Enterprise Suite is a comprehensive network security solution that effectively protects against external intrusion by targeted hacker attacks or malware threats. It also protects against insider threats caused by unauthorized access to sensitive data and system configuration changes. Best-of-breed virus scanner is also included to provide an additional layer of protection.
Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur.
Application launch control
Granular application launch control settings allow precise controls and prevent unknown processes from launching, blocking malicious activity without the need for software patches or signature updates.
Application activity control
Controls how different applications can access files and folders, USB drives, CD/DVD, COM and LPT ports, registry keys, external devices, and network resources. User-driven rules can be created to control application activity.
Time-limited rules
When setting application activity policies, access rules can be time-limited to allow workstation maintenance to be scheduled.
Script execution control
Detection and prevention of VB and JavaScript scripting language launch.
Antivirus scanner
Enterprise Suite PLUS has a built-in antivirus scanner that enables scanning of files for known malicious code and repairing infected files where possible. It also enables administrators to scan unknown applications before launching them and to perform regular system scans if required. The scanner will also detect and neutralize malicious files before they are launched.
Dynamic sandbox
Launch of unknown or potentially dangerous applications is performed in a sandbox, so other processes and the system itself cannot be affected.
Automatic incident processing
The remote Admin Explorer console enables administrators to remotely make decisions on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
Self-protection system
Only authorized users are permitted to connect, stop, or uninstall client application. All changes and uninstallation are password-protected, and only designated users can allow or deny access to designated files and folders or change other settings.
Application activity history and changed files backup
Application change history is logged to enable the restoration of files changed by that application.
Monitor access to file storages and external devices
Alerts are generated whenever access to an unauthorized application launch or unauthorized file, registry or external device is attempted. Using the audit logs, reports can easily be created to provide timely information about all endpoint activity.
USB drive usage monitor
Records which files were copied to a USB device when, or what applications or files were run from a USB drive (file reading, writing, and deletion).
Remote display screen shot session
Remote screen shot session of user’s workstation display in real time as part of a forensic investigation.
Record keyboard input
Record all keyboard input for any application in order to track who used what applications when and what data was entered or changed.
Logging outgoing email
All outgoing emails are logged, as well as the names of attached files (currently only supported for Microsoft Outlook 2003).
Print monitor
Monitors and logs all files sent to printers.
System registry monitor
Logs all changes user or application made to the system registry on any endpoint or server (reading, creating, deleting, renaming, changing of keys).
Shadow copying of changed files
Automatically saves original copies of changed or deleted files and system registry keys.
Company resource usage monitor
Valuable information for Human Resources and Finance departments, the ability to monitor how and when company IT resources are used can help to control budgets, maintain standards, and ensure optimum return on investment.
Application usage monitor
Keep track of who uses which applications as well as the time spent using those applications.
Integration with other security solutions
Operates alongside and can be integrated with other security and network management tools, such as SIEM, IAM, network traffic security, encryption, and traditional anti-malware solutions.
Remote management console
Built-in remote management console allows remote installation, uninstallation, and or changes to Enterprise Suite settings.
Incident management
The management console enables administrators to remotely determine actions to be taken on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
Alerts
If, for any reason, the client is stopped on a remote workstation, or there is an attempt to breach security policies, an alert is issued to the management console or directly to a designated administrator via email.
Update server
Supports the use of a local server for program component updates on workstations.
Centralized monitoring data logging
All information about user activity is stored in the Service Center database. This information is compiled into reports to assist with incident analysis .
Microsoft SQL Reporting Services
Used for generating reports based on monitoring data.