Call us on: +44 (0)1364 654100
GFI EndPointSecurity boxshot.

GFI EndPointSecurity Plus Edition [Commercial - Renewal]

Published By:  GFI

Product Variants



(Ex. VAT)



Commercial - Renewal (1-Year) (150) Devices - Electronic *Non-Returnable* Windows   £489.05   Email   Add to Basket
Commercial - Renewal (2-Years) (150) Devices - Electronic *Non-Returnable* Windows   £953.64   Email   Add to Basket
Commercial - Renewal (3-Years) (150) Devices - Electronic *Non-Returnable* Windows   £1,393.79   Email   Add to Basket

Other product variants may be available, please contact us or request a call back if you cannot see what you are looking for.

New Features
System Req.
Documents and Downloads

GFI EndpointSecurity 2013 helps prevent data leakage and theft with endpoint security that monitors and controls access to USB devices. Administrators not only gain control over what is in use but also know what has been used and by who, and most importantly gain in-depth knowledge of what data has been copied. With GFI EndpointSecurity administrators can block devices by class, file extensions, physical port or device ID and can also grant temporary device or port access for a stipulated timeframe. Supported devices include media players such as iPod and Creative Zen, USB drives, memory cards, CDs, PDAs, iPhone, network cards and more.

What's new in GFI EndPointSecurity 2013?

AES-256 encryption

The volume encryption feature of GFI EndPointSecurity now offers AES-256 along with the already existing AES-128.

Permissions for specific device serial numbers

A policy can contain now permissions for specific device serial numbers which are very useful in cases when a specific device having a unique serial number has to be treated differently.

Risk Scanning of Windows 8 and Windows Server 2012 machines

GFI EndPointSecurity adapted to the technology change in the two new operating systems offering now the full scanning functionality for them.

Improved agent protection

The GFI EndPointSecurity agent protection was improved to block users trying to tamper with the agent and gain access to devices.

New recognized archive types

The GFI EndPointSecurity now recognizes most of the known archive types and check files inside them to offer increased protection. The following archive types are identified: 7z, arj, bz2, bzip2, cab, deb, gz, gzip, iso, jar, lha, lzh, lzma, rar, rpm, tar, wim, xar, xpi, z, zip.

How it works

To control access, GFI EndPointSecurity installs a small footprint agent on your user's machine. The agent queries Active Directory when the user logs on and sets permissions to the different nodes accordingly. If the user is not a member of a group that allows access to a particular device or set of devices, then access is blocked.

Manage user access and protect your network from portable devices

Using GFI EndPointSecurity you can centrally disable access to any portable device, preventing both data theft and the introduction of data or software that could be harmful to your network. Devices include: Floppy disks, CDs and DVD ROMs, iPods/iPhones, Storage devices, Printers, PDAs, Network adapters, Modems, Imaging devices and more.

Centralised monitoring

GFI EndPointSecurity incorporates a dedicated node making it possible for administrators to view all computers on a network from a single location. Here, administrators can assign a secondary name to computers, to make it easier to identify them.

Computer auto-discovery and automatic protection

GFI EndPointSecurity can monitor the network, detect new computers that are connected onto the network, notify the administrator, and perform various tasks as configured by the administrator. Once computers are detected, the administrator can choose whether to automatically protect them by deploying a pre-defined policy, or simply to be notified that new computers were detected.

Supports Windows 7 and BitLockerTo Go

Windows 7's 'BitLocker To Go' is designed to encrypt data on removable devices. GFI EndPointSecurity can detect devices that are encrypted with BitLocker To Go, and apply different permissions to these devices.

Get detailed reports on device usage with GFI EndPointSecurity ReportPack add-on

The GFI EndPointSecurity ReportPack is a powerful reporting package that adds on for free to GFI EndPointSecurity. This reporting package can be scheduled to automatically generate graphical IT-level or higher level management reports, based on data collected by GFI EndPointSecurity. This gives you the ability to report on devices connected to the network, user activity, endpoint files copied to and from devices (including actual names of files copied), and much more.

Tamper-proof agent

The agent used to control machines has a number of security elements applied to render it tamper-proof. Users are unable to uninstall the agent as it is not published as an installed application. As additional security, uninstall can only be accomplished if a special 128-character ID to unlock the uninstaller is registered.

Log the activity of portable device access to your network

In addition to blocking access to portable storage media, GFI EndPointSecurity logs device related user activity to both the event log and to a central SQL Server. A list of files that have been accessed on a given device is recorded every time an allowed user plugs in.

Easily configure group-based protection control via active directory

You can categorise computers into protection groups. For each group you may specify the level of protection and portable device access to allow. The ability to group your networked computers is a powerful feature; making, for example, an entire department into one group and then managing the department's setting by managing the group as a single entity.

Advanced granular access control via whitelists and blacklists

GFI EndPointSecurity enables you to allow or deny access to a range of device classes, as well as to block files transferred by file extension, by physical port and by device ID (the factory ID that identifies each device). It is also possible to specify users or groups and then manage their access to devices giving them permissions ranging from no access ever, some access to some devices some of the time, and all of the way to full access at all times. GFI EndPointSecurity allows administrators to define a device whitelist and a blacklist allowing only company-approved devices, effectively and easily blocking all others.

Real-time status monitoring and alerts

GFI EndPointSecurity provides real-time status monitoring through its user interface. It displays statistical data through graphical charts, the live status of the agent and more. GFI EndPointSecurity also allows you to send alerts when specific devices are connected to the network. Alerts can be sent to one or more recipients by email, network messages, and SMS notifications sent through an email-to-SMS gateway or service.

Easy unattended agent deployment

GFI EndPointSecurity provides administrators with the ability to automatically schedule agent deployment after a policy or configuration change. If a deployment fails, it is rescheduled until deployed successfully.

Permit temporary device access

Temporary access can be granted to users for a device (or group of devices) on a particular computer for a particular timeframe. This can be done even if the GFI EndPointSecurity agent is not connected to the network!

Daily/weekly digest

An email notification containing activity statistics can be sent on a daily or weekly basis, enabling the recipient to have an overview of, for example, how many files were copied to and from devices, how many may potentially carry malware, etc.

And more...


The product is licensed by computer. The first year of support is included in the product license price and support renewals are available in 1, 2 or 3 year terms. Renewal of the Software Maintenance Agreement (SMA) is recommended and includes updates to new releases, patches, web chat, email support, phone support and access to GFI's electronic knowledge base and forums.


A product version upgrade is required when you want a new version of the product and do not currently have SMA. There is a 30 day grace period from date of SMA expiration before a product version upgrade is required.

Returns policy

There is a no-returns policy on all GFI products.

GFI EndPointSecurity system requirements

Hardware requirements

  • Processor: 2GHz processor clock speed
  • RAM: 512 MB (minimum); 1 GB (recommended)
  • Hard Disk: 100 MB of available space

Operating system requirements

  • Microsoft Windows XP Professional
  • Microsoft Windows Vista (Enterprise, Business or Ultimate edition)
  • Microsoft Windows 7
  • Microsoft Windows 2003 Server
  • Microsoft Small Business Server 2003
  • Microsoft Windows 2008 Server (Standard or Enterprise edition)(SR1 - SR2)
  • Microsoft Windows 2008 Server R2
  • Microsoft Small Business Server 2008

Other components

  • Internet Explorer 5.5 or later
  • NET Framework version 2.0
  • Database Backend: SQL Server 2000, 2005, 2008
  • Port: TCP port 1116 (default)

Agent requirements

Hardware requirements

  • Processor: 1GHz processor clock speed
  • RAM: 256 MB (minimum); 512 MB (recommended)
  • Hard Disk: 50 MB of available space

Operating system requirements

  • Microsoft Windows Server 2008 R2 x64 (Standard or Enterprise edition)
  • Microsoft Windows Server 2008 (Standard or Enterprise edition)
  • Microsoft Windows Server 2003 (Standard, Enterprise or Web edition)
  • Microsoft Windows 7 (Enterprise, Business or Ultimate editions)
  • Microsoft Windows Vista (Enterprise, Business or Ultimate editions)
  • Microsoft Windows XP (Professional edition)
  • Microsoft Windows Small Business Server 2008 (Standard or Enterprise editions)
  • Microsoft Windows Small Business Server 2003

Shopping Basket
    0 Item(s)

    View and amend your basket
    MindManager 2017
    Adobe CCFT