Endpoint Data Protection

Secure corporate data over endpoints.

Cyberoam Endpoint Data Protection controls the risk of data leakage posed by large segments of corporate data residing on endpoints, usage of endpoints outside the network by road warriors and unrestricted use of removable storage devices, applications, network sharing and printing.

Cyberoam offers Layer-8 Identity based controls over endpoints, controlling access to these media in addition to activity over the endpoints while providing extensive logs and shadow copies. Thus, it prevents data leakage, ensuring that organizations meet the requirements of regulatory compliance like HIPAA, CIPA, GLBA. It also prevents malware entry and enhances employee productivity and efficiency in IT asset management.

Unrestricted data transfer to removable devices like USB and CD/DVD drives, or through web, mail, IM, P2P applications and more is resulting in rising security breaches. While organizations are struggling to define their data loss prevention needs comprehensively, endpoint data protection has emerged as the critical immediate step. Simultaneously, presence of branch offices, rise in sophisticated attacks and the resultant bugs and vulnerabilities are necessitating centralized, automated asset management at the endpoint.

Hence, organizations need security that moves with users to protect data and assets in endpoint devices. While gateway security solutions secure the organizations’ perimeter, endpoint solutions are needed to secure the weakest link in organizations - the end user.

Available in downloadable form, Cyberoam offers enhanced Endpoint Data Protection with policy-driven data and asset management over the endpoint. The easy-to-manage enhanced Endpoint Data Protection provides seamless control with logging, reporting, encryption and policy-driven controls. It prevents data loss, enhances security, employee productivity and efficient management of IT assets while retaining business flexibility. In addition, organizations can meet regulatory and security compliance requirements.

Benefits:

Prevent Endpoint Data Leakage - Control files transferred over removable devices, instant messengers, emails, network sharing and printers, preventing data leakage over endpoints.
Remote Data Control through Encryption - Eliminate the risk of data loss through device and file encryption. Decryption requirement prevents data leakage in case of lost devices.
Rapid and Simple Deployment - Automatic and centralized installation of robust, tamper-proof agents over multiple end points ensures seamless and transparent deployment.
Reduce Total Cost of Ownership of IT and Security - Hardware and software asset management with inventory, patch, update management and remote deployment of Microsoft Software Installation (MSI) packages, allow organizations to control hardware and software costs while meeting security compliance requirements.
Reduce Malware Penetration, Legal Liabilities, Business Losses - Centralized hardware and software management prevents legal liabilities arising out of unauthorized and illegal application deployment by users. Automated patch management reduces malware penetration, lowering incidences of network outage. Prevention of data leakage across distributed offices and mobile workforce further lowers legal liability and business losses.

Solution Components

The Cyberoam Endpoint Data Protection consists of 3 components:

Server - Database storage and agent management
Console - Audits, controls and monitors the computers
Agent - Collects and forwards the data to the server

Deployment Diagram

Cyberoam Endpoint Data Protection - Modules:

	Data Protection and Encryption	Encrypts and decrypts files and removable devices, controls document operations in addition to controlling data transfer over removable devices, applications, network sharing and printing
	Device Management	Offers policy-based access to removable devices, involving user work profile, time of the day and class of device
	Application Control	Offers identity-based access to application classes based on time of the day
	Asset Management	Provides centralized and automated management of hardware and software assets with inventory, patch and update management

Data Protection and Encryption:

Protect sensitive data even in lost or stolen flash drives.

Cyberoam’s endpoint Data Protection & Encryption module controls data loss with encryption and decryption over removable devices, document control, in addition to control over removable devices, applications, network sharing and printing.

Layer 8 identity-based policies prevent data leakage through endpoints within the network or when carried by road warriors, helping organizations comply with regulatory requirements like HIPAA, PCI DSS, GLBA. These controls prevent leakage of critical product, financial, sales, marketing, employee or corporate data, minimizing financial and legal liability or loss of stakeholder confidence.

Key Highlights
Document Controls Cyberoam controls the creation, modification, copy and deletion of documents Shadow copies can be created during these activities, preventing data loss Removable Device Controls Access Control of Removable Devices – Cyberoam supports the creation of black list and white list of USB-based devices, ensuring compulsory usage of encrypted devices through Layer 8 policies with identity, group, department, hierarchy-based allocation in addition to read-write controls over the devices Encryption – Cyberoam ensures compulsory encryption and decryption of file or removable device at the time of file transfer, preventing data leakage in case of lost USB devices File Transfer Controls – Cyberoam controls file transfer over fixed and removable devices based on the user role, file name and extension Shadow Copies of files are stored during file transfer over removable media, eliminating the threat of data loss and assisting in forensics Email Controls Cyberoam controls file transfer over email based on the sender or recipient’s identity or group-based work profiles, subject and attachment name, extension and size Shadow copies can be created on the basis of the sender, recipient names and attachment size Instant Messenger Controls Cyberoam controls file transfer through Skype, MSN, Yahoo, Google Talk and other popular instant messengers based on file name, extension and size Shadow copies are created of files uploaded and downloaded over IMs Logs are archived for chat conversation as well as file upload and download Printer Control Cyberoam controls access to printers and file printing over local, network, shared and virtual printers based on printer name, file name and extension combined with Layer 8 Identity-based policies Recorded image of the printed file is stored, ensuring quick audits and forensics Network Sharing Cyberoam Endpoint Data Protection allows or disallows network sharing based on Layer 8 Identity-based policies, minimizing incidents of data leakage Logging-Reporting-Alerts Cyberoam creates logs and reports related to access, usage, modification, transfer and deletion of files It can send customizable alerts to administrators for prompt action and a message to end users, ensuring user education regarding best practices

Key Highlights

Document Controls

Cyberoam controls the creation, modification, copy and deletion of documents
Shadow copies can be created during these activities, preventing data loss

Removable Device Controls

Access Control of Removable Devices – Cyberoam supports the creation of black list and white list of USB-based devices, ensuring compulsory usage of encrypted devices through Layer 8 policies with identity, group, department, hierarchy-based allocation in addition to read-write controls over the devices
Encryption – Cyberoam ensures compulsory encryption and decryption of file or removable device at the time of file transfer, preventing data leakage in case of lost USB devices
File Transfer Controls – Cyberoam controls file transfer over fixed and removable devices based on the user role, file name and extension
Shadow Copies of files are stored during file transfer over removable media, eliminating the threat of data loss and assisting in forensics

Email Controls

Cyberoam controls file transfer over email based on the sender or recipient’s identity or group-based work profiles, subject and attachment name, extension and size
Shadow copies can be created on the basis of the sender, recipient names and attachment size

Instant Messenger Controls

Cyberoam controls file transfer through Skype, MSN, Yahoo, Google Talk and other popular instant messengers based on file name, extension and size
Shadow copies are created of files uploaded and downloaded over IMs
Logs are archived for chat conversation as well as file upload and download

Printer Control

Cyberoam controls access to printers and file printing over local, network, shared and virtual printers based on printer name, file name and extension combined with Layer 8 Identity-based policies
Recorded image of the printed file is stored, ensuring quick audits and forensics

Network Sharing

Cyberoam Endpoint Data Protection allows or disallows network sharing based on Layer 8 Identity-based policies, minimizing incidents of data leakage

Logging-Reporting-Alerts

Cyberoam creates logs and reports related to access, usage, modification, transfer and deletion of files
It can send customizable alerts to administrators for prompt action and a message to end users, ensuring user education regarding best practices

Device Management:

Stop use of unauthorized devices.

Cyberoam’s endpoint Device Management controls the use of removable media like USB devices, other storage devices like CDs/DVDs, communication devices like Blue Tooth, network devices and more.

Cyberoam applies Layer 8 identity-based policies based on type of media whether the user is within or outside the network, preventing data leakage in the event of lost or stolen devices.

Key Highlights
Access Control over Removable Devices – Cyberoam endpoint Device Management allows or blocks access to the following removable devices based on whitelists and blacklists of devices – USB and other Storage Devices – Pen drives, hard disks, CDs/DVDs, tapes, PDAs, smart phones and more Communication Devices – Wi-Fi, Bluetooth adapters, etc. Network Devices – Wireless or Virtual LAN adapters Dial-up Connections Layer 8 Identity-Based Policies – Cyberoam supports the creation of Layer 8 identity-based policies with the following rules – Individual users and groups based on work profile and hierarchy Time of the day Expiry time for temporary policies Logging-Reporting-Alerts – Cyberoam endpoint Device Management supports immediate action and policy updation, offers complete audit trail and aids forensic analysis through – Comprehensive, archived logs related to access of removable media inside and outside the network Administrator alerts and warning messages to users

Key Highlights

Access Control over Removable Devices – Cyberoam endpoint Device Management allows or blocks access to the following removable devices based on whitelists and blacklists of devices –

USB and other Storage Devices – Pen drives, hard disks, CDs/DVDs, tapes, PDAs, smart phones and more
Communication Devices – Wi-Fi, Bluetooth adapters, etc.
Network Devices – Wireless or Virtual LAN adapters
Dial-up Connections

Layer 8 Identity-Based Policies – Cyberoam supports the creation of Layer 8 identity-based policies with the following rules –

Individual users and groups based on work profile and hierarchy
Time of the day
Expiry time for temporary policies

Logging-Reporting-Alerts – Cyberoam endpoint Device Management supports immediate action and policy updation, offers complete audit trail and aids forensic analysis through –

Comprehensive, archived logs related to access of removable media inside and outside the network
Administrator alerts and warning messages to users

Application Control:

Allow only authorized applications

Cyberoam’s endpoint Application Control regulates access to applications like email, IM, P2P, FTP, gaming, preventing data leakage and malware entry while enhancing employee productivity.

Cyberoam’s Layer 8 controls over individual users and groups offer granular controls and visibility, supporting organizational efforts to meet regulatory compliance requirements of HIPAA, PCI DSS, GLBA.

Key Highlights
Application Classes – Cyberoam’s endpoint Application Control allows or blocks access to applications whether the endpoint is within or outside the network based on – Whitelists and blacklists of application classes which include– Browsing, IM, P2P Corporate applications like ERP, CRM, Email, FTP Entertainment, games Custom classes relevant to the organization Layer 8 Identity-based policies for users and groups based on work profile, department, hierarchy Time of the day Expiry time for temporary policies Endpoint application control based on application classes allows administrators to minimize data leakage and malware incidence while enhancing employee productivity. Logging-Reporting-Alerts Cyberoam endpoint Application Control logs application access by users with time of access, system, user and application name, enabling managers to assess employee work pattern It also provides customized alerts to administrators and warning messages to users in case of unauthorized access to applications

Key Highlights

Application Classes – Cyberoam’s endpoint Application Control allows or blocks access to applications whether the endpoint is within or outside the network based on –

Whitelists and blacklists of application classes which include–
- Browsing, IM, P2P
- Corporate applications like ERP, CRM, Email, FTP
- Entertainment, games
- Custom classes relevant to the organization
Layer 8 Identity-based policies for users and groups based on work profile, department, hierarchy
Time of the day
Expiry time for temporary policies

Endpoint application control based on application classes allows administrators to minimize data leakage and malware incidence while enhancing employee productivity.

Logging-Reporting-Alerts

Cyberoam endpoint Application Control logs application access by users with time of access, system, user and application name, enabling managers to assess employee work pattern
It also provides customized alerts to administrators and warning messages to users in case of unauthorized access to applications

Asset Management:

Efficiently manage IT infrastructure

Cyberoam's endpoint Asset Management for Windows offers centralized and automated hardware and software asset management, including inventory, patch and update management. It streamlines IT infrastructure management, prevents the deployment of illegal and unauthorized applications by users, lowering malware incidence, legal liability and operational costs.

Through agent installation over Windows endpoints, Asset Management discovers the hardware and software components, minimizes the complexity involved in manual Asset Management of hundreds and thousands of endpoints at distributed locations, lowers the need for technical resources and ensures higher accuracy.

Key Highlights
Asset Types – Cyberoam endpoint Asset Management provides automated inventory tracking of the following hardware and software asset types, in addition to providing information regarding license renewal dates, asset location, configuration, version tracking and historical information – Hardware Assets – CPU, memory, network adapter, disks, motherboard, integrated peripherals like sound card, keyboard, modem Software Assets – Operating system, anti-virus, applications, Microsoft patches Custom Assets – Printers, switches, routers. Cyberoam also provides automatic collection of endpoint information related to hardware configuration and list of installed applications in addition to preventing download of illegal applications. Patch Management – Cyberoam provides information regarding systems vulnerable to malware attacks while providing automated and centralized Windows patch management with – Periodic checks for Windows patches Auto patch download, distribution and centralized installation by nodes It prevents malware attacks and helps organizations meet security compliance requirements. Remote Deployment Support Cyberoam can perform remote installation of new Microsoft Software Installation-based applications, eliminating the need for physical presence of the endpoint It creates pre-specified packages and performs bulk deployment of these applications remotely Reporting Cyberoam’s endpoint Asset Management module provides in-depth reporting of hardware and software assets which can be exported to CSV, XLS or HTML formats These reports are helpful in audit, forensics and compliance requirements

Key Highlights

Asset Types – Cyberoam endpoint Asset Management provides automated inventory tracking of the following hardware and software asset types, in addition to providing information regarding license renewal dates, asset location, configuration, version tracking and historical information –

Hardware Assets – CPU, memory, network adapter, disks, motherboard, integrated peripherals like sound card, keyboard, modem
Software Assets – Operating system, anti-virus, applications, Microsoft patches
Custom Assets – Printers, switches, routers.

Cyberoam also provides automatic collection of endpoint information related to hardware configuration and list of installed applications in addition to preventing download of illegal applications.

Patch Management – Cyberoam provides information regarding systems vulnerable to malware attacks while providing automated and centralized Windows patch management with –

Periodic checks for Windows patches
Auto patch download, distribution and centralized installation by nodes

It prevents malware attacks and helps organizations meet security compliance requirements.

Remote Deployment Support

Cyberoam can perform remote installation of new Microsoft Software Installation-based applications, eliminating the need for physical presence of the endpoint
It creates pre-specified packages and performs bulk deployment of these applications remotely

Reporting

Cyberoam’s endpoint Asset Management module provides in-depth reporting of hardware and software assets which can be exported to CSV, XLS or HTML formats
These reports are helpful in audit, forensics and compliance requirements

System Requirements:

Module	Operating System	Database	Recommended Hardware
Server	Win 2000 SP4/XP SP2/2003 SP1/Vista & Win 7*	SQL Server 2000 SP4 or above / SQL Server 2005 SP1 or above MSDE SP4 / SQL Server 2005 Express	Pentium IV 2GHZ/512MB Memory/50GB HDD space
Console	Win2000 SP4/XP/2003/2008/Vista & Win 7*	NA	Pentium IV 2GHZ/512MB Memory/50GB HDD space
Agent**	Win 2000/XP/2003/2008/Vista & Win 7*	NA	Pentium III 500 MHZ/128MB Memory/1 GB HDD space

*Supports 32 bit version for Vista and Win 7
**Licensing is based on number of Agents.

Documentation:

Download the Cyberoam Endpoint Data Protection Datasheet (PDF).

Quick Product Search:

Endpoint Data Protection

Solution Components

Cyberoam Endpoint Data Protection - Modules:

Data Protection and Encryption:

Protect sensitive data even in lost or stolen flash drives.

Device Management:

Stop use of unauthorized devices.

Application Control:

Allow only authorized applications

Asset Management:

Efficiently manage IT infrastructure

System Requirements:

Documentation: