devicepro ultimate 2009 - efficient data loss prevention solution
DESCRIPTION
DevicePro 2009 intuitive device management in real-time no AD group policies or schema extensions required! CryptionPro 2009 individual encryption of external mass storage media on a file by file basis CryptionPro 2009 HDD soft- and hardware based hard disc encryption with pre-boot-authentication (UserID with password, token or SmartCard) ApplicationPro 2009 protects your clients through white list based application control You will find further informationen here: http://cynapspro.com/TRANSCRIPT
© CynapsPro 2009
DEVICEPRO ULTIMATE 2009DEVICE MANAGEMENT MADE SIMPLE AND EASY
DevicePro 2009
ApplicationPro 2009
CryptionPro 2009
CryptionPro HDD 2009
Did you know that
up to 80% of all IT security violations
and up to 70% of all identity theft
happen within a company?
• Is a Germany based company with a strongand clear focus on security and device management
• Is the vendor of one of the hottest newproducts for device security on the marketDevicePro 2009
• Is managing more than 325.000 seats with its software DevicePro
• Is extremely customer oriented and dedicated to its customer success
Solution Overview
• [...] no one can carry out in-house data, bypassing your firewall by simply using a USB-thumb drives or an external hard disc
• [...] no one will bring in viruses, trojans or other infections via USB-thumb drives or other external devices
• [...] only authorized USB-thumb drives, digital cameras and storage media corresponding with company policies will be allowed
• [...] only those employees actually entitled to do so will use external devices
DevicePro 2009 will guarantee you, that…DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Device Support
DevicePro 2009 supports the following devices:
Floppy Disks
CD & DVD Rom
USB Mass Storage
SD/MMC Cards
Infrared
Firewire
TV Tuner
Bluetooth
Smartphones
Blackberries
Bluetooth
WiFi
Parallel Port
Serial Port
PCMCIA Cards
PCI Express Cards
and more…
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
…
DeviceProArchitecture
Desktop Clients
Notebook Clients
AD Domain Controller(s), Novell eDirectory
DeviceProSer
rver
MSSQL DB
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Synchronize
Online WAN / Offline
TAN
xmlRPC
xmlRPC
Intuitive User Interface
• Very user friendly yet powerful User Interface, designed to suit Administrators and Help Desk Workers at the same time
• Different administrative areas can be authorized using different levels of rights depending on who is using the application
• Helps to achieve a fast ROI as it is optimized for the fewest possible mouse clicks
• Multilingual
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Intelligent Infrastructure
• Automated synchronizationwith MS Active Directory / Novell eDirectory DevicePro does not make changes to AD but reads and updates a local copy
Unlike other solutions, DevicePro does not just create AD policies which also allows to manage clients which are not known by AD
• Ability to create proprietary directory
• Automated agent deployment & update (Push/Pull)
• Kernel Driver to minimize ressource allocation on the client
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• Network utilization &bandwidth management Client downloads and setting updates can
be scheduled as well as utilized
Intelligent Infrastructure
• Full offline support using secure TAN‘s Even if a user is offline, a tray bar icon allows to
interact with the DevicePro agent and access rightrequests can be granted by entering a secure TAN
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• AuditTrailforfulltransparency (SOX compliance) All rights changes that are made on the server will be tracked and saved to the database
Any action that is considered as a violation of the defined rules will be tracked and reported
Sophisticated Rights Management
• Built in Ticketing System for User Helpdesk Supports single click right assignments
Eliminates need to caller-mail to User HelpDesk
Ability for admins to change local rights e.g.in remote session without having to log out
• Support for multiple modes of devicerights Ability to (pre)schedule device permission
assignments
Support for Device Whitelist
Support for Individual Devices according tohardware ID‘s
Support for different device right levels
Ability to define own device classes in case a device is not properly recognized
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Sophisticated Rights Management
• Intelligent Content Header Filter Controls all file types and can prevent specific files
or types from being opened or copied
Supports nearly any standard file format
Reads file header information to prevent security breaches through renaming
Provides the ability (Wizard) to define own file type classes
• Integrated Reporting Console Overview Reports
Reports on Device Types
Search for unallowed file access
Access statistics
Rights analysis
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Rights Management ModelsDeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
User centered Machine centered
• Rights Management can be user centered, machine centered or combined DevicePro rights management can be easily adjusted to each company‘s philosophy
In case a combined model is used, machine rights go first, combined rights get second priority and in case this doesn‘t match, user rights will be taken into account
Reporting ConsoleDeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• Detailed rights overview All access rights can be reviewed live at any time with a click of the mouse
All changes in rights can be tracked down to when, who and why
All changes within a defineable period of time can be reviewed at any time
Reporting ConsoleDeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• User access statistics and rights updates All user access operations can be logged down to devices and even file names
„Missing“ files can be tracked down to
• The user who has access edit
• The device which it was copied to
• The time it was accessed last
• [...] define application white lists to control application access within your company
• [...] define roles and assign predefined application packets to them
• [...] learn your users application usage and redefine your companies application needs which helps optimizing your license cost
• [...] stop Viruses and Trojans from spreading
ApplicationPro 2009 allows you, to…DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
ApplicationPro Features and Benefits
• Intelligent learning mode Simply lauch the integrated learning
mode and all applications startedduringthe time recorded will beshown
Select the applications you want yourusers to work with and apply them to an application packet
• Definition of roles and packets Create application packets according to
application names and their hashes thathelp to identify applications uniquely
Create roles like Helpdesk orAdministration and assign applicationsor application packets to them
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• [...] no unauthorized people can read your data
• [...] the loss of an external mass storage device is not a security risk
• [...] data on external devices is automatically encrypted through background processes
• [...] that wherever you may be, you can always access your encrypted data
CryptionPro 2009 ensures, that…
CryptionPro Features and Benefits
• CryptionPro supports several ways to encrypt Automatic Encryption
Individual Encryption
Encryption Type: AES 256 Bit
Encryption Type: Blowfish 256 Bit
Offline encryption through MobileCryption
Master Password Management
Central Password Management
Access rights based on groups or for individual users
Individual User Notification
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
• [...] your internal Hard Disks are encrypted
• [...] no one can access your data even when booting Linux or WinPE over CD
• [...] the loss of your notebook is not a security risk to your company
• [...] your company data is as secure as possible
CryptionPro HDD ensures, that…
CryptionPro HDD Features and Benefits
• CryptionPro HDD Software-based Full Disk Encryption (FDE) Encryption driver in NTLoader and Microsoft Windows
Transparent encryption with strong algorithms
• AES, Triple-DES, Blowfish
Encryption key can be chosen or random generated
Partition based encryption keys
Sector based encryption per partition
Encryption of operating system, data files, temp filesand hibernation file
Emergency recovery mechanisms based on Bart-PE
Encryption of external storage devices (USB and PCMCIA)
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
CryptionPro HDD Features and Benefits
• CryptionPro HDD Pre Boot Authentication System (PBA) Boot computer from hardened Linuxsystem
Integrated authentication mechanisms
• Transparent Mode (without authentication)
• Smartcard / PKCS#11 token
• Windows Credentials (username, domain, password)
Integrated Boot Manager
Single Sign-On to Windows and Novell
• Username, domain, password
• X.509 certificate
HelpDesk Integration in logindialog
• Offline challenge/response with user helpdesk
• Unblock Smartcard
• Login without smartcard
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
CryptionPro HDD AuthenticationMethods
• Transparent Mode No user interaction required
Key is obfuscated on harddisk
Laptop bootstill Windows login dialog
Minimal level of protection
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
Obfuscation Disk Key
Min
imal
SecurityLevel
CryptionPro HDD AuthenticationMethods
• Windows Credentials Mode Pre-Boot-Authentication with hardened LinuxKernel
Key is encrypted with users password
Single-Sign-On to Microsoft Windows, Novell
Multi user support
Medium level of protection
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
24
UsernamePasswordDomain
Authentication
UsernamePasswordDomain
Authentication
UsernamePasswordDomain
Authentication
User 1
User 2
User 3
Decryption Disk Key
Med
ium
SecurityLevel
CryptionPro HDD Features and Benefits
• Smartcard Mode Preboot authentication with hardened Linux Kernel
Key is encrypted with users password
Single-Sign-On to Microsoft Windows, Novell
Multi user support
Maximum level of protection
DeviceP
roA
pp
lication
Pro
Cryp
tion
Pro
Cryp
tion
Pro
HD
D
+ PIN
Decryption Disk Key
User 1
User 2
User 3
Maxim
um
SecurityLevel
CynapsPro GmbHE-Mail: [email protected]