GFI Software/GFI EndPointSecurity
GFI EndPointSecurity enables you to allow or deny access to a specific device as well as to assign (where applicable) ‘full’ or ‘read only’ privileges over every supported device (e.g. CD/DVD drives, PDAs) on a user by user basis.
Aim
[edit | edit source]The aim of this book is to provide access to important information that can help users make the best use of GFI EndPointSecurity, Wikibookians are therefore encouraged to update this content and/or send feedback, ideas and comments on how this documentation can be further improved via the wiki discussion page, GFI Forums, or by sending an email to documentation@gfi.com.
All feedback is welcome! Please contribute your topics with the above principles in mind.
Introduction
[edit | edit source]The key advantage of removable media devices (or portable devices) is easy access. In theory, this may be of great advantage for organizations, but still, it is a well-reported fact that access and security are at opposite ends of the security continuum. Developments in removable media technology are escalating. Newer versions of portable devices, such as flash memory, have increased in:
- Better storage capacity
- Improved performance
- Easier and faster to install
- Physically small enough to carry in a pocket.
As a result, internal users may deliberately or accidentally:
- Take away sensitive data
- Expose confidential information
- Introduce malicious code (e.g. viruses, Trojans) that can bring the entire corporate network down
- Transfer inappropriate or offensive material on to corporate hardware
- Make personal copies of company data and intellectual property
- Get distracted during work hours.
In an attempt to control these threats, organizations have started to prohibit the use of (personally-owned) portable devices at work. Best practice dictates that you must never rely on voluntary compliance and the best way to ensure complete control over portable devices is by putting technological barriers.
GFI EndPointSecurity is the security solution that helps you maintain data integrity by preventing unauthorized access and transfer of content to and from the following devices or connection ports:
- USB Ports (e.g. Flash and Memory card readers, pen drives)
- Firewire ports (e.g. digital cameras, Firewire card readers)
- Wireless data connections (e.g. Bluetooth and Infrared dongles)
- Floppy disk drives (internal and external)
- Optical drives (e.g. CD, DVD)
- Magneto Optical drives (internal and external)
- Removable USB hard-disk drives
- Other drives such as Zip drives and tape drives (internal and external).
Through its technology, GFI EndPointSecurity enables you to allow or deny access and to assign ‘full’ or ‘read only’ privileges to:
- Devices (e.g. CD/DVD drives, PDAs).
- Local or Active Directory users/user groups.
With GFI EndPointSecurity you can also record the activity of all devices or connection ports being used on your target computers (including the date/time of usage and by whom the devices were used).
How it works
[edit | edit source]Deployment and monitoring
[edit | edit source]
Stage 1 - Configure computers
The administrator specifies which protection policy is assigned to which computers, and the log-on credentials to be used by GFI EndPointSecurity to access the target computers and deploy the agents. |
Stage 2 - Customize protection policy
The administrator can customize a protection policy before or after deploying it. Customization options include the creation of power users, addition of blacklisted/whitelisted devices and device access permissions. |
Stage 3 - Deploy protection policy
The administrator deploys the protection policy. Upon the first deployment of a protection policy, a GFI EndPointSecurity agent is automatically installed on the remote network target computer. Upon the next deployments of the same protection policy, the agent will be updated and not re-installed. |
Stage 4 - Monitor device access
When agents have been deployed, the administrator can monitor all device access attempts via the GFI EndPointSecurity management console, receive alerts and generate reports through the GFI EndPointSecurity ReportPack. |
Device access
[edit | edit source]
Stage 1 - Device attached to computer
The user attaches a device to a target computer protected by GFI EndPointSecurity. |
Stage 2 - Protection policy enforcement
The GFI EndPointSecurity agent installed on the target computer detects the attached device and goes through the protection policy rules applicable to the computer/user. This operation determines whether the device is allowed or blocked from being accessed. |
Stage 3 - Device usage allowed/blocked
The user either receives an error message indicating that device usage has been blocked, or else is allowed to access the device. |
Temporary access
[edit | edit source]
Stage 1 - User requests temporary device access
The user executes the GFI EndPointSecurity Temporary Access tool from the computer on which the device is to be accessed. The tool is used to generate a request code, which the user communicates with the administrator. The user also needs to inform the administrator on the device types or connection ports that need to be accessed, and for how long will devices/ports access be required. |
Stage 2 - Administrator grants temporary access
The administrator uses the Temporary Access feature within the GFI EndPointSecurity management console to enter the request code, specify devices/ports and time restrictions. An unlock code is generated which the administrator then communicates with the user |
Stage 3 - User activates temporary device access
Once the user receives the unlock code sent by the administrator, this code is entered in the GFI EndPointSecurity Temporary Access tool to activate the temporary access and to be able to use the required devices/ports. |
GFI EndPointSecurity documentation
[edit | edit source]Getting Started Guide
[edit | edit source]This user manual is a comprehensive guide aimed at assisting you in installing, and testing GFI EndPointSecurity. It describes how to use and configure GFI EndPointSecurity to achieve the best possible corporate security. The following links enables you to browse GFI EndPointSecurity Getting Started Guide.
Chapter 1: Introduces this manual.
Chapter 2: Provides basic information on GFI EndPointSecurity and how it works.
Chapter 3: Provides information on system requirements and how to install the GFI EndPointSecurity.
Chapter 5: Provides information on how to test your GFI EndPointSecurity installation.
Chapter 6: Provides information on licensing and versioning.
Chapter 8: Defines technical terms used within GFI EndPointSecurity.
Chapter 9: Provides a list of errors displayed during deployment of agents from the management console.
Administration and Configuration Manual for GFI EndPointSecurity
[edit | edit source]This user manual is a comprehensive guide aimed at assisting you in creating and deploying GFI EndPointSecurity protection policies. It describes how to use and configure GFI EndPointSecurity to achieve the best possible corporate security. The following links enables you to browse GFI EndPointSecurity Administration and Configuration manual.
Chapter 1: Introduces this manual.
Chapter 2: Provides basic information on GFI EndPointSecurity and how it works.
Chapter 4: Provides information on how to deploy protection policies on to target computers.
Chapter 5: Provides information on how to monitor device and port usage activity on protected target computers.
Chapter 6: Provides information on how to monitor the status of agents deployed on protected target computers.
Chapter 7: Provides information on how to get further information about the GFI EndPointSecurity ReportPack.
Chapter 9: Provides information on how to configure protection policy settings.
Chapter 10: Provides information on how to customize GFI EndPointSecurity settings.
Chapter 11: Provides information on how to uninstall GFI EndPointSecurity agents and GFI EndPointSecurity application.
Chapter 12: Provides information on licensing and versioning.
Chapter 14: Defines technical terms used within GFI EndPointSecurity.
Chapter 15: Provides a list of errors displayed during deployment of agents from the management console.
Troubleshooting
[edit | edit source]This section explains how you should go about resolving issues that you might encounter while using GFI EndPointSecurity. The main sources of information available are:
- The manual - most issues can be solved by reading GFI EndPointSecurity manuals
- Download product manuals from www.gfi.com
- GFI Knowledge Base articles
- GFI maintains a Knowledge Base, which includes answers to the most common problems. If you have a problem, please consult the Knowledge Base first. The Knowledge Base always has the most up-to-date listing of technical support questions and patches. To access the Knowledge Base, visit http://kbase.gfi.com/.
- Web forum
- User to user technical support is available via the web forum. The forum can be found at http://forums.gfi.com/.
- Contacting GFI Technical Support
- If you still cannot solve issues with the software, contact the GFI Technical Support team by filling in an online support request form or by phone.
- Online: Fill out the support request form on: http://support.gfi.com/supportrequestform.asp. Follow the instructions on this page closely to submit your support request.
- Phone: To obtain the correct technical support phone number for your region please visit http://www.gfi.com/company/contact.htm.
- NOTE: Before you contact our Technical Support team, please have your Customer ID available. Your Customer ID is the online account number that is assigned to you when you first register your license keys in our Customer Area at https://customers.gfi.com/login.aspx.
- GFI support will answer your query within 24 hours or less, depending on your time zone.
- If you still cannot solve issues with the software, contact the GFI Technical Support team by filling in an online support request form or by phone.