Log the activity of portable storage media like USB memory sticks, SD cards and more
GFI USB sticks are one of the main threats as they are small, easily hidden and can store up to 4 GB of data. For example, plugging a digital camera into a USB port gives users access to storage on an SD card; SD cards are available in several sizes including 2 GB and over. In addition to blocking access to portable storage media, GFI EndPointSecurity logs device-related user activity to both the event log and a central SQL Server. A list of files that have been accessed (or read/written) on a device is recorded whenever a user plugs in a device to the network.

Easily configure group-based protection control via Active Directory
You can configure and categorize computers into different protection groups: For each group you may specify different levels of protection and devices to allow or disallow access to. You can also leverage the power of groups and make an entire department a member of the group and easily change the settings for the entire group. Configuration of GFI EndPointSecurity is effortless and leverages the power of Active Directory and does not require the administrator to remember and keep track of which policies were deployed to which computers. Other storage control software requires cumbersome per-machine administration, forcing you to make the changes on a per-machine basis and update the configuration on each machine before the settings can take effect.

Advanced granular access control, whitelists and blacklists
GFI EndPointSecurity enables you to allow or deny access to a range of device classes, as well as blocking files transferred by file extension, by physical port and by device ID (the factory ID that tags each device). It is also possible to specify users or groups that should always have full access to devices. GFI EndPointSecurity also allows administrators to define a device whitelist and blacklist to allow only company-approved devices and block all others.

Real-time status and monitoring and real-time alerts
GFi EndPointSecurity provides real-time status monitoring through its user interface that displays statistical data through graphical charts, the live status of the agent and more. GFI EndPointSecurity also allows you to send alerts to the specific devices are connected to the network.Alerts can be sent to one or more recepients by email, network messages, and SMS notifications sent through an email-to-SMS gateway or service.

Get full reports on device usage with the GFI ReportPack add-on
The GFI EndPointSecurity ReportPack is a full-fledged reporting add-on to GFI EndPointSecurity. This reporting package can be scheduled to automatically generate graphical IT-level and management reports based on data collected by GFI EndPointSecurity, giving you the ability to report on devices connected to the network, user activity endpoint files copied to and from devices (including actual names of files copied!) and much more.

Tamper-proof agent 
The agent used to control machines has a number of security elements applied to render it tamper-proof. Users are unable to uninstall the agent as it is not published as an installed application and they can only do so if they have a special 128 character ID to unlock the uninstaller. Other security features include, among others, encryption of the configuration file used by the agent; the automatic regeneration of registry keys and critical files if these are tampered with; an emergency block mode if the configuration file is corrupt, while access to the driver is only possible by a system reinstall or using the recovery console.

Easy unattended agent deployment 
GFI EndPointSecurity provides the possibility to administrators to automatically schedule agent deployment after the administrator makes policy or configuration changes. If a deployment fails, it is rescheduled until deployed successfully. Furthermore, the GFI EndPointSecurity remote deployment tool can deploy the agent network-wide in a few minutes. GFI EndPointSecurity allows Active Directory deployment through MSI.

Temporary device access 
Temporary access can be granted to users for a device (or group of devices) on a particular computer for a particular timeframe. This can be done even if the GFI EndPointSecurity agent is not connected to the network!

New Other Features

System Requirements