Physical interfaces
USB
Firewire
PCMCIA
Secure Digital (SD)
Parallel
Serial
Modem
Storage
Removable storage devices
External hard drives
CD / DVD drives
Floppy drives
Tape drives
Wireless interfaces
WiFi
Bluetooth
Infra Red (IrDA)
Safend Protector detects and allows restriction of devices by device type, model or even specific device serial number. For storage devices, Safend Protector allows security administrators to either block all storage devices completely or permit read-only. WiFi controls are based on MAC address, SSID, or network security level.
Security Policy – Flexible Strategy, Simple Implementation
Safend Protector creates forensic logs of all data moving in and out of the organization, allowing administrators to create policies that don’t necessarily restrict device usage, but allow full visibility device activity and content traffic.
Through a built-in and flexible management console, Safend Protector allows administrators to create comprehensive and granular endpoint security policies. Policies are exported directly to Active Directory as Group Policy Objects (GPOs), ready to be assigned to relevant
Organizational Units (OUs) and silently installed on clients.
With built-in alerting capability, administrators can get immediate notifications of any activity that needs immediate response. Alerts are available via email, SNMP, Syslog, Windows Event Viewer, popup messages and even custom scripts.
Uncompromised Control with Tamper-Proof Agent
Safend Protector’s lightweight and client-side agents are easily deployed, installed silently at the endpoint with no reboot required. The Protector agent operates at the kernel level, and includes redundant, multi-tiered anti-tampering features to guarantee permanent control over endpoints. Even local administrators can’t circumvent security policy. In addition, agents are invisible to end-users until a non-approved device is connected, at which time a custom-defined notification appears.
Safend Protector Advantages
Granular control -- detects and restricts devices by device type, device model or unique serial number
Policy flexibility -- separate policies can be defined for any domain, group, computer, or user; policies are easily associated with Active Directory Organizational Units (OUs) for GPO update
Advanced policy enforcement -- via independent, kernel-level, real-time analysis of low-level port traffic
Secure agent – silent deployment, redundant multi-tiered anti-tampering prevents security policy circumvention
Intuitive management -- seamlessly integrates into Active Directory or other network management software
Easy auditing and visibility- Encrypted logs and alerts can be viewed in the management console or integrated with third-party software for comprehensive analysis or immediate notifications
Media encryption - Transparently encrypts data copied to removable media devices
Anti Hardware Keylogger - detects and blocks keyloggers connected to USB keyboards and renders PS/2 port keyloggers useless - preventing attempts to record your keystrokes
Hybrid network bridging prevention - blocks access to WiFi, Bluetooth, Modems or IrDA links while the PC is connected to the wired corporate LAN.
Granular WiFi control - by MAC address, SSID, or the security level of the network
File name logging – creates forensic logs of all data moving in and out of the organization via removable storage
U3 and autorun control – turns U3 USB drives into regular USB drives while attached to organization endpoints, and protects against dangerous auto-launch programs by blocking autorun
Cisco NAC integration - creates rules that mandate the presence of Safend Protector Client before the endpoint is allowed on your network.
Check Point OPSEC certification - ensures complete integration and interoperability with Check Point's Secure Virtual Network Architecture.
Microsoft WHQL certification - ensures comprehensive security as well as full compatibility with current and future Windows Operating Systems.
Usability, management and other functional enhancements - tight Active Directory integration, OTP for suspending agents securely, defining roles within the management console, server architecture, enhanced logging, alerting and reporting, and integral interfaces to third party management tools
Security Features
Safend Media Encryption
Safend Media Encryption ensures that corporate assets are protected from both accidental data loss and deliberate leakage. Administrators can mandate the automatic encryption of all data being transferred off the organization's endpoints to approved removable media devices such as USB flash drives, Disk on Keys, memory sticks and SD cards. Within the organization, the automatic media encryption is completely transparent. Outside of the organizational network, authorized users (only) can access the data by employing Safend's unique "Home Decryption Utility".
Protection against Hardware Keyloggers
Hardware keyloggers are devices capable of recording keystrokes - leaving organizations vulnerable to the threat of password and identity theft.
Safend Protector is the only solution that blocks both USB and PS/2 keylogger devices, preventing attempts to record your keystrokes.
Hybrid Network Bridging Prevention
With so many networking options available via endpoints, each endpoint in the organization can become an uncontrolled gateway into the corporate network, granting potential hackers access to confidential data. With Safend Protector administrators can block access to WiFi, Bluetooth, Modems or IrDA links while the PC is connected to the wired corporate LAN, preventing inadvertent or intentional network bridging (WiFi bridging and 3G-card bridging).
Granular WiFi Network Control
With WiFi ports now a standard in most enterprise PCs, it is critical to avoid malicious or accidental exposure of company assets through uncontrolled connections. Safend Protector enables administrators to enforce secure use of WiFi networks by controlling whether end users may use WiFi altogether, which networks they are allowed to connect to, and how. This new feature ensures that users are only connecting to secure WiFi networks, as defined by security administrators.
Safend Protector's granular WiFi controls are based on the MAC address of the access points, network SSID, authentication method, encryption methods, and control the use of Ad-Hoc networks.
U3 and Autorun Control
Safend Protector allows end-users to continue using sophisticated storage devices, while ensuring that endpoints are not exposed to the potential exploits and risky applications that can be part of the devices' U3 and smart storage capabilities.
Administrators can easily set the security policy to block both U3 and autorun as well as turn smart U3 USB drives into regular USB drives while attached to organization endpoints.
File Name Logging
Enables administrators to monitor not only what storage devices were in use, but also what files were copied to and from these devices.
This feature provides an audit trail of the data transferred in and out of the organization, and is key to analysing security incidents and tracking potential abuse of portable storage devices. File name logging enhances the visibility of organizational data flow, as well as helping organizations achieve compliance with security regulations.
Administrators can now create security policies that do not restrict device usage, yet allow full visibility of the activity and content transferred to removable media.
Underlying Protection against Protocol and OS Exploits
Safend Protector has built-in mechanisms that allow it to overcome and block potential exploits of buffer overflows and other OS and protocol deficiencies.
The underlying protection engine is designed to ensure only valid protocol usage will be able to pass through the Safend Protector inspection mechanisms, making sure they can only be used as designed.
Management Features
Safend Protector Management Server
Enhances the Safend Protector system by keeping all of its data in one secure central location and ensuring its proper management. A single server can be used to manage tens of thousand endpoints, and can be accessed through the Safend Protector Management Console.
Safend Protector Management Console
All management tools are now combined into a single console, which can be installed and run from any computer on the network. The console provides unified management of policies, logs and clients.
Extensive logging and reporting capabilities
Enables administrators to view and analyze logs collected from endpoints in the organization, both immediately and over time. Additional capabilities include defining and generating custom reports, as well as filtering logs according to specific needs.
Client Management
Allows administrators to browse client status and check whether they are protected by the latest version of the client, what policy they are using, when they were last updated and more. Tighter client management can be easily achieved by pushing policies and collecting logs at any time, with one click.
Role-Based Access
Role-based access can be created to the various parts of the system.
Immediate Updates
A new policy can be pushed to clients without having to wait for the GPO update interval to complete. The new policy becomes effective immediately on all connected clients. In addition, logs that were accumulated by the clients on endpoints can be collected immediately, without having to wait for the log sending interval to complete.
Active-Directory Synchronization
Logs and clients can be viewed from the native organizational units view, through the organizational tree. The tree is continuously synchronized with Active Directory, to ensure it remains current at all times.
Built-In Real-Time Alerts
Customizable alerts (e. g. e-mail, SNMP and more) to desired destinations.
Suspend Client
Client operation can be temporarily suspended, without having to uninstall it, even when the endpoint does not have any Internet connection. This allows access to any device for the duration of the suspension, after which the original policy enforcement is resumed.
Manually Add a Device
Enables adding an approved device whose parameters (model, distinct ID) are known to your policy manually, without having to detect it with the Auditor first.
Compatibility and Localization Features
Cisco NAC Integration
Safend Protector's interoperability with Cisco’s leading Network Access Control (NAC) technology, allows administrators to create rules that mandate the presence of Safend Protector Client before the endpoint is allowed on the network.
Check Point OPSEC Certification
Ensures complete integration and interoperability with Check Point's Secure Virtual Network Architecture.
Microsoft WHQL Certification
Ensures comprehensive security as well as full compatibility with current and future Windows Operating Systems.
Safend Protector is the most comprehensive, secure and easy-to-use endpoint security solution - controlling every endpoint and every device, over every network or interface. 
