1 / 36

Cyberoam - Endpoint Data Protection

Cyberoam - Endpoint Data Protection. Agenda of Presentation. About Elitecore Technologies EPDP Components Licensing Product Walk-Thru. About Elitecore Technologies. Established in 1999 400+ Employees ISO 9001:2000 certified company Backed by  World’s Largest Private Equity Group ($90bn)

nuru
Download Presentation

Cyberoam - Endpoint Data Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyberoam - Endpoint Data Protection

  2. Agenda of Presentation About Elitecore Technologies EPDP Components Licensing Product Walk-Thru

  3. About Elitecore Technologies • Established in 1999 • 400+ Employees • ISO 9001:2000 certified company • Backed by  World’s Largest Private Equity Group ($90bn) • Sales, Distribution Channel & Customers across 75+ countries • Communication - Networks – Security • Cyberoam - Network to Endpoint Security • CRESTEL - Telecommunication OSS BSS • EliteAAA - Telecommunication • 24online - Bandwidth Management Solution

  4. Cyberoam - Endpoint Data Protection

  5. EPDP Server HDD capacity requirement formula Avg. log size : 5MB/User (8 hours) Example: Logging enabled for 400 users for 2 weeks(400u*5MB)*14days=28GB minimum reserved free HDD space. EPDP Components

  6. EPDP Components (cont..) • EPDP Console • EPDP Agent

  7. Licensing Modules • Device Management • Access policy for storage devices, communication devices, dialup connection, USB device, network devices etc. • Application Control • Application access policy for virtually any application residing on a user’s machine. • Asset Management • Inventory management. • Patch management. • Vulnerability management. • Remote software deployment.

  8. Licensing Modules (cont..) • Data Protection & Encryption • Document Control. • Encryption over Removable Devices. • Email Control. • IM Control. • Printer Control. • Shadow Copy. Note: Pricing is based on per user licensing.

  9. Agent Installation methods

  10. Product Walk-Through

  11. Console Login & Dashboard

  12. Role based administration

  13. Computer/User level policies • Cyberoam EPDP scans all the user logins once a computer is visible in the console. • All the users will then be visible in the ‘Users’ tab. • Admin can assign different policies for each user logging in from the same machine. • Some features are not available in user based policies. Computer level policies are applicable to all users logging in from the computer.

  14. Logging is enabled by default for everyone. Default Policy

  15. Sample Events Log • Logging of basic events along with time stamps • system startup/shutdown • login/logoff • dialups • patches applied • software deployed. Application logs showing application name, start/stop time along with time stamps.

  16. Sample Events Log (cont..) Logs creating, accessing, modifying, renaming, copying, moving, deleting, restoring, uploading of documents over fixed disk, floppy disk, CD-ROM, removable & network disks. Logging of shared resources accessed on the computer by other users/computers.

  17. Sample Events Log (cont..) Logs showing all documents, images printed along with the printer used (i.e. local, network, shared or virtual) & the time stamp. Logging of removable storage plugged in/out on the computer

  18. Sample Events Log (cont..) Hardware & Software change log.

  19. Audit Log Cyberoam EPDP records the policy changes made at the computer/user level, group level or at the network level.

  20. Monitoring Logs (Instant Message) Logs chat conversations of various messengers like Yahoo, MSN, ICQ, QQ, Skype etc. • Instant Messaging (IM) Logs • Chat conversation logs • File upload, download • Search on • Content of chat conversation • UserId/Nickname

  21. Monitoring Logs (Emails) Logs incoming/outgoing SMTP, POP3, Exchange emails & outgoing Lotus, Webmail emails. • Email logs • Email content, attachment • Protocols: SMTP/POP3 • Applications – Exchange, Lotus Notes • Webmail – Hotmail, Yahoo Mail • Search email by • Application, sender/recipient • Subject & Attachment – File name, extension, size

  22. Basic Policy • Basic • The administrator can regulate the computer operation rights of a user. It helps restrict the end user not to easily change the system settings preventing them from performing malicious activity.

  23. Basic Policy • Device control policy • Allows the administrator to block storage, communication, dial in, USB & network level devices.

  24. Basic Policy • Application control policy • Allows the administrator to limit the use of unwanted applications. Application grouping: Tools  Classes Management  Applications

  25. Advanced Policy • Email Policy • Email policy prevents data leaked via emails. It can control outgoing emails based on sender, recipient, subject line, attachment type, size etc.

  26. Advanced Policy • IM File • IM policy is used to control the communications over instant messengers. The administrator can monitor/control files transferred via IM preventing data leakage through IM channels.

  27. IM File (cont..) • Monitoring files by taking a backup of the files tranfferred over IM

  28. Advanced Policy • Printing Policy • Printing policy is used to control the use of different kinds of printers such as local, shared, network and virtual printers to prevent information leakage. Printing policy to allow access to network printer only. Enable ‘Record Mode’ to log the image or doc that is being printed. All recorded images can be viewed from Event Logs  Printing Printing policy to block access to all printers

  29. Advanced Policy • Removable storage policy • To prevent information leakage through removable devices, System administrator can apply removable-storage policy and assign different rights to removable storages. Also, the files can be encrypted when writing to the removable storages, only authorized agents can decrypt the files. Removable storage grouping: Tools  Classes Management  Applications

  30. Advanced Policy • Removable storage policy (Encryption) • The files can be encrypted when writing to the removable storages, only authorized agents can decrypt the files. Contents of the encrypted file when opened from the USB Contents of the original file to be copied to the USB

  31. Advanced Policy • Removable storage policy (Disk Encryption) • To prevent data leakage through removable storage, one can encrypt the entire USB disk. Thereafter, any files copied to the USB would be encrypted. Only authorized agents with ‘decrypt when reading’ rights would be able to view the original content. Removable storage grouping: Tools  Classes Management  Removable Storage For Disk Encryption plug the USB on the Cyberoam EPDP Server

  32. Asset Management • Asset Management • Cyberoam’s Asset Management module for Windows enables organizations to simplify tracking of their hardware and software asset location, configuration, version tracking, and historical information, allowing streamlined IT infrastructure management.

  33. Asset Management • Patch Management • End Point Data Protection Solution frequently checks for Windows operating system patches. It automatically downloads, distributes, and installs the patches if one is found, to the machines on which the agents are installed.

  34. Asset Management • Vulnerability Management • Vulnerability check function automatically scans the internal network computers and process analysis to help System administrator to check and trace the vulnerability problems. Follow the resulting suggestion to take timely response measures to enhance the security of all internal computers.

  35. Asset Management • Deployment Management • System administrator can install software, run an application, and deploy files to agent through Endpoint Data Protection console. Software can be installed to the agent by simply creating a deploy task.

  36. Thank You Thank You Contact us on apacpartners@cyberoam.com

More Related