September 04, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: The interface is clean and logically laid out.
- Weaknesses: Windows-only.
- Verdict: The level of resources used is incredibly small, making the offering handy for many organizations.
EndPointSecurity installs a small footprint agent on the machine. At only 1.2 MB in size running in the background, this is the smallest of the agents in this month's group review.
Two main components make up the application: the GFi EndPointSecurity agent installed on the client and the GFi EndPointSecurity management console application. The console includes a remote deployment tool allowing the administrator to deploy the agent to hundreds of machines with just a few clicks. From the management console, it is possible to generate a single MSI file that can be later deployed using the Active Directory deployment tool or other deployment options, including the GFi console.
Regardless of the method of installation, the MSI file will contain all the security settings configured in a particular protection policy. After installation, the administrator is able to control access to endpoint devices on any of the machines having an EndPointSecurity agent deployed. The engine can be used to scan and detect the presence of devices on the network. However, the console must have admin credentials on the target machine to scan for currently connected devices. The console can perform several functions, such as keep track of which machines have an agent installed on them, create and manage policies, view status of clients, perform scans to see past clients' connections, and maintain a log.
The point of the console is to control policy. These policies can be granular and can be based on Active Directory users, groups or machines so the agent will grant or deny access depending on the AD user who is currently logged into the machine. In addition to blocking access to portable storage media, the tool logs device-related user activity to both the event log and a central SQL server. A list of files that have been transferred to or from the device is recorded whenever a user plugs in a device to the network-attached endpoint.
The pricing for EndPointSecurity agent is $750 for 25 licenses, and this fee includes a year of support. This covers phone, email and web support. For support beyond the first year, the cost is $99 or 20 percent of the product price, whichever is higher.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards