SysWatch maintains the integrity of workstations without the need for continuous updates, effectively protecting against all kind of malicious software, hacker attacks, and unauthorized user actions. Centralized administration and endpoint protection policy management included.
SysWatch Workstation takes a different approach to PC protection than traditional anti-malware, controlling application launch and activity to maintain system integrity, even trhough patching and update cycles.
SysWatch does not require regular signature updates, because the entire approach is based on preventing unauthorized access or change rather than identifying and then neutralizing individual threats. By controlling application activity, SysWatch prevents malicious code from activating on the system, effectively protecting endpoints from both known and unknown or zero-day threats.
Application launch and activity control keeps the system in a known-good state and effectively avoids the problem of false alarms that dogs traditional antimalware approaches.
Application activity rules can be adjusted as required to prevent data leaks or to manage the effective usage of employees’ time, for example, by preventing certain applications from running or restricting access to file system or external devices.
Controls application launches, blocking the launch of hidden applications, and preventing new applications from launching until the administrator can determine whether the application should be permitted to run.
Dynamic sandbox
Unknown or potentially dangerous applications are launched in a limited user account or a sandbox , so they cannot affect other processes or the system itself. This method allows malicious activity to be blocked before patches or signature updates can be applied.
Application activity control
Controls how different applications can access files and folders, USB drives, registry keys, external devices, and network resources. User-driven rules can be created to control application activity.
Targeted software protection
Enables custom protection to be implemented for specific software in the following ways:
Application consistency control. Control over program code changes ensures that applications cannot be launched if the executable code has been modified.
Application executable code protection. Prevent executable modules from being modified by other applications.
Application data protection. Disable read/write access to application data files and registry keys for all other applications.
Block attempts by users to launch any unknown application or block only specified unwanted software such as games or multimedia players.
Access to files and folders
Set access rules to files and folders for individual applications or groups of applications. Active Directory support enables rules to be set for individual users or groups of users.
Time-limited rules
When setting application activity policies, access rules can be time-limited to allow for workstation maintenance.
Access to peripheral devices
Granular settings control access to USB drives and CD/DVD devices, down to the level of device type, name, vendor and ID.
Restore
Logging history of changes of certain application allows restoration of files changed by that application.
Self-protection system
Permits only authorized users to connect, stop or uninstall client application. All changes and uninstallation are password protected, ensuring only designated users can allow or deny access to designated files and folders or change other settings.
SysWatch is built around SoftControl’s unique, patent-pending V.I.P.O. (Valid Inside Permitted Operations) technology, which combines three levels of protection:
D.I.C. (Dynamic Integrity Control)
Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur. Preserves the system in a known-good state.
D.S.E. (Dynamic Sandbox Execution)
Specially-designated user account for potentially dangerous software provides system-level privilege controls to block malicious software activity. Also protects the PC from software vulnerabilities.
D.R.C. (Dynamic Resource Control)
Controls how different applications can access files and folders, registry keys, external devices, and network resources.
Easily scales to meet the needs of growing businesses.
Integration with other security solutions
Operates alongside and can be integrated with other security and network management tools, such as SIEM, IAM, network traffic security, encryption, and traditional antimalware solutions.
SysWatch Workstation installations can be updated through local server connections.
Remote management
The built-in remote management console supports remote installation and uninstallation, policy and configuration changes.
Incident management
The management console enables administrators to remotely make decisions on action to be taken in case of incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
