Comprehensive control on the use of iPods, USB drives and other portable devices

How it works
To control access, GFI EndPointSecurity installs a small footprint agent on the machine. This agent is only 1.2MB in size – the user will never know it is there. GFI EndPointSecurity includes a remote deployment tool, allowing you to deploy the agent to hundreds of machines with just a few clicks. After installation, the agent queries Active Directory when the user logs on and sets permissions to removable storage accordingly. If the user is not a member of a group that allows him/her access, then access to the device/CD/floppy is blocked.

Control user access and log the activity of portable storage media like USB memory sticks, SD cards and more
USB sticks are one of the main threats as they are small, easily hidden and can store up to 4 GB of data. GFI EndPointSecurity recognizes USB storage sticks in addition to any device that can be mounted as a hard disk (whether accessed via USB, FireWire, etc.). For example, plugging a digital camera into a USB port gives users access to storage on an SD card; SD cards are available in several sizes including 2 GB and over.

Control access to CDs and floppies
You can centrally disable users from accessing CD/DVD drives as well as from reading or writing data to and from floppy disks. This way, you can block normal users from bringing in data that could be harmful to your network, such as viruses, trojans and other malware. Although you can switch off CD and/or floppy access from the BIOS, in reality this solution is impractical: You would have to physically visit the machine to temporarily switch off protection and install software. In addition, advanced users can hack the BIOS.

Protect your network against the threats posed by non-removable media devices
GFI EndPointSecurity protects your network against non-removable media devices by allowing you to lock down a machine to a specific hardware level, guaranteeing protection against Bluetooth devices, network cards and more.

Easily configure group-based protection control via Active Directory
You can configure and categorize computers into different protection groups: For each group you may specify different levels of protection and devices to allow or disallow access to. You can also leverage the power of groups and make an entire department a member of the group and easily change the settings for the entire group. Configuration of GFI EndPointSecurity is effortless and leverages the power of Active Directory and does not require the administrator to remember and keep track of which policies were deployed to which computers. Other storage control software requires cumbersome per-machine administration, forcing you to make the changes on a per-machine basis and update the configuration on each machine before the settings can take effect.

Granular access control
GFI EndPointSecurity enables you to allow or deny access to a device as well as to assign read only or full access privileges (where applicable) over every supported device (such as PDAs) on a user by user basis.

Real-time status and monitoring and real-time alerts
GFi EndPointSecurity provides real-time status monitoring through its user interface that displays statistical data through graphical charts, the live status of the agent and more. GFI EndPointSecurity also allows you to send alerts to the specific devices are connected to the network.Alerts can be sent to one or more recepients by email, network messages, and SMS notifications sent through an email-to-SMS gateway or service.

Log device-related user activity
With GFI EndPointSecurity you can log device-related user activity to both the event log and a central SQL Server. A list of files accessed to/from the device is recorded whenever users plug in devices both successfully and unsuccessfully.

Easy unattended agent deployment
GFI EndPointSecurity provides the possibility to administrators to automatically schedule agent deployment after the administrator makes policy or configuration changes. If a deployment fails, it is scheduled until deployed successfully. GFI EndPointSecurity remote deployment tool can deploy the agent network-wide in a few minutes.

Temporary device access
Temporary access can be granted to users for a device9or group of devices) on a particular computer for a particular timeframe. This can be done even if the GFI EndPointSecurity agent is not connected to the network.

New Other Features