Description
LOGIN PROTECTION
The robust user authentication is done by a password and the use of personal IDs. Moreover, additional protection mechanisms are provided to domain users, such as certificate based login.
FIREWALL
Monitoring of network activity of the computer and filtering of a large number of protocols in accordance with the defined rules, even at the level of individual applications, users or users groups. Network traffic signature for protection against MiTM. Self-learning of rules and IPS host.
CENTRALIZED DEPLOYMENT, CONTROL AND MANAGEMENT
Data Protection Studio ensures an easy deployment through a centralized installation of the product in all the controlled domain workstations. The configuration of continuing and group policies for all the protection mechanisms is conducted using a unique security agent.
TRUSTED EXECUTION ENVIRONMENT
The trusted environment is secured through computers protection against unauthorized downloads and the possibility to limit the list of programs that can be run, verifying the integrity of executable files.
NETWORK INTRUSION PROTECTION (NIPS)
Heuristic and signature based attack detection. Automatic locking of intrusions attempts when detecting abnormal packages, scanning ports, during service denial attacks, among others.
ALERT MONITORING
The events generated by each installed agent are centralized in the security server. For a faster response to critical security events, all the protected computers may be divided into monitoring groups with independent visualization of the current situation and the possibility of recognizing the events.
DATA ACCESS CONTROL
Mandatory and discretionary access control based on confidentiality categories of resources (files, directories, devices, printers, and network interfaces) and access rights of users. Print control and visibility of confidential information, complemented with secure data wiping.
ENCRYPTED CONTAINERS
Encrypted information containers may be created, which are mounted in the system as a virtual unit. These may be stored to disk or removable media, and the encryption keys may also be stored in external devices.
INVESTIGATION OF SECURITY INCIDENTS
The advanced event log system and the possibility of generating practical and detailed reports enable the gathering of detailed material for the investigation of security incidents: tracing attacks, malware distribution channels and insiders' actions in different time intervals. In addition, Data Protection Studio produces copies of files/documents transferred to the printer or external information carriers, significantly simplifying the process of investigation of information leak events.
DISTRIBUTED ARCHITECTURE
The high scalability of solutions is provided by the creation of centralized security policies and their continuation in the distributed domain infrastructures enables the definition of geographically isolated domains. Hierarchy support and backup of security servers, as well as privilege separation for complex infrastructure administrators.
DEVICE CONTROL
Integrity control of computer hardware settings during operation, control of connection and disconnection of devices. Data Protection Studio is compatible with an extensive list of controlled external devices (webcams, mobile phones, 3G modems, network cards, flash drives, printers, etc.) and provides different response scenarios when these are connected or disconnected from the computer.
ANTIVIRUS PROTECTION
Protection against malicious executable files in workstations and servers with the possibility of scanning and running scheduled tasks on demand of the administrator or the user.
The robust user authentication is done by a password and the use of personal IDs. Moreover, additional protection mechanisms are provided to domain users, such as certificate based login.
FIREWALL
Monitoring of network activity of the computer and filtering of a large number of protocols in accordance with the defined rules, even at the level of individual applications, users or users groups. Network traffic signature for protection against MiTM. Self-learning of rules and IPS host.
CENTRALIZED DEPLOYMENT, CONTROL AND MANAGEMENT
Data Protection Studio ensures an easy deployment through a centralized installation of the product in all the controlled domain workstations. The configuration of continuing and group policies for all the protection mechanisms is conducted using a unique security agent.
TRUSTED EXECUTION ENVIRONMENT
The trusted environment is secured through computers protection against unauthorized downloads and the possibility to limit the list of programs that can be run, verifying the integrity of executable files.
NETWORK INTRUSION PROTECTION (NIPS)
Heuristic and signature based attack detection. Automatic locking of intrusions attempts when detecting abnormal packages, scanning ports, during service denial attacks, among others.
ALERT MONITORING
The events generated by each installed agent are centralized in the security server. For a faster response to critical security events, all the protected computers may be divided into monitoring groups with independent visualization of the current situation and the possibility of recognizing the events.
DATA ACCESS CONTROL
Mandatory and discretionary access control based on confidentiality categories of resources (files, directories, devices, printers, and network interfaces) and access rights of users. Print control and visibility of confidential information, complemented with secure data wiping.
ENCRYPTED CONTAINERS
Encrypted information containers may be created, which are mounted in the system as a virtual unit. These may be stored to disk or removable media, and the encryption keys may also be stored in external devices.
INVESTIGATION OF SECURITY INCIDENTS
The advanced event log system and the possibility of generating practical and detailed reports enable the gathering of detailed material for the investigation of security incidents: tracing attacks, malware distribution channels and insiders' actions in different time intervals. In addition, Data Protection Studio produces copies of files/documents transferred to the printer or external information carriers, significantly simplifying the process of investigation of information leak events.
DISTRIBUTED ARCHITECTURE
The high scalability of solutions is provided by the creation of centralized security policies and their continuation in the distributed domain infrastructures enables the definition of geographically isolated domains. Hierarchy support and backup of security servers, as well as privilege separation for complex infrastructure administrators.
DEVICE CONTROL
Integrity control of computer hardware settings during operation, control of connection and disconnection of devices. Data Protection Studio is compatible with an extensive list of controlled external devices (webcams, mobile phones, 3G modems, network cards, flash drives, printers, etc.) and provides different response scenarios when these are connected or disconnected from the computer.
ANTIVIRUS PROTECTION
Protection against malicious executable files in workstations and servers with the possibility of scanning and running scheduled tasks on demand of the administrator or the user.