Sanctuary Device Control
allows you to regain control of the peripheral storage devices that
your
user community
attempts to connect to your network assets. Through granular policy-based
controls, Sanctuary Device Control reduces risk of data theft, data
leakage and malware introduction via unauthorised removable media
and assures compliance with the landslide of regulations governing
privacy and accountability.
Positive Approach to USB Security
Hardware such as USB memory sticks, FireWire
external hard-drives, scanners, music players, digital cameras, PDAs
and CD/DVD burner drives are scattered throughout offices around
the world. Their proliferation amplifies the threats posed by outsiders
or users who plug in devices that could compromise the security of
sensitive data.
By employing a whitelist approach, Sanctuary
enables only authorised devices to connect to a network, laptop or
PC - facilitating security and systems management, while providing
the necessary flexibility to the organisation.
Simple, Fast, Flexible Administration
and Management
Sanctuary enables administrators to quickly
establish and enforce device control policies by rapidly identifying
devices and then assigning permissions at a high level or all the
way down to specific application per users, user groups or even a
particular computer. Policies are also enforced by time constraints,
encryption, volume of data, data transfer and much more criteria.
Sanctuary links device policies to user and user group information
stored in Microsoft Active Directory or Novell
eDirectory and has
also been ported to Windows Embedded platforms in addition to traditional
Server and Desktop Windows OS, dramatically simplifying the management
of endpoint application resources.
Sanctuary controls the use of a vast
range of devices that are key sources of security breaches and manages
and audits device usage according to their type and not on how they
are connected. If needed, Sanctuary Device Control can be set to
completely block USB ports or any other port (Bluetooth, FireWire,
IrDA, WiFi, etc.) or prevent access to any device category independently
from the way users are attempting to connect them. Granular policies
also allow for access rights (R/W) down to unique device model or
identifiable unit per user or user group.
USB Security Built to Scale
With a three-tier architecture and load-balancing
capability, Sanctuary is designed to provide USB security to organisations
ranging in size from 50 to 100,000 endpoints. Through integration
with Active Directory or eDirectory, Sanctuary integrates with your
existing technical infrastructure and logical organisation. Sanctuary
has also been ported to Windows Embedded platforms to protect the
growing number of exposed embedded devices.
Comprehensive Security and Auditing Capabilities
for USB Devices
Lumension Security Patented Shadowing
I/O bi-directional technology tracks information as it is read from
or written to floppy, CD/DVD and removable devices, and provides
a comprehensive audit log of every event whether allowed or attempted
- including those by unauthorised code and all writes to removable
media and specific ports. Optionally, a full copy of the data written
to or from a device can be captured and retained as well.
Not only is an audit log invaluable in
measuring and enforcing policy compliance, it also bundles the information
you need as proof of compliance with a number of governmental regulations
such as Sarbanes-Oxley, Gramm-Leach-Bliley Act (GLBA) or the Health
Insurance Portability and Accountability Act (HIPAA).
Recommend this page to a colleague or friend ]
