NetOp Process Control [4.0 5000-9999 NOLP Process Control Licenses (Price per Licence) (E-mail delivery)]

NetOp Process Control

• NDISMiniportDriver and TDI Driver based process control and firewall: All filter algorithms are implemented at the driver level (as an NDIS Driver). The process control and firewall are therefore always on, providing maximum protection to the user even if the Process Control application itself is not running. This ensures that all network traffic is blocked, thus eliminating any risk of a security vacuum during system start-up.

• Process Control: Using Process Control, you manage the processes running on your system by defining rules that apply for any application. This gives you the ability to deny the application to run at all, to allow communication, to only allow communication of a trusted network or to prevent any communication.

• Profile system with automatic Network detection rules: This automatically switches the way your Process Control is configured when you are working on a different network - even if two or more networks are using the same IP address range. Profiles can be configured for 1 or a range of IP-addresses, for 1 or a range of MAC-addresses, and for 1 or more Domains etc.

• Secure Component Checking and protection against Process Hijacking: By verifying the calculated checksum, the Process Control checks the integrity of the application that is trying to communicate. If this has been modified, you are told. By tracing an application's parent process, the computer Process Control knows if another application is trying to spawn an already trusted application and thus denies access to the network, even for the trusted application.

• Deny unknown processes from executing: NetOp Process Control software protects the system against unknown threats by configuring the Process Control to prevent unknown processes from executing and communicating.

• Bidirectional blocking of ports and protocols: Only opens the required ports and protocols in either the inbound or outbound direction, or both, to tighten process control and firewall security.

• Bidirectional control of trusted networks: Ensures that applications only communicate on trusted networks and not to the outside world.

• Bidirectional control of banned networks: Prevents communication with specific networks.

• Process Control and firewall security rules are active the moment the operating system detects a network connection. The Process Control software protects the computer from any threat originating from the network.

• Stealth ports: Hides the computer's presence to prevent attacks and port-scans, enhancing computer process control and firewall security. Anyone using tools like Nmap to fingerprint a system to exploit known vulnerabilities to specific operating systems will not reveal the computer.

• Advanced event logging and real time packet view: Live statistics with Traffic Matrix give you a complete graphic overview of the activity on your network in real-time. Resizable console traffic gives a full-screen view of traffic to enhance your ability to make better real-time security policy adjustments. The Traffic Matrix provides easy access to more details for the connections - either a connection between 2 IP nodes or the IP node itself.

• Easy management of Trusted/Banned Nets from the Traffic Matrix: If some computers seen in the Traffic Matrix are judged as being important or not approved to the work situation NetOp Process Control provides easy management from the Traffic Matrix to include the computers in either Banned Nets or Trusted Nets.

• Encrypted communication: Encrypted communication to the NetOp Policy Server and local system databases provide security against malicious code trying to attack the Process Control software configuration.

• Maintenance password: Password protection enables the user or administrator to lock components of the Process Control software to prevent unwanted configuration of the product. If desired, when used with the NetOp Policy Server, the user cannot manually disconnect from the server without the correct password.

• Wireless compatibility: Support for the latest communication technologies.

• Low system overhead: Ensures that the computer can be protected without the user experiencing performance degradation.

• MSI Installation: Installation of the NetOp Process Control is accomplished with the Microsoft Windows Installer and can run either interactively or in silent mode for mass deployment. Engagement of the Process Control security software can be postponed until the next planned reboot to ensure all users an uninterrupted working day.

• Ports security: As an added security measure against port scanning, the NetOp Process Control closes off ports until connection to the specific port is requested.

• Latest used processes: The NetOp Process Control brings you an easy overview of the last 10 active processes and brings information about the process file and the rule related to it.

NetOp Policy Server
NetOp Policy Server Console: The main user interface allows the administrator to perform security management and maintenance from a Master Server to control security policy assignments to individual NetOp Process Controls. The console can be launched from any supported platform.

• Master Server: This module maintains the master configuration and interacts with individual NetOp Process Controls through one or more Replica Servers. The initial installation places a Master, a Replica and a Console on the same computer.

• Replica Servers: These are arranged in a cluster to ensure maximum system availability, to allow for redundancy, load distribution, and to interact with NetOp Process Controls and record these interactions. Replica Servers regularly interact with their Master Server to receive security policy updates and return their NetOp Process Controls interaction recordings for storage on the Master Server. Each Replica Server can service several thousands Process Controls.

• Manage Servers: Deploy, approve, delete, or move Replica Servers and monitor their status in real-time.

• Manage Administrators: Every Master Server has one administrator. The product lets you define and manage multiple assistant administrators, allowing you to distribute the workload to local administrators.

• Security Policy Management: The NetOp Policy Server Console controls the configuration of Programs, Ports, Protocols, Trusted Nets and Banned Nets. The console also controls the Profiles and Profile Rules for each Security Policy. New programs that users have tried to launch can be approved or denied for a certain Security Policy. This can be effective at the NetOp Process Controls within seconds. The security profile system allows amongst other settings a range of IP-addresses, a range of MAC-addresses and multiple Domains.

• Synchronisation between NPC and NPS: NetOp Policy Server (NPS) Console will show a total list of processes from all the connected NetOp Process Control (NPC) clients. Creating a NPS whitelist of processes will contain all relevant processes no matter if they are present on all NPC clients or not. When NPC synchronises with NPS the NPC client will get the total NPS whitelist, so if new programs are installed later NPC client is then already aware of what is allowed and what is not.

• Centralised administration: Define the security policies and assign these to Microsoft Active Directory security groups or by using Organisational Unit for easy security management. The NetOp Policy Server can also maintain separate groups for computers that are not members of a Microsoft Active Directory.

• Easy overview of all connected users: Whether a NetOp Process Control is connected by Active Directory, Policy Account or as Anonymous all are listed in the Global Online list. Use this list for getting a complete and quick overview of all connected users and how they are connected.

• Stop all Internet access: In a virus outbreak or other harmful situation, the NetOp Policy Server administrator can block all network access for the entire company or for an individual security group until the situation has been resolved.

• Advanced statistics and logging: The NetOp Policy Server records requests for confirmed programs and unconfirmed programs, logons, and synchronisations. These data can be displayed graphically to monitor server load and performance or as list views.

• Client stealth mode controlled by central management: The NPC tray icon can be controlled from the NPS Script. From here the NPC client tray icon can be set in stealth mode, so the user is not aware that NPC is running on their PC.

NetOp Process Control Client

Process control: The NetOp Process Control is an extremely powerful security management tool that lets you manage all the processes running on your system. Using process control, you define rules that apply for any given application. The process and firewall security features gives you the ability to prevent an application from running at all, allow communication, only allow communication with a trusted network, prompt you on communication, unrestricted communication, prevent any communication at all or let the user decide.

Packet filtering: The NetOp Process Control dynamic packet-filtering architecture works at the network layer, controlling IP addresses, ports and protocols. Dynamic packet filtering monitors the states of the connections and compiles this information in a state table. This means filtering decisions are based on static packet filtering rules as well as on context that has been established by prior packets that have passed through the PC firewall. As an added internet security measure against port scanning, the NetOp Process Control software closes off ports until connection to the specific port is requested.

NetOp Policy Server

NetOp Process Control: The NetOp Policy Server assigns a security policy to a logged-on NetOp Process Control specifying configuration for Programs, Ports, Protocols, Trusted Nets and Banned Nets, Profiles and Profile Rules in real-time and also records information received from the individual NetOp Process Control.

NetOp Process Control manageability: The NetOp Policy Server fully supports Microsoft Active Directory and can apply security policies to computers that are members of Active Directory security groups. This allows management of the infrastructure security to be performed from the administrator's usual tool; Active Directory users and computers. For fault tolerance and load distribution, the NetOp Policy Server has been implemented with a Master Server and multiple Replica Servers to ensure maximum system availability.

Key benefits

• Unique process control - create a whitelist of programs that are allowed to run and then kill all other processes. Protecting

against both known and unknown processes

• A unique profile system always keeps the user in the wanted security zone - both inside and outside company network
• Very strong “low level technology". NetOp Process Control is driver-centric -> it is always active, unless by

administrator

• Monitor all traffic data with great potential for features and functions expansion
• Configuration of client PC is remotely controlled by NetOp Policy Server
• Centrally manage Policy Server (and up to 32 replica servers) -> added security and redundancy plus scalability
• Great configuration flexibility
• Complex IT technique with simple, intuitive interface
• Stealth mode - users not aware of NetOp Process Control running on their PC
• Necessary additional tool to enhance endpoint protection and hence secure network and company data & reputation
• Process control + firewall (NPC) is a strong defense against malware because NetOp Process Control stops most viruses,

worms, trojans and rootkits

NetOp Process Control Client

Computer
Intel Pentium processor 233 MHz or higher or 100% compatible

Memory
Operating System requirement plus additional 32 MB RAM

Video
Any 100% VGA compatible graphics adapter supported by Windows

Disk space
10 MB free disk space

Platform
Windows Vista (32 bit)
Windows XP Professional
Windows XP Home Edition
Windows 2000 Professional

Communications
At least one network adapter or modem
TCP/IP: Winsock 2 or compatible
Internet access (for initial product registration)

NetOp Policy Server
These system requirements apply when installing this version of NetOp Policy Server on a computer:

Computer
Intel Pentium processor 233 MHz or higher or 100 % compatible.

Memory
Console: Operating system requirement plus additional 16 MB RAM.
Master Server: Operating system requirement plus additional 32 MB RAM.
Replica Server: Operating system requirement plus additional 32 MB RAM.
All on one computer: Operating system requirement plus additional 32 MB RAM (64 MB recommended).

Video
Any 100% VGA compatible graphics adapter supported by Windows.

Disk space
Console: 20 MB free disk space.
Master Server: 20 MB (no storage)/ 500 MB (medium size storage and recommended minimum) free disk space.
Replica Server: 20 MB free disk space.
All on one computer: 40 MB (no storage)/ 500 MB (medium size storage and recommended minimum) free disk space.

Platform
Windows Vista (32 bit)
Windows Server 2003 Standard, Web Edition, Enterprise Edition.
Windows XP Professional.
Windows 2000 Server, Advanced Server.
Windows 2000 Professional.

Communications
At least one network adapter.
TCP/IP: Winsock 2 or compatible.
Internet access (for registration and if communicating with other modules across the Internet