GUARDIANEDGE DEVICE CONTROL

• Protect organizations from the risks associated with the loss or leakage of trade secrets, intellectual property, and private information.
• Safeguard critical mobile data by ensuring only the authorized transfer of files to portable devices and portable media
• When combined with GuardianEdge Removable Storage Encryption, allow employees to safely take work home, or information to be securely transferred to partners, suppliers, or customers without putting mobile data at risk.
• Speed deployment and control operational costs by leveraging existing Microsoft Active Directory and Novell eDirectory infrastructure
• Save time and reduce complexity and expenses by managing a complete data protection solution including full disk encryption, removable media encryption, and port and device control through a single management console.

Standard and Platform Editions

• Platform Edition - Integrates with the GuardianEdge suite of data protection products using Active Directory-based policy services and management
• Standard Edition - Supports Novell eDirectory or the GuardianEdge-provided Policy Server for synchronization, policy deployment, auditing, etc.

Wireless Connections

• WiFi, Bluetooth, IrDA
• WiFi control includes MAC address, SSID and security level of network
• Prevents bridging by blocking other ports while connected to the wired corporate LAN

External Ports

• Disable or restrict read and write access
• USB, FireWire, PCMCIA, Secure Digital (SD), parallel, serial, modem

Internal Ports

• Logging and Alert on change
• IDE, SCSI, ATA, SATA, PCI and PCI-X

Storage Control

• Restrict data transfer activity
• Removable storage devices, external hard drives, CD/DVD, floppy, tape

Supported Devices

• All devices connected to ports, by type, serial number, manufacturer, etc.
• Whitelist of devices approved for use

File Control

• Control file types allowed to be read/written to devices
• Approximately 200 built-in file types and 15 file categories

CD / DVD Media Whitelists

• Allow use or viewing of only approved specific CDs and/or DVDs

Anti-Hardware Keylogger

• Blocks USB and PS/2 hardware keyloggers

U3 and Autorun Control

• Allows access to U3 drives only as regular USB drives
• Protects against auto-launch programs by blocking autorun

Internal / External Database Support

• Supports either the internal, provided SQL database or an external SQL compatible database of your choice

Platform Edition - File Shadowing

• Log and/or mirror a copy of all files written to removable media to a central file share

Platform Edition - Active Directory Integrated Administration and Management

• Tightly integrated with Active Directory, enabling GPO-based policy deployment
• Role-based policy administration
• Detailed audit records to verify policy enforcement

Platform Edition - GuardianEdge Removable Storage Integration

• Closely integrated for complete protection of data on removable storage devices using encryption
• Unified reporting provides complete visibility into data transfer activity and security status

OS Support

• Microsoft Windows® XP, Windows 2000, Windows XP Tablet PC, Windows 2003 Server, Windows Vista

• The industry’s only native Active Directory integration
  GuardianEdge’s unique approach to management is based on an MMC snap-in architecture, MSI and EXE files for deployment, as well as Microsoft® Active Directory® GPOs for policy control. This approach leverages the significant investment that organizations have already implemented in Active Directory—a scalable, robust and familiar management environment. It includes existing organizational structures such as groups, OUs and domains, role-based administration, training, replication and failover. The result is the industry’s lowest total cost of ownership, with minimal training requirements for IT staff and fast deployments.
• Single console administration for endpoint data protection products
  Enterprises also need common administration for data protection solutions. GuardianEdge enables common policy management, reporting, role-based administration, help desk, key management and other administrative actions for GuardianEdge applications (Hard Disk Encryption, Removable Storage Encryption and Device Control) from the same single management console.
• Proven ease of operation
  GuardianEdge Removable Storage Encryption builds on a 13-year track record of success in creating and managing endpoint data protection solutions. It boasts the highest success rates on deployment, as well as a long list of satisfied blue chip customers. Additionally, service and support for GuardianEdge products—a key component of any enterprise-class solution—meets the highest standards for availability, customer satisfaction and expert assistance.
• Non-disruptive user experience
  GuardianEdge Device Control delivers full protection with minimal intrusion into users’ daily use of their machines. This best-in-class user experience includes customized error messages on detection of restricted actions, simple deployment, offline help desk capability and background operation.
• Simple-to-administer and highly granular data protection policies
  Simple selections for industry best practices or customized policies for either whole organizations, groups, individual machines or other organizational units—combined with the capability to simply and easily tailor policies and simply deploy policies with GPO or native mechanisms—make Device Control easy to customize and manage.
• Whitelists restrict access to only approved devices
  Allows administrators to create whitelists of approved devices and CD/DVDs—either organization-wide (with exceptions if required) or by Active Directory or eDirectory groups and machines.
• Administrators can restrict wireless connectivity to authorized networks
  Enables organizations to protect data from loss over unsecured networks by limiting access to only approved and secured networks. For instance, allow use on internal company wireless networks while rejecting connections to others.

Supported Deployment Topologies

1. What are the differences between the Platform and Standard Editions with respect to deployment topologies supported?
   The Platform Edition is intended for customers with clients joined to an Active Directory domain. The Standard Edition is intended for customers with Novell-managed clients and/or clients that are not joined to any directory service.
2. What is the integration between GuardianEdge Device Control Platform Edition and the GuardianEdge Data Protection Platform?
   Both products can be managed from the same console providing an administrator a consistent workflow in managing all GuardianEdge products.