GFI Software/GFI EndPointSecurity

From Wikibooks, open books for an open world
Jump to: navigation, search
Gfi logo2.png

http://www.gfi.com

GFI EndPointSecurity Online documentation

GFI EndPointSecurity enables you to allow or deny access to a specific device as well as to assign (where applicable) ‘full’ or ‘read only’ privileges over every supported device (e.g. CD/DVD drives, PDAs) on a user by user basis.

Aim[edit]

The aim of this book is to provide access to important information that can help users make the best use of GFI EndPointSecurity, Wikibookians are therefore encouraged to update this content and/or send feedback, ideas and comments on how this documentation can be further improved via the wiki discussion page, GFI Forums, or by sending an email to documentation@gfi.com.

All feedback is welcome! Please contribute your topics with the above principles in mind.

Introduction[edit]

The key advantage of removable media devices (or portable devices) is easy access. In theory, this may be of great advantage for organizations, but still, it is a well-reported fact that access and security are at opposite ends of the security continuum. Developments in removable media technology are escalating. Newer versions of portable devices, such as flash memory, have increased in:

  • Better storage capacity
  • Improved performance
  • Easier and faster to install
  • Physically small enough to carry in a pocket.

As a result, internal users may deliberately or accidentally:

  • Take away sensitive data
  • Expose confidential information
  • Introduce malicious code (e.g. viruses, Trojans) that can bring the entire corporate network down
  • Transfer inappropriate or offensive material on to corporate hardware
  • Make personal copies of company data and intellectual property
  • Get distracted during work hours.

In an attempt to control these threats, organizations have started to prohibit the use of (personally-owned) portable devices at work. Best practice dictates that you must never rely on voluntary compliance and the best way to ensure complete control over portable devices is by putting technological barriers.

GFI EndPointSecurity is the security solution that helps you maintain data integrity by preventing unauthorized access and transfer of content to and from the following devices or connection ports:

  • USB Ports (e.g. Flash and Memory card readers, pen drives)
  • Firewire ports (e.g. digital cameras, Firewire card readers)
  • Wireless data connections (e.g. Bluetooth and Infrared dongles)
  • Floppy disk drives (internal and external)
  • Optical drives (e.g. CD, DVD)
  • Magneto Optical drives (internal and external)
  • Removable USB hard-disk drives
  • Other drives such as Zip drives and tape drives (internal and external).

Through its technology, GFI EndPointSecurity enables you to allow or deny access and to assign ‘full’ or ‘read only’ privileges to:

  • Devices (e.g. CD/DVD drives, PDAs).
  • Local or Active Directory users/user groups.

With GFI EndPointSecurity you can also record the activity of all devices or connection ports being used on your target computers (including the date/time of usage and by whom the devices were used).

How it works[edit]

Deployment and monitoring[edit]

Application-x-executable.svg
Stage 1 - Configure computers

The administrator specifies which protection policy is assigned to which computers, and the log-on credentials to be used by GFI EndPointSecurity to access the target computers and deploy the agents.

Application-x-executable.svg
Stage 2 - Customize protection policy

The administrator can customize a protection policy before or after deploying it. Customization options include the creation of power users, addition of blacklisted/whitelisted devices and device access permissions.

Application-x-executable.svg
Stage 3 - Deploy protection policy

The administrator deploys the protection policy. Upon the first deployment of a protection policy, a GFI EndPointSecurity agent is automatically installed on the remote network target computer. Upon the next deployments of the same protection policy, the agent will be updated and not re-installed.

Application-x-executable.svg
Stage 4 - Monitor device access

When agents have been deployed, the administrator can monitor all device access attempts via the GFI EndPointSecurity management console, receive alerts and generate reports through the GFI EndPointSecurity ReportPack.

Device access[edit]

Application-x-executable.svg
Stage 1 - Device attached to computer

The user attaches a device to a target computer protected by GFI EndPointSecurity.

Application-x-executable.svg
Stage 2 - Protection policy enforcement

The GFI EndPointSecurity agent installed on the target computer detects the attached device and goes through the protection policy rules applicable to the computer/user. This operation determines whether the device is allowed or blocked from being accessed.

Application-x-executable.svg
Stage 3 - Device usage allowed/blocked

The user either receives an error message indicating that device usage has been blocked, or else is allowed to access the device.

Temporary access[edit]

Application-x-executable.svg
Stage 1 - User requests temporary device access

The user executes the GFI EndPointSecurity Temporary Access tool from the computer on which the device is to be accessed. The tool is used to generate a request code, which the user communicates with the administrator. The user also needs to inform the administrator on the device types or connection ports that need to be accessed, and for how long will devices/ports access be required.

Application-x-executable.svg
Stage 2 - Administrator grants temporary access

The administrator uses the Temporary Access feature within the GFI EndPointSecurity management console to enter the request code, specify devices/ports and time restrictions. An unlock code is generated which the administrator then communicates with the user

Application-x-executable.svg
Stage 3 - User activates temporary device access

Once the user receives the unlock code sent by the administrator, this code is entered in the GFI EndPointSecurity Temporary Access tool to activate the temporary access and to be able to use the required devices/ports.

GFI EndPointSecurity documentation[edit]

Getting Started Guide[edit]

This user manual is a comprehensive guide aimed at assisting you in installing, and testing GFI EndPointSecurity. It describes how to use and configure GFI EndPointSecurity to achieve the best possible corporate security. The following links enables you to browse GFI EndPointSecurity Getting Started Guide.

Chapter 1: Introduces this manual.

Chapter 2: Provides basic information on GFI EndPointSecurity and how it works.

Chapter 3: Provides information on system requirements and how to install the GFI EndPointSecurity.

Chapter 4: Provides information on how to configure the installation of GFI EndPointSecurity using the Quick Start wizard.

Chapter 5: Provides information on how to test your GFI EndPointSecurity installation.

Chapter 6: Provides information on licensing and versioning.

Chapter 7: Provides all the necessary information on how to deal with any problems encountered while using GFI EndPointSecurity. Also provides extensive support information.

Chapter 8: Defines technical terms used within GFI EndPointSecurity.

Chapter 9: Provides a list of errors displayed during deployment of agents from the management console.

Administration and Configuration Manual for GFI EndPointSecurity[edit]

This user manual is a comprehensive guide aimed at assisting you in creating and deploying GFI EndPointSecurity protection policies. It describes how to use and configure GFI EndPointSecurity to achieve the best possible corporate security. The following links enables you to browse GFI EndPointSecurity Administration and Configuration manual.

Chapter 1: Introduces this manual.

Chapter 2: Provides basic information on GFI EndPointSecurity and how it works.

Chapter 3: Provides information on how to create new protection policies using the Create Protection Policy wizard.

Chapter 4: Provides information on how to deploy protection policies on to target computers.

Chapter 5: Provides information on how to monitor device and port usage activity on protected target computers.

Chapter 6: Provides information on how to monitor the status of agents deployed on protected target computers.

Chapter 7: Provides information on how to get further information about the GFI EndPointSecurity ReportPack.

Chapter 8: Provides information on how to locate and report all devices that are or have been connected to scanned target computers.

Chapter 9: Provides information on how to configure protection policy settings.

Chapter 10: Provides information on how to customize GFI EndPointSecurity settings.

Chapter 11: Provides information on how to uninstall GFI EndPointSecurity agents and GFI EndPointSecurity application.

Chapter 12: Provides information on licensing and versioning.

Chapter 13: Provides all the necessary information on how to deal with any problems encountered while using GFI EndPointSecurity. Also provides extensive support information.

Chapter 14: Defines technical terms used within GFI EndPointSecurity.

Chapter 15: Provides a list of errors displayed during deployment of agents from the management console.

Troubleshooting[edit]

This section explains how you should go about resolving issues that you might encounter while using GFI EndPointSecurity. The main sources of information available are:

  • The manual - most issues can be solved by reading GFI EndPointSecurity manuals
Download product manuals from www.gfi.com
  • GFI Knowledge Base articles
GFI maintains a Knowledge Base, which includes answers to the most common problems. If you have a problem, please consult the Knowledge Base first. The Knowledge Base always has the most up-to-date listing of technical support questions and patches. To access the Knowledge Base, visit http://kbase.gfi.com/.
  • Web forum
User to user technical support is available via the web forum. The forum can be found at http://forums.gfi.com/.
  • Contacting GFI Technical Support
If you still cannot solve issues with the software, contact the GFI Technical Support team by filling in an online support request form or by phone.
NOTE: Before you contact our Technical Support team, please have your Customer ID available. Your Customer ID is the online account number that is assigned to you when you first register your license keys in our Customer Area at https://customers.gfi.com/login.aspx.
GFI support will answer your query within 24 hours or less, depending on your time zone.