Check Point Media Encryption
Overview
Check Point Media Encryption secures sensitive corporate data and blocks incoming malware by encrypting removable media such as USB storage devices, CDs and DVDs and controlling activity (read, write and execute) on ports and devices. All device content is automatically encrypted in the background for a transparent end-user experience. Unique to Check Point, users can access encrypted media securely on unmanaged computers with no client installation. As the only device and port control solution integrated with a single endpoint security agent, Check Point Media Encryption simplifies compliance and reduces administrative overhead. Now supports Windows 7.
Key Benefits
- Comprehensive control of endpoint ports and protection of corporate data stored on removable media and devices
- Transparent end-user experience with automatic data encryption and seamless integration with Windows CD/DVD wizard and Nero 9
- Simplified administration and operation with single agent installation, centralized management, and central policy enforcement
- Integrated endpoint and network security capabilities including centralized logging of data movement and media usage for streamlined compliance and forensic analysis
Features
- Encryption Policy Manager
- Device Manager
- Removable Media Manager
- DataScan
- Program Security Guard
- Auditing and Alerts
Encryption Policy Manager
Encrypts information stored on devices and removable media — Encryption Policy Manager allows users to encrypt devices and removable media using strong algorithms including 256-bit AES. Uniquely, Encryption Policy Manager can be configured to allow secure access to encrypted media when using unmanaged computers, such home or business center PCs. Alternatively, users may install a plug-in to enable device access from unmanaged PCs.
Device Manager
Protects corporate information and endpoint PCs by controlling which devices can be accessed and which ports can be used — Device Manager controls access to removable devices, such as USB flash drives, CD/DVD drives, Smartphones, and PDAs. Access can be managed using a whitelist or blacklist, or defined at a granular level by type, brand, size, or ID. Assign unique serial numbers to devices for more granular management options. Device Manager can also enable/ disable individual PC ports, such as USB, FireWire, Bluetooth, WiFi and LPT.
Removable Media Manager
Ensures that changes made to information stored on devices are authorized by the user — Removable Media Manager places a unique digital signature on each encrypted device, and whenever device contents are altered, the digital signature is updated. If the contents have been altered using a computer which does not have Media Encryption installed, the user must re-authorize the device before it can be used in the protected environment. Using DataScan (see below) and antivirus software, Removable Media Manager can also force devices to be scanned for malware before granting access.
DataScan
Prevents undesirable files, such as executables and malware, from entering endpoints through ports — DataScan can block or allow transfer of specific file types, as determined by extension and internal file structure, and block access to devices until dangerous or prohibited files have been deleted.
Program Security Guard
Safeguards information and endpoints by preventing users from creating, modifying or deleting specific file types — administrators can define protected files by extension and create exceptions for modification of files by trusted applications.
Auditing and Alerts
Simplifies compliance audits and event notification — unlike other solutions, Media Encryption stores logs to a central database, enabling easy creation of detailed reports using structured queries. Administrators can also centrally monitor and audit file operations on removable devices, such as which files were moved to or from individual devices, and when. Email alerts can be configured to notify administrators about specific events.
Specifications
| Management Console Support | |
|---|---|
| Operating systems | Windows Server 2003 (SP2 or higher) Windows 2000 Server (SP4 or higher) Windows Vista Enterprise Edition Windows XP Pro (SP2, SP3) |
| Client Platform Support | |
| Operating systems | Windows 7 (32 & 64 bit) Windows Vista (32 & 64 bit) Windows XP Pro (SP2, SP3) Windows Vista (32 & 64 bit) |
| CD/DVD Burning Application Integration | |
| Application | Windows CD/DVD wizard Nero 9 |
| Client Language Support | |
| Languages | English Japanese French Italian German Simplified Chinese Spanish Russian |
| Certifications | |
| Certifications | Common Criteria EAL4 FIPS 140-2 CCTM CESG |
Ports Controlled
| Ports Types (list not comprehensive) | |
|---|---|
| USB | WiFi |
| FireWire | IDE |
| Bluetooth | PS/2 |
| PCMCIA | SATA |
| IrDA | SCSI |
Devices Controlled
| Devices Types (list not comprehensive) | |
|---|---|
| USB flash drives | Floppy drives |
| External hard drives | Tape drives |
| Windows Mobile Smartphones, PDAs | Imaging devices, scanners |
| iPhones, BlackBerrys | Modems, other network access devices |
| iPods, other digital music devices | Printers |
| CD/DVD drives | Keyboard, mouse |
| Digital cameras | Wireless network interface cards |
| Biometric devices | Smart Card readers |
-
Next Steps
-
- Call US Sales
1-866-488-6691 - Contact Us Online
- Find a Partner
- Try it now
RESOURCES
- USB Drives: Friend or Foe?
- Preventing Data Leaks on USB Ports
- Endpoint Security White Paper
- Essentials for Unified Endpoint Protection Compliance Solutions
- Data Security Certifications
Related Products
- Call US Sales
