Device Management: Pointsec Protector software review

Pointsec Protector manages unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.

This article can also be found in the Premium Editorial Download: Information Security magazine: Tips from the 2007 Security 7 Awards:

DEVICE MANAGEMENT


Pointsec Protector
REVIEWED BY SANDRA KAY MILLER

Check Point Software Technologies
Price: Starts at $45 per seat

Pointsec Protector (formerly Device Protector prior to Check Point's acquisition of Pointsec) addresses the growing problem of unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.


Configuration/Management A  
Getting the product running was effortless, thanks to well-designed wizards and a straightforward installation process. Protector ties in with Microsoft Active Directory and Novell eDirectory for user and group synchronization when assigning device access rights, encryption and policies.

The administration console is intuitive, and multiple tiers of administrative access can be assigned for distributed management. We were able to easily manage users, groups and devices, policies, alerts and encryption, and create and view audits, logs and reports.


Policy Control A  
We began by editing Protector's default profile through a series of tabs to choose what types of devices and removable media to permit/deny access, define encryption, create email alerts, and assign stringent policies for groups that fell under compliance regulations (e.g., finance) and less stringent for others.

Policies are layered, so the default policy is applied to every group to which it is assigned. When another policy profile is created, it can inherit from the default policy or become a new profile. For example, in the default profile we globally banned iPods and enabled encryption on all USB storage devices. The next policy, while it inherits the default profile, may define access to approved devices, such as portable hard drives, on which encryption from the default policy will be enforced.

Policies can be assigned on a user, group or device basis. Administrators can restrict the types of files that may be transferred or the launching of unauthorized applications from removable media.

Protector uses combinations of whitelists and blacklists to block access to devices and files without any legitimate business purpose, while still allowing users access to critical tools, applications and data defined by brand, model and file type.


Reporting A  
Protector excels in logging and reporting. With detailed auditing, administrators can determine what devices are being used and in what way. Alerts are easily set up to be sent via email; we assigned each AD group a different notification recipient simulating department managers being alerted to their employees doing such things as downloading music at work or copying sensitive files to portable media.

Logs can be customized, filtered by column heading and exported to CSV. Reports are equally flexible and can be exported in HTML.


Effectiveness B  
Protector enforces all policies and offers a high level of control and auditing over offline devices. Even with local admin rights, we were prevented from disabling or uninstalling the client software from our test laptop thanks to anti-tampering controls.

The encryption feature works transparently when the user is logged on to the network. For offline machines and mobile devices, users simply drag and drop files on or off of the encrypted device through a password or challenge/response.

Protector lacks centralized control for Linux and Mac, and doesn't have data shadowing, meaning administrators could record all information sent to a particular device or port.


Verdict
Pointsec Protector is an affordable and scalable solution that will work well in both SMB and enterprise environments.


Testing methodology: The testing environment included Windows clients, AD and SQL Server. We tested the use of portable storage devices, including USB flash drives, FireWire external hard drives, CD-RW drives and floppy disk drives.

This was first published in October 2007

Dig deeper on Handheld and Mobile Device Security Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close