Enterprise Suite is a comprehensive network security solution that effectively protects against intrusion by targeted hacker attacks or malware threats without the need for signature updates. It also protects against insider threats caused by unauthorized access to sensitive data and system configuration changes.
Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur.
Application launch control
Granular application launch control settings allow precise controls and prevent unknown processes from launching, blocking malicious activity without the need to wait for software patches and signature database updates.
Application activity control
Controls how different applications can access files and folders, USB drives, registry keys, external devices, and network resources. User-driven rules can be created to control application activity.
Time-limited rules
When setting application activity policies, access rules time limits can be set to enable workstation maintenance to be scheduled.
Script execution control
Detection and prevention of VB and JavaScript scripting language launch.
Dynamic sandbox
Unknown or potentially dangerous applications are launched in an isolated =sandbox so they cannot affect other processes or the system itself.
Automatic incident processing
The management console enables administrators to remotely determine actions to be taken on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
Self-protection system
Protects SysWatch from being disabled by malicious software or hackers. System changes and uninstallation are password-protected, so only authorized personnel can change or uninstall SysWatch.
Application activity history and changed files backup
Application activity monitoring allows recovery of changed or deleted files.
Monitor access to file storage and external devices
Alerts are generated whenever an unauthorized application launch or unauthorized file, registry or external device access is attempted. Using the audit logs, reports can easily be created to provide timely information about all endpoint activity.
USB drive usage monitor
Logs which files were copied to USB device and when or what applications or files were run from a USB drive (file reading, writing, or deletion).
Remote display screen shot session
Remote screen shot session of user’s workstation display in real time as part of a forensic investigation.
Record keyboard input
Record all keyboard input for any application in order to track who, when and what data is entered.
Outgoing email logs
Logs all outgoing emails and the names of attached files (only Outlook 2003 supported at this time).
Print process monitor
Monitors and logs all files sent to printers.
System registry monitor
Logs all changes made by users or applications to the system registry (reading, creating, deleting, renaming, keys changing).
Shadow copy for changed files
Automatically saves original copies of changed or deleted files and system registry keys.
Employee time usage monitoring
Useful information for human resource departments, this function optionally records the time spent by any user on any application.
Integration with other security solutions
Operates alongside and can be integrated with other security and network management tools, such as SIEM, IAM, network traffic security, encryption, and traditional anti-malware solutions.
Remote management console
Built-in remote management console allows remote installation, uninstallation or change of Enterprise Suite settings.
Incident management
The management console enables administrators to remotely determine action to be taken on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
Alerts
If, for any reason, the client is stopped on a remote workstation, or there is an attempt to breach security policies, an alert is issued to the management console or directly to a designated administrator via email.
Update server
SysWatch Enterprise Suite allows the use of a local server for workstation program component updates.
Centralized monitoring and data logging
Comprehensive information about employee use of corporate systems is stored in the Service Center database. This information can be generated into forensic or audit reports that help analyze incidents and employee activity.
Microsoft SQL Reporting Services
Used for generating reports based on monitoring data.
