Feature

Product Review: GuardianEdge Data Protection Platform

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Security researchers on biometrics, insider threats, encryption and virtualization."

Download it now to read this article plus other related content.

Policy ControlA  

GuardianEdge offers flexible policy control; we were impressed by the complete ease with which policies were created and modified through multiple channels.

Policies are deployed to clients through AD Group Policy or a third-party tool for distributing software. Implementing and editing policies was easy, in contrast to the obscure and tedious methodologies on many similar products. GuardianEdge provides granular control over ports, devices, storage and wireless adapters, as well as specific logging, alerting and encryption controls. Client-based policy enforcement includes an anti-tampering feature that we were unable to circumvent.


Overall SecurityB-  

Although GuardianEdge provides all the endpoint control security features found in competing products, it's limited to Microsoft systems.

It covers all the bases of endpoint device protection, including defense against hardware-based keyloggers, autorun blocking for executables

    Requires Free Membership to View

stored on portable media, and tight controls for physical and wireless ports.

Data shadowing allows all information accessed by a specific port or device to be recorded.

The device control component's audit feature let us quickly discover specific items on our network. We set up filters to identify machines with wireless adapters on the entire network, by network segment or by individual computers, then created an inventory spreadsheet.

Encryption covers all the bases for security, compliance and usability, including a self-service password recovery feature. GuardianEdge supports AES 128 and 256, multifactor authentication and kernel-level authentication prior to booting from an encrypted hard disk.

However, neither hard disk nor removable storage encryption functioned well on our Vista test systems.


Logging and ReportingB+  

GuardianEdge delivers comprehensive logging and reporting without any extra snap-in or software.

Responding to regulatory requirements, some companies have become overzealous in their logging; this is one product you don't want to do that with. Given the wide range of security GuardianEdge covers, it's easy to become quickly overwhelmed by logging everything.

Administrators can keep track of policy-controlled events through the Windows System Event Viewer, reports created through the Windows Group Policy Management console or through a Client Monitor Watchlist.

Extensive support for Windows snap-ins creates a familiar environment for administrators to quickly integrate logging and reporting into standardized distribution channels, such as SNMP.


Verdict

GuardianEdge delivers easy administration, acceptable security and automated logging for Microsoft clients.



Testing methodology: We deployed GuardianEdge Server and Manager on Microsoft Windows Server 2003 with Active Directory and tested using a variety of devices running Windows 2000, XP and Vista.

This was first published in November 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: