• 10-24 Computers - $25.00 per Computer

• What's New in V.4
• Product Pricing
• LIVE Sales Chat
• LIVE Support Chat

• Download FREE Trial
• Buy Now

Features

How it Works
To control access, GFI EndPointSecurity™ installs a small footprint agent on your user's machine. This agent is only 1.2 MB in size, your user will never know it is there. GFI EndPointSecurity includes a remote deployment tool based on GFI LANguard™ technology, allowing you to deploy the agent to hundreds of machines with just a few clicks. After installation, the agent queries Active Directory when the user logs on and sets permissions to the different nodes accordingly. If the user is not a member of a group that allows access to a particular device or set of devices, then access is blocked.

Manage User Access and Protect Your Network From Portable Devices
Using GFI EndPointSecurity you can centrally disable access to any portable device, preventing both data theft and the introduction of data or software that could be harmful to your network. Although you could block portable storage devices such as CDs and floppy drives from the BIOS of the individual machine, the solution is cumbersome and impractical at times of software or network upgrades. For example, a desired new software or device install would require the Network Administrator to physically visit each machine, temporarily disable protection, perform the install and then re-enable protection; and, any sophisticated user can hack the BIOS circumventing the security measure altogether. GFI EndPointSecurity allows you to take control over your environment and the access of a wide variety of devices including:

• Floppy disks
• CDs and DVD ROMs
• iPods
• Storage devices
• Printers
• PDAs
• Network adapters
• Modems
• Imaging devices
• And more

Log the Activity of Portable Device Access to your Network
USB sticks present a significant threat to your business environment. They are small, easily hidden and can store up to 4 GB of data. Even plugging a digital camera into a USB port gives users access to storage on an SD card; SD cards are available in 2 GB capacity and more. That's a lot of potential for carrying off your data or for exporting infected software onto your network. In addition to blocking access to portable storage media, GFI EndPointSecurity logs device related user activity to both the event log and to a central SQL Server. A list of files that have been accessed on a given device is recorded everytime an allowed user plugs in.

Easily Configure Group-based Protection Control via Active Directory
You can categorize computers into protection groups. For each group you may specify the level of protection and portable device access to allow. The ability to group your networked computers is a powerful feature; making, for example, an entire department into one group then managing the department's setting by managing the group as a single entity. Configuration of GFI EndPointSecurity is effortless and leverages the power of Active Directory. It does not require the administrator to remember and track which policies were deployed to which computers. Other storage control software requires cumbersome machine by machine administration, forcing you to make the changes on a per-machine basis and then to update the configuration on each machine before the settings take effect. GFI EndPointSecurity does away with all of that.

Advanced Granular Access Control via Whitelists and Blacklists
GFI EndPointSecurity enables you to allow or deny access to a range of device classes, as well as to block files transferred by file extension, by physical port and by device ID (the factory ID that identifies each device). It is also possible to specify users or groups then manage their access to devices givng them permissions ranging from no access ever, some access to some devices some of the time, all of the way to full access at all times. GFI EndPointSecurity allows administrators to define a device whitelist and a blacklist allowing only company-approved devices, effectively and easily blocking all others.

Real-time Status Monitoring and Alerts
GFI EndPointSecurity provides real-time status monitoring through its user interface. It displays statistical data through graphical charts, the live status of the agent and more. GFI EndPointSecurity also allows you to send alerts when specific devices are connected to the network. Alerts can be sent to one or more recipients by email, network messages, and SMS notifications sent through an email-to-SMS gateway or service.

Get Detailed Reports on Device Usage with GFI ReportPack™ add-on
The GFI EndPointSecurity ReportPack is a powerful reporting package that add-ons on free to GFI EndPointSecurity. This reporting package can be scheduled to automatically generate graphical IT-level or higher level management reports based on data collected by GFI EndPointSecurity, giving you the ability to report on devices connected to the network, user activity, endpoint files copied to and from devices (including actual names of files copied) and much more.

More Information about the GFI EndPointSecurity ReportPack

Tamper-proof Agent
The agent used to control machines has a number of security elements applied to render it tamper-proof. Users are unable to uninstall the agent as it is not published as an installed application. As additional security, install can only be accomplished if a special 128 character ID to unlock the uninstaller is registered. A sample of the other security features includes encryption of the configuration file used by the agent; the automatic regeneration of registry keys and critical files if these are tampered with; an emergency block mode if the configuration file is corrupt, leaving access to the driver only possible by a system reinstall or using the recovery console.

Easy Unattended Agent Deployment
GFI EndPointSecurity provides administrators with the ability to automatically schedule agent deployment after a policy or configuration change. If a deployment fails, it is rescheduled until deployed successfully. GFI EndPointSecurity remote deployment tool can deploy its security agent network-wide in a few minutes and we facilitate Active Directory deployment through MSI.

Permit Temporary Device Access
Temporary access can be granted to users for a device (or group of devices) on a particular computer for a particular timeframe. This can be done even if the GFI EndPointSecurity agent is not connected to the network!

Other Features:

• Scan and detect a list of devices that have been used or are currently in use
• Password protected agents to avoid tampering
• Set up custom popup messages for users when they are blocked from using a device
• Browse user activity and device usage logs through a backend database
• Maintenance function that allows you to delete information that is older than a certain number of days
• Support for operating systems in any Unicode compliant language

You're in Great Company...
Many leading companies have chosen GFI EndPointSecurity. Here are just a few: Best Western Sterling Inn, Fair Trades Ltd, Central Highlands Water, Aurum Funds and many more.

Customer List and Testimonials

System Requirements:

• Operating system: Windows 2000 (SP4), XP, 2003, Vista or 2008 (x86 and x64 versions)
• Internet Explorer 5.5 or later
• .NET Framework version 2.0 or later
• Database Backend: SQL Server 2000, 2005 or 2008
• Port: TCP port 1116 (default)

For more detailed system requirements, please see the Installation Chapter.