 Audio File

WAV

WAVE Audio File

WMA

Windows Media Audio File

AVI

Audio Video Interleave

Mobile Device Management

Offers better control over the use of Android and iOS devices by companies’ employees. Mobile Device Management by Endpoint Protector is the perfect solution for companies using their own mobile devices or adopting the BYOD (Bring-Your-Own-Device) model to protect sensitive company data. Through detailed monitoring, logging and reporting of all mobile device activity and remote enforcement of strong security policies, companies will gain enhanced protection against both inside and outside threats.

File Tracing /
File Shadowing

Track all data that was copied to and from USB flash drives or other portable storage devices directly from the Web management interface. With File Shadowing activated, you can even have access to hidden copies of all transferred files. A thorough record of all the flow of information in the network is essential to support audits and controlling data leakage.

File Tracing

In order to minimize data loss, you and the top management of the company will want to know what kind of files users are copying on USB devices. With Endpoint Protector, you will have this information for later auditing. When enabled, it logs all data-related activities (accesses) and stores it. All actions such as read, write, file deletion, file renamed, etc. are recorded, along with the user who performed them and the device the data originated from or which it was copied to.

File Shadowing

File Shadowing is a very powerful and helpful feature. When enabled, it creates exact replicas of all files in transit from USB removable storage devices and stores them on either local or network storage as physical evidence for later audits. This feature captures the flow of information into and out of the protected network, reducing risk and containing data leakage.

Online Device Report / Plug & Play Devices Report

The Online Device Report allows the administrator to generate and display USB and all other removable devices that are currently connected to computers in the protected network.

Detailed and Comprehensive Logs

The Endpoint Protector client is capable to record detailed security-related information that is reported to the Endpoint Protector Server (even from disconnected/offline clients). Detailed information is essential when it comes to analyzing of security problems and troubleshooting (Activity Logs on the Management Server and the Client Activity Logs, System Logs, File Traffic Logs and File Shadow Logs).

Log File Export

All displayed log entries can be saved and exported in Excel file format for detailed analysis.

Flexible Log Queries

Administrators can search logs and sort results; multiple entries can be stacked together to condense information for a detailed and easy to interpret report. Powerful log analysis is enabling a quick drill down to a specific security issue.

Detailed and Comprehensive Management Server Logs

If you want to see what activity a certain user performed regarding devices, you can. (Check at any time what device related activities a user performed inside the network). The Endpoint Protector client is capable to record detailed security-related information that is reported in the web administrative console. Detailed information is essential when it comes to analyzing security problems and troubleshooting (Activity Logs on the Management Server and the Client Activity Logs, System Logs, File Traffic Logs and File Shadow Logs). All displayed log entries can be saved and exported in Excel file format for detailed analysis.

Unified Log Management and Reporting

All logs are stored and displayed in a common format. This delivers a powerful forensic analysis by identifying the relationship between device, user, PC and traced and shadowed files.

Decentralized Files Storage

Shadow files, file trace logs and general log files are stored with each application server, maintaining central access from the management console.

Bi-Directional Shadowing Option

Bi-Directional Shadowing records complete files that is read from and/or written to a removable device. Captures the flow of information into and out of the protected network, reducing risk and containing data leakage.

Defining Rights

Simple device management policies will help you define User group permissions, allowing an efficient enforcement and maintenance of the predefined security policies across the network.
Being able to block USB flash drives or other portable devices and track data going on them will help you comply with government regulations, industry standards and IT governance in regard to data leakage prevention.

User-based Policies

You can give Endpoint Protector the capability to apply policies based on the user being logged on the protected computer. This allows a consistent policy for a particular user wherever that user might log in within the protected network.

Computer (Machine)-based Policies

You can give Endpoint Protector the capability to apply policies based on the computer being used. This allows a consistent policy on a particular PC regardless of who is using it.

Synchronization with Active Directory

Leverages user and user group definitions in existing Active Directory. This feature gives you one more ways to differentiate users from each other and control them without having to re-create the user list manually.

Group Inheritance of Policies

Group Inheritance of Policies describes the capability to have sub-groups take on the properties of the parent group(s).

Group-Based Administrative Rights & Privileges with Detailed Logs

Allow an administrator to grant specific administrative rights and privileges for specific groups of administrators to perform certain operations. All administrative actions are logged as are all client-server communications. Group-based rights facilitate the appropriate distribution of administrative rights throughout the organization while detailed logging provides accountability.

Real-time Client Status Monitoring

Real-time Client Status Monitoring allows to monitor the status of clients (user, OS, security policy/profile, etc.) in real-time.

Access/User Notifications

If a user connects a USB device when not allowed, Endpoint Protector will block the device and issue a notification for the user.

Disconnected/Offline Remote Computer Protection

If a computer doesn’t have access to the network, Endpoint Protector will maintain constant security by keeping a local copy of the last list of policies and permissions on the PC. Endpoint Protector secures computer regardless of network connection and ensures that remote or disconnected users are also protected.

Push Changes to Permissions

Permission changes for devices can be pushed to one user or groups at once. Implements new policies regarding device use immediately - no reliance on reboot or restart of network connection.

Device-based Policies

This feature enables you to allow or block USB flash drives or other devices based on their unique characteristics(Ids). For instance you can create a rule where you can allow a USB stick from a certain manufacturer to connect on certain computers and block it for all the others. This feature gives you significant control over what devices are used on protected clients.

Support for Mac OS X, Windows (XP, Vista, 7) and Linux

Endpoint Protector will protect your networks whether they are MAC, Windows or Linux based. This will offer you an even more secure working environment.

Mobile Application Management (MAM) for iOS

Discover what applications people use on smartphones and tablets, bringing them into the company network, and manage accordingly to the organization’s security policies. Instantly push free and paid apps to enrolled mobile devices from your own Apps Catalog.

Working with Active Directory

If you already have Active Directory, then you can easily use it to deploy Endpoint Protector, making your life a lot easier.

Also you will have simplified device management policies with customizable templates for defined USR Groups (Active Directory GPOs).

Reporting and Analysis Tools

Endpoint Protector offers a powerful reporting and analysis tool which will come in handy as you will be able to monitor all users activity: who is trying to connect USB devices, what kind of data are they copying on them, how are the users using devices. You will have the ability to drill down from high level to more detailed reports and analyses, making this way data audit processes easy and straightforward.

Endpoint Security for Workstations, Laptops and Servers

Endpoint Protector is designed to protect PCs from threats posed by removable portable storage and endpoint devices such as USB Flash Drives, MP3 Players, iPods and digital cameras. These and other devices could be accidentally or intentionally used to leak, steal, or lose data.

Enforced Encryption with EasyLock

If a USB stick full with company information gets accidentally lost or stolen, this might have severe consequences, especially when reaching into the wrong hands. We thought of that and this is why we give you the possibility to automatically encrypt data copied on USB devices so that no unauthorized person can access and use the stored information.

File Whitelisting

Only authorized files (e.g. product brochures PDFs) can be transferred to authorized devices. All other files are blocked and attempted file transfers are recorded and reported.

Offline Temporary Password

While on the road and without a connection to the office network, USB flash drives or other devices can be allowed by the Administrator for a specific period from 30 minutes up to 30 days.

Clipboard Monitoring

Puts an end to Data Leakage threats of sensitive data through Copy & Paste / Cut & Paste for even further enhanced data security.

Disable Print Screen

Revokes Screen Capture capabilities and makes sure no valuable data displayed on the screen is leaked out of the protected network.

Department Management

Departments can be organized and separate dedicated policies can be applied to manage the diverse device use needs in large organizations.

Appetizer License

Appetizer License offers totally FREE enhanced data and endpoint security for small networks with up to 10 computers to protect against data theft, data leaks and data loss. SMBs have no excuse now to leave their sensitive information unprotected.

Feature	License Type	Updates and Support
Device Control	Perpetual License	1st year included, 2nd and 3rd year available
Content Aware Protection (requires also Device Control)	Perpetual License	1st year included, 2nd and 3rd year available
Mobile Device Management (MDM) for iOS and Android	1 year subscriptions (since MDM is a service)	Included

Supported Virtual Environments	Version	.OVF	.VMX	.VHD
VMware Workstation	7.1.4
VMware Player	3.1.4
VMware vSphere (ESXi)	5.0.0
Oracle VirtualBox	4.1.16
Parallels Desktop for Mac	7.0.1
Microsoft Hyper-V (2008 R2)	6.1

Endpoint Protector 4

Device Control

Content Aware Protection

Mobile Device Management

Virtual/Hardware Appliance

Highlights - Content Aware Protection

Highlights - Device Control

Centralized Device Control

Controlled Device Types

Device Whitelisting

Device Type-Based Policies

Protection Against U3 and Other Autorun Devices

Content Aware Protection

Supported Applications

Supported File Types

Mobile Device Management

File Tracing / File Shadowing

File Tracing

File Shadowing

Online Device Report / Plug & Play Devices Report

Detailed and Comprehensive Logs

Log File Export

Flexible Log Queries

Detailed and Comprehensive Management Server Logs

Unified Log Management and Reporting

Decentralized Files Storage

Bi-Directional Shadowing Option

Defining Rights

User-based Policies

Computer (Machine)-based Policies

Synchronization with Active Directory

Group Inheritance of Policies

Group-Based Administrative Rights & Privileges with Detailed Logs

Real-time Client Status Monitoring

Access/User Notifications

Disconnected/Offline Remote Computer Protection

Push Changes to Permissions

Device-based Policies

Web-based Interface

Device-Centric Blocking Engine

Self Defense Feature

Security Agent Predefined Modes

Encrypted Client-Server Communication

Integrated Policy Management, Distribution, Enforcement, and Reporting Server

Support for Mac OS X, Windows (XP, Vista, 7) and Linux

Mobile Application Management (MAM) for iOS

Working with Active Directory

Reporting and Analysis Tools

Endpoint Security for Workstations, Laptops and Servers

Enforced Encryption with EasyLock

File Whitelisting

Offline Temporary Password

Clipboard Monitoring

Disable Print Screen

Department Management

Appetizer License

Endpoint Protector Licensing

Downloads

Data Sheets

Manuals

Case Studies

Reviews

Testimonials

White Papers

Awards / Recognition

Endpoint Protector for Device Control explained in plain English

Content Aware Data Loss Prevention (DLP) for Mac OS X

Mobile Device Management (MDM) for iOS and Android with Endpoint Protector

Endpoint Protector for Device Control explained in plain English

Endpoint Protector Hardware Appliance for Device Control and Endpoint Security

Endpoint Protector Virtual Appliance for Device Control and DLP

Device Control, USB Lockdown and Control for Mac OS X

Endpoint Protector Basic - Data Protection for Small Offices or Home Use

EasyLock - Cross platform encryption for Windows, Mac OS X and Linux

My Endpoint Protector explained in plain English

Endpoint Protector as Virtual Appliance

Endpoint Protector as Hardware Appliance

Content Aware Protection

Device Rights

Computer Rights

Centralized
Device Control

File Tracing /
File Shadowing