What's new in GFI EndPointSecurity 2013?
The volume encryption feature of GFI EndPointSecurity now offers AES-256 along with the already existing AES-128.
Permissions for specific device serial numbers
A policy can contain now permissions for specific device serial numbers which are very useful in cases when a specific device having a unique serial number has to be treated differently.
Risk Scanning of Windows 8 and Windows Server 2012 machines
GFI EndPointSecurity adapted to the technology change in the two new operating systems offering now the full scanning functionality for them.
Improved agent protection
The GFI EndPointSecurity agent protection was improved to block users trying to tamper with the agent and gain access to devices.
New recognized archive types
The GFI EndPointSecurity now recognizes most of the known archive types and check files inside them to offer increased protection. The following archive types are identified: 7z, arj, bz2, bzip2, cab, deb, gz, gzip, iso, jar, lha, lzh, lzma, rar, rpm, tar, wim, xar, xpi, z, zip.
How it works
To control access, GFI EndPointSecurity installs a small footprint agent on your user's machine. The agent queries Active Directory when the user logs on and sets permissions to the different nodes accordingly. If the user is not a member of a group that allows access to a particular device or set of devices, then access is blocked.
Manage user access and protect your network from portable devices
Using GFI EndPointSecurity you can centrally disable access to any portable device, preventing both data theft and the introduction of data or software that could be harmful to your network. Devices include: Floppy disks, CDs and DVD ROMs, iPods/iPhones, Storage devices, Printers, PDAs, Network adapters, Modems, Imaging devices and more.
GFI EndPointSecurity incorporates a dedicated node making it possible for administrators to view all computers on a network from a single location. Here, administrators can assign a secondary name to computers, to make it easier to identify them.
Computer auto-discovery and automatic protection
GFI EndPointSecurity can monitor the network, detect new computers that are connected onto the network, notify the administrator, and perform various tasks as configured by the administrator. Once computers are detected, the administrator can choose whether to automatically protect them by deploying a pre-defined policy, or simply to be notified that new computers were detected.
Supports Windows 7 and BitLockerTo Go
Windows 7's 'BitLocker To Go' is designed to encrypt data on removable devices. GFI EndPointSecurity can detect devices that are encrypted with BitLocker To Go, and apply different permissions to these devices.
Get detailed reports on device usage with GFI EndPointSecurity ReportPack add-on
The GFI EndPointSecurity ReportPack is a powerful reporting package that adds on for free to GFI EndPointSecurity. This reporting package can be scheduled to automatically generate graphical IT-level or higher level management reports, based on data collected by GFI EndPointSecurity. This gives you the ability to report on devices connected to the network, user activity, endpoint files copied to and from devices (including actual names of files copied), and much more.
The agent used to control machines has a number of security elements applied to render it tamper-proof. Users are unable to uninstall the agent as it is not published as an installed application. As additional security, uninstall can only be accomplished if a special 128-character ID to unlock the uninstaller is registered.
Log the activity of portable device access to your network
In addition to blocking access to portable storage media, GFI EndPointSecurity logs device related user activity to both the event log and to a central SQL Server. A list of files that have been accessed on a given device is recorded every time an allowed user plugs in.
Easily configure group-based protection control via active directory
You can categorise computers into protection groups. For each group you may specify the level of protection and portable device access to allow. The ability to group your networked computers is a powerful feature; making, for example, an entire department into one group and then managing the department's setting by managing the group as a single entity.
Advanced granular access control via whitelists and blacklists
GFI EndPointSecurity enables you to allow or deny access to a range of device classes, as well as to block files transferred by file extension, by physical port and by device ID (the factory ID that identifies each device). It is also possible to specify users or groups and then manage their access to devices giving them permissions ranging from no access ever, some access to some devices some of the time, and all of the way to full access at all times. GFI EndPointSecurity allows administrators to define a device whitelist and a blacklist allowing only company-approved devices, effectively and easily blocking all others.
Real-time status monitoring and alerts
GFI EndPointSecurity provides real-time status monitoring through its user interface. It displays statistical data through graphical charts, the live status of the agent and more. GFI EndPointSecurity also allows you to send alerts when specific devices are connected to the network. Alerts can be sent to one or more recipients by email, network messages, and SMS notifications sent through an email-to-SMS gateway or service.
Easy unattended agent deployment
GFI EndPointSecurity provides administrators with the ability to automatically schedule agent deployment after a policy or configuration change. If a deployment fails, it is rescheduled until deployed successfully.
Permit temporary device access
Temporary access can be granted to users for a device (or group of devices) on a particular computer for a particular timeframe. This can be done even if the GFI EndPointSecurity agent is not connected to the network!
An email notification containing activity statistics can be sent on a daily or weekly basis, enabling the recipient to have an overview of, for example, how many files were copied to and from devices, how many may potentially carry malware, etc.