Control of Peripheral Devices The Zlock™ system is designed to monitor and control users��™ access to internal and external computer devices across network perimeter. The software prevents leakage of corporate sensitive information, while providing tools to manage the data movements to and from the network.
Zlock offers the flexibility of customizing users��™ access based on a single user, group of users, a particular device (type of device) or groups of devices. By controlling all computer access points, an organization can significantly reduce risks associated with the data being unknowingly moved or copied of the network through an external computer port (USB, LPT, COM, IrDA, PCMCIA, IEEE 1394, etc), or an internal computer device (network card, modem, Bluetooth, WiFi, CD/DVD drive, etc). Even use of local and network printers can be brought under the Zlock controlled domain.
Create Quote
The following are the purchasing options for Zecurion Zlock - Data Loss Prevention. If you require a formal quote, choose one or more products and click on the ""Create an Online Quote"" link at the bottom.
Relevant Products
Customers who bought Zecurion Zlock - Data Loss Prevention also looked for these solutions from LOGON :-
Zlock segregates device access privileges by way of access policies. The policies may use different input criteria when determining if a device is accessible. For example, an access policy can be created based on device type, device serial number, manufacturer or manufacturing date, or other distinct data that allows Zlock to uniquely identify the device or the group of devices. The system catalogs and stores the device description data provided by the manufacturers in a centralized location, making it readily available to system administrators when creating access policies.
The system deployment and administration can be done from Zlock Management Console or through domain group policies. Zlock is tightly integrated with Microsoft NT Active Directory, giving the system administrators full view of all network assets. This feature is especially useful when managing large-scale installations.
Zlock is the only system of its class that offers client modules monitoring, which allows system administrators to receive real-time information about client-side Zlock related events. As the result, an IT security desk can respond in a timely manner to suspicious or unsanctioned user activity.
With Zlock, an organization can implement today��™s most demanding information security policies. The Shadow (silent) copy and the event logging are powerful tools that would help the security desk to retrospectively recreate use of an authorized device when investigating potential incidents. The preventive approach of the Shadow copy (taking the document copy before it is moved to an external device) guarantees that none of the corporate documents will be taken out without a record of who took it, when it happened, and what exactly was moved to the external device. The same type of scrutiny can be applied to printing materials on local and network printers.
Zlock significantly strenghens an organization��™s ability to monitor its personnel, investigate any potential security breaches and quickly react to threats imposed by the insiders.
Secure, Monitor and Control USB Ports and Devices Statistics on departing employees misusing confidential proprietory data are frankly chilling. A survey conducted in early 2009 by Ponemon Institute on a staff of 1000 workers that recently changed jobs revealed that 59% of them did not feel any wrongdoing in taking company's data when leaving or asked to leave a job. Roughly two-thirds of the group admitted using the data to gain an edge when applying for a new job. The information taken includes customers' data, email and contact lists, employee records, financial records, confidential business documents and other intellectual property.
While majority of workers "in transit" do not intend to cause their former employers substantial damages, some of the biggest security threats can come from disloyal and/or disgruntled employees. An unhappy worker with privileged data access rights could cause an organization more damage than any outside attack. That is because the insider knows what the company��™s most valuable data assets are and where to look for them. Things are getting more difficult when the offender knows how to circumvent the detection mechanisms in order to get hold of that data unnoticed.
This is especially true during economic downturns when companies reduce their staff to preserve capital. Naturally, there is an increased anxiety and distress among the workforce throughout such times and an organization should not underestimate potentially devastating effects of misuse of data by its employees. The problem is significantly intensified by a widespread proliferation of mobile storage devices connected via USB ports, such as flash-memory drives, hard drives, MP3 players and other digital recording media. Unless these USB and other peripheral devices are locked down and monitored at all perimeter endpoints, they provide a convenient, virtually undetectable way to obtain and move around vast amounts of corporate data.
Zlock is an endpoint security software solution that was specifically designed and developed to address today��™s corporate needs to prevent data leakage by securing and managing various computer ports including USB, LPT, Firewire, Serial, etc. Zlock provides lockdown of computer ports and management console to implement a port/device user access control. User access control, which is based on access control lists (ACL), is tightly integrated with Active Directory (AD). System administrators can take full advantage of the existing AD user groups, which can be assigned various port/device access levels, such as: allowing full access; read only; or denying the access altogether.
USB-pluggable or other devices can be classified by different criterion, such as device type, device code, device manufacturer and serial number, etc. This enables system administrators to create custom port/device access policies based on any defined device classification and assign them to users. For example, a device access policy could be defined to prohibit use of any USB-flash drive, authorize use of USB tokens to authenticate users, or disable USB altogether.
Key Features ZlockTM is an enterprise endpoint security software solution providing network administrators with the ability to secure, monitor and control computer ports and external devices as part of an information security program. The solution protects against internal data leakages occurring when confidential corporate data is printed or copied from internal workstations and laptops to unauthorized portable storage devices through unmanaged USB, LTP, COM, Firewire and IEEE 1394 ports.
Zlock comes with the following key features: Device Access Control Zlock controls access to external devices based on administrator defined access policies, establishing a relationship between a device and a set of access rights.
There are three types of defined access rights:
Full access
Read-only access
Denied access
Access rights can be applied to a particular device or group of devices, each with unique settings for an individual or group of users, based on predefined access control lists (ACL).
Access policies have adjustable time periods and can occur once or repeatedly. This flexibility gives system administrators full control over both the device access level and the access time period. For example, a company may grant an employee a different level of USB port access during business hours versus after-business hours. Visitors to a business may have a onetime usage rights for a USB flash memory stick where access is rejected once the device is disconnected from the USB port.
Zlock provides the capability to define default access policies that can be applied to connected devices not specified in any of the existing policies ��" valuable in implementing corporate information security policies intended to limit/prohibit use of any type of peripheral devices not sanctioned for utilization. In cases where the validity of the device is in question, the default access policy may simply reject use of the device.
Zlock��™s access policy can be easily modified, offering administrators the ability to fine-tune access rules and privillages. For example, the type of network connection the computer is using can be crucial in deciding whether to allow access. A policy can sanction the use of peripheral devices when connected through LAN, but disable all USB ports when connected via VPN or when a connection is not available. This adaptable access policy makes Zlock a powerful tool in the implementation of more demanding security requirements.
It is possible to anticipate and resolve policy conflicts by establishing priorities. The policy with the higher set of priorities will determine the device��™s access.
Handling Device Access Requests Within the system, Zlock users can send a request to access a specific device that has not been approved by any of the existing access policies. Subject to the company��™s security policies, the system administrator can quickly grant access, while maintaining maximum productivity, without compromising the safety of the network or data.
In case of emergency, users can also request access rights via phone when an Internet connection is not available. Administrators can promptly create new access policies and share a onetime secret code with the user, creating the new policy for the workstation. The policy can either be permanent or a onetime event, blocking the device after:
The device has been disconnected from the computer
The session has ended
A specified period of time
This provides an organization with the utmost flexibility to support dynamic and ever-changing business requirements.
Supported USB, LPT, COM and Other Devices Zlock can recognize, control and monitor the following device types:
USB devices (flash drives, digital cameras and recorders, MP3 audio players, PDAs, smart phones)
Local network printers
Internal devices (Wi-Fi controllers, Bluetooth devices, IrDA, network cards & modems, FDD, CD & DVD drives, hard drives)
USB, LPT, COM, Firewire and IEEE 1394 ports
Any other connected device that is internally identified by the operating system
Zlock supports large installations by compiling a catalog of all devices on the network and making this log accessible from a single location. The types of information collected include:
Device name, class, type and serial number
Device manufacturer
Other unique device parameters and properties Creation of access policies is based on this data.
Remote System Management Zlock employs centralized monitoring and management of all network computer ports and devices through its administration console. The console can be installed anywhere on the network and accessed remotely via TCP/IP protocol with proper administrative credentials. The Zlock management console enables the administration staff to perform vital tasks, such as:
Remote deployment of Zlock software on workstations and laptops
Centralized creation and deployment of device access policies
Monitoring use of ports and devices
Management of Zlock logs
“Shadow copy” management If necessary, client-side installations can be performed without the need to reboot the workstation, making the deployment completely transparent to the user and eliminating any downtime or loss in productivity.
Segregation of Roles Zlock allows administrators to set up different user roles, defining role-based user accounts, such as administrator, manager or auditor. This clear separation of functions enables the system administrator to manage users��™ access permissions, while allowing auditors to view only the collection of system events and the “shadow copy” files.
Integration with Active Directory Zlock is tightly integrated with Active Directory, delivering immediate access for administrators to the network domain tree structure and the computer��™s inventory, greatly improving system scalability and maintainability.
Aside from the management console, Zlock can be deployed and administered from within the Active Directory group policies, where the administrator can install, remove or update Zlock software, as well as disseminate access policies and system configurations. For large enterprise environments with multiple IT departments, this capability simplifies the system installation as the system administrator is not required to have rights on local machines when installations are managed by a domain-level administrative account.
Monitoring Zlock provides a comprehensive set of tools to monitor client workstations, enabling periodic screenings of Zlock client modules, issuing warnings in case of unauthorized attempts to disable any Zlock modules and making changes to settings and/or device access policies. Having an event-driven architecture, Zlock gives administrators full control over the way the system can respond to events by including a program to run user-defined scripts written in various scripting languages, such as VBscript or Jscript. As the result, the system can perform a wide spectrum of measures, including sending a warning notification by e-mail, starting or stopping applications, or carrying out other required actions.
Events Collection and Analysis Zlock maintains a log of all significant system developments and events, including:
Connection and disconnection of devices
Device details
Changes in device access policies File operation event details (saving, accessing, deleting or renaming of files performed on managed devices) Meta-data of the event
Zlock provides a facility for querying and analyzing logged content and exporting the data into HTML format. With the use of standard tags, Zlock gives administrators the flexibility to take full advantage of third-party analysis and report building tools.
Shadow Copy Zlock��™s Shadow Copy functionality gives businesses a way to monitor and inspect files accessed and/or moved/copied from the corporate network, by providing a silent or shadow copy of the file along with other auditable information on corporate servers. This reinforces personal accountability and prevents unnoticed corporate data leakages.
Zlock copies all documents written to an external device to a secure log on the local machine and transfers them to corporate servers during network-connected sessions. Zlock��™s Shadow Copy can track specific information about the file and its content ��" date and time of the event, user��™s credentials, type of device used and other useful data ��" giving an administrator all the necessary facts to investigate any security incident or breach. The information can be tracked and grouped by specific users, user groups, types of media and other criteria, allowing an organization to compile the precise data needed to meet its auditing needs.
In addition to preventing unsanctioned movement and copying for electronic files, Zlock Shadow Copy provides the same audit trail capabilities for printed materials, giving the organization ultimate control over all network endpoints, both inside and outside the network perimeter.
Server Logging Zlock implements client-server synchronization of event journals for a more reliable collection, storage and handling of the event log entries. While in offline mode, Zlock collects and stores all of the event information locally on the client��™s computer. When the network connection is restored, the data is synchronized with a centralized server, where it is stored in MS SQL database or XML files.
Monitoring Zlock Integrity Zlock carefully maintains full integrity of its files and configurations. If any of Zlock components are removed, modified or tampered with, the system will immediately block the user and only be available to the administrator. This protects Zlock from unauthorized changes made by users or malicious software.
Architecture ZlockTM gives IT departments full control over computer hardware resources and peripherals and provides means to recognize potential internal threats. The system allows for flexible monitoring and access rights management for every port/device (printer, USB, HDMI, DVD, etc) based on access policies. Users or user groups in the organization can be given full or read-only access to each physical or logical device. IT can monitor all access attempts, which are logged for review.
Architecture Overview Client Module is installed on each workstation. It furnishes full user access control to the computer��™s ports and peripheral devices, keeps transactions history in the event log for audit trail purposes and performs “shadow copying” of accessed/copied files
The module consists of Zlock Driver that manages access to ports and devices and Zremote Service plug-in that interacts with Administrator Zconsole (management console) and a remote “shadow copy” data storage.
Administrator Zconsole Zlock comes with its own management console that enables system administrators to:
install, update and delete custom modules
create and distribute Zlock security policies
monitor the status of client modules in real time
view of events and data Shadow Copy
collect data from all network devices in a consolidated report
provide instant access to a port/device upon request, such as to enable/disable USB port and/or device.
Administrator Zconsole is compatible with other data security solutions, which allows for an enterprise centralized information security management. Access to the functions of the management console can be further segregated to define separate user groups for domain administrators and auditors.
Shadow Copying Some information security policies require to implement audit trail capabilities for certain files/documents that were accessed, copied or otherwise manipulated. Zlock is designed to provide the “shadow copying” functionality to support such requirements. The information can be stored in Microsoft SQL Server or XML-files.
New Features - Zlock 2.5 Printer control and Shadow Copy With Zlock 2.5, system administrators are able to monitor and manage access to local and network printers through device access policies that establish access privileges for users, a specific printer, or a group of printers. IT professionals now have the capability to ensure security policies are enforced by inspecting Zlock device access logs and any printed documents via shadow copies, which are saved as PDF copies of any files printed by the system.
CD/DVD Shadow Copy Zlock 2.5��™s added functionality includes the ability to audit and analyze documents and files copied onto CD and DVD storage media. Zlock��™s shadow copy function copies and saves transferred files in a secure directory as separate and distinct files, eliminating the need for additional third-party programs to perform an inspection the image. The shadow copy functionality incorporated in Zlock 2.5 makes IT data auditing much easier and efficient, particularly in situations where the use of CD and DVDs are authorized and heavily utilized within the context of normal business operations.
Online/offline device access As of version 2.5, implementation of the device access control was enhanced by giving system administrators the option to apply different device access privileges based on the type of client��™s connection that is currently in use. This significantly expands the system management capabilities, allowing, for example, using any network printer if the client machine is connected to LAN and blocking use of any printing or other devices otherwise. This effectively limits the ability to move confidential corporate data by ways of external devices (USB, printers, CD/DVD drives, etc) without proper authorization when a user leaves the network perimeter.
Improved deployment The new version significantly improves the system deployment. In Zlock 2.5, Zconsole (Zlock administration module) offers simplified centralized deployment of client-side software components, using an easy-to-follow wizard. Entered system configurations can be saved and replicated on any number of network workstations and laptops, providing system administrators with a consistent, repeatable and easily-managed way to distribute the software in large-scale corporate installations.
Granting device access by phone As of this release, Zlock supports emergency phone requests to access and use an unsupported device when the network connection is not available. An administrator can quickly create a new access policy, then exchange one time secret pass codes with the user, resulting in the policy getting created on the client��™s computer. The policy could be permanent or a onetime event. In the latter case, the system can block the device after it is disconnected from the computer at the end of the user��™s session or within a specified period of time.
For example, a company��™s policy may prohibit the use of unknown or unregistered USB devices, but a sales representative, working remotely, requests over the phone a onetime access to load contract details from client��™s USB flash memory stick. Provided that proper authorization is obtained, the sales rep enters the onetime pass code given to him by the administrator and the connected device is enabled by the system.
Maintaining Zlock integrity In the new release, Zlock improves monitoring and maintenance of its files and configurations. If any of Zlock components removed, modified, or tempered with, the system will switch to a “blocked” mode and will only be available for access by the administrator. This helps protecting Zlock from unauthorized changes made by users or malicious software.
Increased compatibility Zlock added support for Windows 64-bit operating systems. This enables corporate users who have deployed 64-bit operating systems on their workstations to take full advantage of the Zlock 2.5 release. At the same time, Zlock 2.5 offers backward compatibility supporting previous Zlock versions. This greatly simplifies IT staff efforts when upgrading to new versions in a phased managed fashion without loss of productivity.
While majority of workers "in transit" do not intend to cause their former employers substantial damages, some of the biggest security threats can come from disloyal and/or disgruntled employees. An unhappy worker with privileged data access rights could cause an organization more damage than any outside attack. That is because the insider knows what the company’s most valuable data assets are and where to look for them. Things are getting more difficult when the offender knows how to circumvent the detection mechanisms in order to get hold of that data unnoticed.
This is especially true during economic downturns when companies reduce their staff to preserve capital. Naturally, there is an increased anxiety and distress among the workforce throughout such times and an organization should not underestimate potentially devastating effects of misuse of data by its employees. The problem is significantly intensified by a widespread proliferation of mobile storage devices connected via USB ports, such as flash-memory drives, hard drives, MP3 players and other digital recording media. Unless these USB and other peripheral devices are locked down and monitored at all perimeter endpoints, they provide a convenient, virtually undetectable way to obtain and move around vast amounts of corporate data.
Zlock is an endpoint security software solution that was specifically designed and developed to address today’s corporate needs to prevent data leakage by securing and managing various computer ports including USB, LPT, Firewire, Serial, etc. Zlock provides lockdown of computer ports and management console to implement a port/device user access control. User access control, which is based on access control lists (ACL), is tightly integrated with Active Directory (AD). System administrators can take full advantage of the existing AD user groups, which can be assigned various port/device access levels, such as: allowing full access; read only; or denying the access altogether.
USB-pluggable or other devices can be classified by different criterion, such as device type, device code, device manufacturer and serial number, etc. This enables system administrators to create custom port/device access policies based on any defined device classification and assign them to users. For example, a device access policy could be defined to prohibit use of any USB-flash drive, authorize use of USB tokens to authenticate users, or disable USB altogether.
To evaluate Zecurion Zlock - Data Loss Prevention, demonstration, etc., contact us. Download If you are based in Asia - Hong Kong, China, Taiwan, Singapore, Malaysia - Kuala Lumpur, India - Mumbai, Bangalore, Delphi or Pune, Indonesia - Jakarta, Vietnam, Philippines - Manila, Thailand - Bangkok, Macau, please contact us now. Zecurion Zlock - Data Loss Prevention is available for purchase and you can buy direct from LOGON or one of our reseller partners. We offer local and regional technical support, consulting services and training for selected products.
How to buy Zecurion Zlock - Data Loss Prevention ?
If you wish to buy Zecurion Zlock - Data Loss Prevention, you can first generate a quote online or request one via email. Send email to sales@logon-int.com.
