GFI EndPoint Security is a small-footprint endpoint agent, which is used to tightly control access to endpoint devices. Endpoints are managed using a backend client/server architecture, which integrates with Active Directory. The endpoints are installed on computers running Windows operating systems and the backend is typically deployed on Windows servers with Microsoft SQL Server.

Installation of the entire solution is very simple. One thing to note is that the solution targets a specific area of endpoint security: access to devices. Since the intent of the solution is focused on a single component of endpoint security, both the backend server and the client computing requirements can be easily met by even the smallest organization. The agent footprint is extremely small, and the solution works well for what it is intended. Ultimately, admins are able to apply granular permissions against Active Directory groups, organizational units and users with regard to what kind of access they have to their local devices.

Device protection includes any peripheral that can be attached to a computer: USB ports, modems, DVD/CD drives, storage, network adapters and more. Admins can allow or restrict access easily based on existing permission groups or by creating their own. Deploying agents to hundreds of devices at once is very easy and can be accomplished in a short amount of time.

Overall, the product is aimed at organizations that are not looking to replace their current anti-virus, client firewall or other protection mechanisms, but may be looking to add a reasonably priced solution for additional device control. The only anomaly we found is that events and audit trails are written to the Windows event log, and enhanced reporting features are not available in the core product. However, a Report Pack add-on is available.
Documentation is adequate and supplies most of the information needed to deploy and manage the solution.