- Category: August 2013 - Data Protection & Security
BYOD, mobility, multiple screens, the cloud, file-sharing ... the endless possibilities of cyberspace in today’s technologically fragmented working environment is leaving CISOs with a ton of ever-changing challenges, and cybercriminals with too many opportunities.
Today‘s employees work from multiple devices, from anywhere in the world, and have accepted being connected 24/7 as normal. Since CISOs need to secure all these endpoints, they may embrace the Novell Endpoint Protection Suite that offers a full range of security features which allow employees to stay productive and secure, anytime and anyplace.
Secure, identity-based protection for endpoints
Devices holding critical data are more often than not mobile and not always behind your perimeter security. Laptops, smartphones, MP3 players, thumb drives and other portable endpoint devices are especially vulnerable to loss and theft. Through wireless connections, endpoint devices can access networks that may not be secure.
More than ever, you need a rock-solid mobile security strategy you can count on. Novell ZENworks Endpoint Security Management ensures that mobile devices outside your perimeter security are safe and secure. It unifies a complete range of mobile security solutions under a single, easy-to-use console and provides the following key capabilities:
- Personal Firewall: Control access to ports and protocols to protect against hackers, malware, protocol attacks, and more, while keeping security invisible to the end user.
- Wireless Security: Control when, how, and where users are allowed to connect. Wi-Fi connectivity can be limited to authorized and known access points, can be limited to access points with minimum encryption or signal strength, or can be disabled completely if necessary.
- Data Encryption: Secure data stored on the endpoint and on removable media by encrypting files, so they can only be read by authorized users, besides protecting sensitive information on lost or stolen mobile computers.
- USB Security: Prevent intentional or inadvertent transmission of data to removable storage devices. Storage devices can be placed in read-only mode or fully disabled, while the endpoint hard drive and all network drives remain accessible and operational.
- Application Control: Ensure that only approved applications are run on corporate IT assets. Create black lists or enforce applications, (such as VPN or antivirus) to run prior to network connection.
- Client Self Defense: Protect the endpoint by ensuring that the Endpoint Security Agent cannot be altered, hacked, or uninstalled.
- Port Control: Control connectivity through LAN, modem, Bluetooth, infrared, 1394 (Firewire), and serial and parallel ports.
- Scripting: Run a JScript or VBScript on a device in either the system or user context. Trigger the script according to Endpoint Security Agent actions, location changes, or time periods.
Full Disk Encryption
ZENworks Full Disk Encryption takes the pain out of managing encrypted devices. The unified ZENworks Control Center is a web-based console you can use any time, from anywhere. With it, you can deploy encryption to devices, manage access, turn encryption on and off, and troubleshoot problems—all without leaving your office. Features include:
- Preboot Authentication is set and managed based on user identity in the primary directory structure (Microsoft Active Directory and/or Novell eDirectory™);
- Push-button deployment pushes encryption software onto the device—no need to manually install encryption onto a device;
- Choose one of two authentication methods: user and password, or smart card;
- Assign the software-based algorithms you trust;
- Designate intruder lock-out policies from the start—and change them as needed;
- Define what gets encrypted—specific volumes or everything on a given device;
- Troubleshoot lost or forgotten passwords through centralized key management that validates users based on a secure combination of challenges, codes and keys;
- Manage both hardware and software encryption methods seamlessly;
- Turn on or shut down user access -instantly from the web-based console;
- Decommission encryption temporarily or permanently;
- 1:1 device/user relationship - each device is paired to a specific user;
- Emergency recovery: If a hard drive is damaged or won't boot, IT can physically pull data off of the disk, using a stored key encrypted with a random password. Hackers are locked out, but IT is not. No other encryption solution allows for emergency data recovery – typically the data is simply lost along with the device.
Lower your patch management costs
Patch your systems up to 13 times faster than the industry average. Novell ZENworks Patch Management defends your endpoints from the devastating cost of viruses without burdening your IT staff. It offers efficient security patch management that keeps your endpoints safe without all the overhead. It automates the process of discovering security alerts, retrieving the patches and deploying the right ones to the right machines at the right time to prevent problems.
ZENworks Patch Management allows you to take control of all your Windows and Linux patch management efforts from a single, unified console, which also means you spend less time testing. Because every recommended Windows and Linux patch is tested and verified prior to its release, you never have to worry about bringing down your network with a faulty, poorly tested deployment. And with dynamic, dashboard-style graphical reports and detailed administrative reports, you can quickly see the big picture. You can easily drill down to see exactly what patches and security holes reside on each server, desktop and laptop in your mixed Windows and Linux environment
Compliance management is made easier with Novell ZENworks Patch Management. It allows you to create mandatory baselines for patch compliance based on pre-defined policies. It then continually monitors endpoint systems for compliance. It can even automatically remediate systems that don't meet minimum standards. And to help you prove your compliance management efforts, it clearly documents the improvements that have been made in patch compliance. Besides that, it includes a powerful security reporting engine as well as dynamic, dashboard style reports. With the sophisticated agent-based security monitoring capabilities in Novell ZENworks Patch Management, you can:
- Detect security vulnerabilities on individual endpoints
- Continually assess security risks
- Receive automatic notifications of patch compliance issues and concerns
- Take advantage of a new Linux agent to monitor both Windows and Linux systems