The Device Control module is the first layer of security provided by Endpoint Protector 4. By defining granular access rights for USB and peripheral ports, device security is enforced while productivity is maintained. As a cross-platform solution, it protects the entire network, regardless if the computers are running on Windows, Mac OS X or Linux.
The Device Control module allows management of the most commonly used device types and simplifies IT Administrators' lives in several ways.
- USB Storage Devices (USB Flash Drives, Sticks, Pen drives, etc.)
- External HDDs (incl. sATA HDDs)
- CD/DVD-Players and Burners (internal and external)
- iPhones, iPads and iPods
- Smartphones and Tablets (incl. Android devices, Blackberry and PDAs)
- Digital Cameras
- MP3 Player and other Media Player Devices
- Card Readers (internal and external)
- Memory Cards (SD, MMC, CF, Smartcard, etc.)
- Floppy Drives
- WiFi Network Cards
- FireWire Devices
- Biometric Devices
- Bluetooth Devices
- ZIP Drives
- ExpressCard SSD
- Wireless USB
- Serial Port
- Teensy Board
- PCMCIA Storage Devices
- Network Share
- Thin Client Storage (RDP Storage)
- Additional Keyboards
- USB Modems
- Infrared Dongle
Content Aware Protection
The Content Aware Protection module is the second layer of security provided by Endpoint Protector 4. It prevents data leakage through all possible exit points, from clipboard, screen captures, USB devices, to applications including Microsoft Outlook, Skype or Dropbox. Through efficient content inspection, transfers of important company documents will be logged, reported and managed.
The Content Aware Protection module allows management of file transfers via the most common exit points, preventing data leakage.
- Web Browsers
- E-mail Clients
- Instant Messaging
- Cloud Services / File Sharing
- Social Media / Other
Mobile Device Management
The Mobile Device Management module extends data security and control over the iOS and Android mobile device fleet. It also provides features for Mac OS X computers. Through remote enforcement of strong security policies, detailed monitoring, logging, and reporting of all mobile device activity, it provides enhanced protection against both insider and outsider threats. Moreover, it also includes Mobile Application Management.
The Mobile Device Management is the third module of Endpoint Protector 4, offering data protection for the mobile endpoints.
- Tracking and Locating
- Virtual/Hardware Appliance
- Restrictions and App Management
- Ready for the latest OS versions
Endpoint Protector can protect confidential information throughout the entire network, regardless if the computers are Windows, Mac or Linux-based. This will provide a safer working environment, regardless if you are using the latest Windows 10 or Mac OS X El Capitan.
Multilingual User Interface
The user interface is available in more than 10 languages, making the administration easier by bridging the language gap. Among the provided languages: English, German, French, Spanish, Romanian, Korean, Russian, Chinese, Hungarian and more.
AD Import & Sync
Take advantage of Active Directory or similar tools, making larger deployments simpler. Import and sync all groups and entities. It will also simplify device management and content filtering policies with customizable templates for defined Active Directory GPOs.
The Hardware Appliance is a Plug&Play solution, that allows IT Administrators to set up Endpoint Protector within minutes, with a few simple steps. It is suitable for organizations with more than 15 endpoints and it presents advantages like dedicated resources and isolation from other security solutions, making the process of detecting possible incidents easier.
As a second option for an on-premise DLP solution, Endpoint Protector also comes as a Virtual Appliance. It provides increased flexibility, easy scalability, and affordability. The solution comes in different formats, compatible with the most common virtualization tools, like VMWare, VirtualBox, vSphere, HyperV, Parallels, XenServer and many others.
The possibility of transmitting all logs to a SIEM server allows for a seamless experience of the reporting and analysis capabilities by delivering high-quality data to one location. Your business will benefit from comprehensive analytics and graphics that provide real-time correlations for faster detection of incidents and threats.
DLP for Thin Clients
Protect data on Terminal Servers and prevent data loss in Thin Client environments. Control the use of portable storage devices and filter data that is being copied or uploaded to cloud storage and other online applications.
HIPAA Content Aware Policies
HIPAA policies allow for an in-depth scanning of documents and blocking file transfers if they contain sensitive information like FDA approved drugs, ICD-9 codes and diagnosis lexicon, Personally identifiable information like Social Security Numbers (SSNs) and others.
DLP for Printers
Create policies for local and network printers to block printing of confidential documents and prevent data loss and data theft. Data Loss Prevention for Printers can be implemented with the use of both the Device Control and the Content Aware Protection modules.
The Appetizer License offers totally FREE Data Loss Prevention and Mobile Device Management for small networks with up to 5 computers and 5 mobile devices. Perfect for SMBs to protect sensitive information against data theft, data leaks, and data loss.
The Trial License allows access to all Endpoint Protector’s features for a period of 30 days. Protect and manage up to 50 computers running on Windows, Mac OS X, and Linux as well as 5 Android or iOS mobile devices.
Endpoint Protector DLP and MDM solutions support organizations to become compliant with industry rules and regulations like PCI DSS, HIPAA, SOX, and others and avoid huge fines and other prejudices.
Set Rights Globally
By default, Device Control Rights apply globally throughout the network. However, the module is extremely granular.
Set Rights per Group
Device Control rights can be granularly configured based on groups, allowing different access rights for various departments.
Set Rights per Computer
Device Control rights can be configured per computer. It is helpful when computers serve a unique role in the organization.
Set Rights per User
Based on their roles and tasks, each user can receive different device access rights according to the company policies.
Set Rights per Device
The granularity of the rights can be drilled down to the device level, based on Vendor ID, Product ID and Serial Number.
Rights can be created based on classes of devices making management easier for products from the same vendor.
For encrypted devices, different access rights can be configured based on the level of encryption (software, hardware, etc.).
Offline Temporary Password
(for removable devices)
Temporarily allow device access to computers disconnected from the network. Ensure security and productivity.
Predefined Content Filters
Filters can be created based on predefined content such as Credit Card Numbers, Social Security Numbers and much more.
Custom Content Filters
Filters for sensitive data can also be created based on custom content such as keywords and expressions which can be added in various Dictionary Blacklists.
Regular Expressions Filters
Advanced custom filters can be created to find a certain recurrence in data transferred across the protected network.
File Type Filters
File Type Filters can be used to block specific documents based on their extension, even if these are manually modified by users.
While all other attempted file transfers are blocked, whitelists can be created to avoid redundancy and increase productivity.
Domain & URL Whitelisting
Enforce company policy but allow employees the flexibility they need to do their work. Whitelist company portals or email addresses where employees can send sensitive data.
Threshold for Filters
Define up to which number of violations a file transfer is allowed. It applies to each type of content or to the sum of all violations.
Disable Print Screen
Revoke screen capture capabilities and make sure no valuable data displayed on the screen is leaked out of the protected network.
Eliminate data leaks of sensitive content through Copy & Paste / Cut & Paste, further enhancing the data security policy.
Offline Temporary Password
(for file transfers)
Temporarily allow file transfers to computers disconnected from the network. Ensure security and productivity.
Record all file transfers or attempts to various devices, online applications and cloud services, providing a clear view on users’ actions.
Save a copy of files that were transferred to controlled devices or through emails, cloud storage or other applications.
Create E-mail Alerts
Granular e-mail alerts can be set up to provide information on the most important events related to device use and confidential file transfers.
Reports and Analysis
Monitor activity related to device use and file transfers with a powerful reporting and analysis tool. Logs and reports can also be exported.
Dashboard and Graphics
For a quick visual overview of the most important events and statistics, graphics and charts are available.