Published: 01 Oct 2007
REVIEWED BY SANDRA KAY MILLER
Check Point Software Technologies
Price: Starts at $45 per seat
Pointsec Protector (formerly Device Protector prior to Check Point's acquisition of Pointsec) addresses the growing problem of unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.
The administration console is intuitive, and multiple tiers of administrative access can be assigned for distributed management. We were able to easily manage users, groups and devices, policies, alerts and encryption, and create and view audits, logs and reports.
Policies are layered, so the default policy is applied to every group to which it is assigned. When another policy profile is created, it can inherit from the default policy or become a new profile. For example, in the default profile we globally banned iPods and enabled encryption on all USB storage devices. The next policy, while it inherits the default profile, may define access to approved devices, such as portable hard drives, on which encryption from the default policy will be enforced.
Policies can be assigned on a user, group or device basis. Administrators can restrict the types of files that may be transferred or the launching of unauthorized applications from removable media.
Protector uses combinations of whitelists and blacklists to block access to devices and files without any legitimate business purpose, while still allowing users access to critical tools, applications and data defined by brand, model and file type.
Logs can be customized, filtered by column heading and exported to CSV. Reports are equally flexible and can be exported in HTML.
The encryption feature works transparently when the user is logged on to the network. For offline machines and mobile devices, users simply drag and drop files on or off of the encrypted device through a password or challenge/response.
Protector lacks centralized control for Linux and Mac, and doesn't have data shadowing, meaning administrators could record all information sent to a particular device or port.
Testing methodology: The testing environment included Windows clients, AD and SQL Server. We tested the use of portable storage devices, including USB flash drives, FireWire external hard drives, CD-RW drives and floppy disk drives.