Friday, 07 September 2007 16:00

SmartLine maintains its winning formula for leadership in removable device security software with the release of DeviceLock 6.2 that offers Integrated Enforcement of top-tier Endpoint Device Control Encryption, Windows Mobile® Device Synchronization Control, and Complete Prevention of Hardware keyloggers.



SAN FRANCISCO, Calif., September 18, 2007 — SmartLine, Inc. today announced at IT Security World 2007 the general availability of DeviceLock® 6.2, end-point security software that prevents employees from using their corporate and personal computing resources to siphon off valued information beyond the scope of their jobs and outside the guidelines of IT security policy.  Now in combination with third-party products from leading encryption vendors, DeviceLock enables enterprises to ensure that only removable storage devices with approved encryption can be accessed on corporate computers, thus preventing malicious or negligent leakage of sensitive corporate information to unencrypted or otherwise unapproved media. In addition, DeviceLock 6.2 provides numerous management console improvements, expands keylogger protection to the PS/2 port, and delivers the ability to centrally control which types of data that end users can synchronize between their Windows Mobile-based PDA devices and corporate computers. 
For enterprises standardized on software and hardware-based encryption solutions like PGP® Desktop® Whole Disk Encryption and Lexar® SAFE PSD S1100 USB drives, DeviceLock 6.2 allows administrators to centrally define and remotely control the encryption policies their employees must follow when using removable devices for storing and retrieving corporate data. For example, certain employees or their groups can be allowed to write to and read from only specifically encrypted USB flash drives, while other users of the corporate network can be permitted to “read only” from non-encrypted removable storage devices but not write to them.

“DeviceLock’s 6.2 release is another solid demonstration of SmartLine’s ability to respond to customer demands in the most efficient way”, said Ashot Oganesyan, SmartLine’s Founder and CTO. “Instead of rushing to the market with one more “home-made” encryption package, we have chosen integration with industry-leading cryptographic products, and – as a result – delivered a fundamentally more reliable crypto-intelligent device control solution to our customers while simultaneously preserving their investments in enterprise-class encryption platforms”.

Another high-demand security feature set delivered in DeviceLock 6.2 is granular access control, auditing, and shadowing of Windows Mobile® device communications with PCs that use the Microsoft ActiveSync® protocol through any local ports and connection interfaces that include USB, COM, IrDA, Bluetooth, and Wi-Fi. With ActiveSync control, corporate security administrators can centrally and flexibly define which types of data that specified users and/or groups are allowed to synchronize between corporate PCs and their Windows Mobile® personal devices.  These data types would include files, pictures, calendars, emails, tasks, notes, and other ActiveSync protocol objects. In addition, administrators can perform auditing and shadowing of files and other data copied between PCs and Windows Mobile PDA devices.

DeviceLock’s new PS/2 keylogger prevention works by obfuscating the PS/2 keyboard's input, thus forcing keyloggers to record a huge amount of useless “noise” data while hiding real keystrokes.

Featuring a comprehensive central management platform fully integrated with Microsoft Active Directory® and Group Policy, DeviceLock enables security administrators to precisely control, shadow-copy, log, and analyze end-user access to all types of devices and local ports on their Windows computers, as well as automatically disrupting operations of any hardware keyloggers. DeviceLock proactively protects against data leakage and malware infiltration via the local ports of distributed computers, thus significantly reducing business risks and costs associated with malicious actions, errors, or negligence by insiders or others with physical computer access.

# # #


What's New in DeviceLock® 6.2 (versus 6.1.1):

  • Added granular access control, auditing and shadowing for Windows Mobile devices. Now you can set permissions for different objects (files, contacts, e-mails, etc.) transferring from/to PDAs running Windows Mobile OS. Also, you can enable auditing and shadowing for files and other objects (contacts, e-mails, etc.) copying from the PCs to PDAs. All connection interfaces (USB, COM, IrDA, Bluetooth, WiFi) are supported.
  • Added integration with PGP Whole Disk Encryption. DeviceLock® now can detect encrypted PGP disks (USB Flash Drives and other removable media) and apply special "encrypted" permissions to them. Using these "encrypted" permissions you can, for example, allow writing only to the encrypted removable devices and deny writing to the unencrypted media.
  • Added integration with Lexar SAFE PSD encrypted flash drives. DeviceLock® detects Lexar SAFE PSD drives and applies special "encrypted" permissions to them.
  • Now DeviceLock® can prevent PS/2 keyloggers from recording keystrokes. DeviceLock® obfuscates PS/2 keyboard's input and forces PS/2 keyloggers to record some garbage instead of the real keystrokes.
  • Now white-listed USB devices which have access control on both interface (port) and type levels can be allowed to bypass control on the type level. For example, by disabling the "Control as Type" flag for a USB flash drive that has been added to the USB Devices White List, you can bypass security checking on the Removable level. Also, this "Control as Type" flag is always disabled for devices authorized via a Temporary White List. This new feature allows you to avoid permissions conflicts (double control) for white-listed devices and simplifies defining access control policies.
  • Changed parameters for the silent setup. Now all DeviceLock® Service settings, permissions, audit and shadowing rules can be defined in the external XML file and applied during the silent setup. To load an external XML file during the silent setup, specify the "SettingsFile" parameter.
  • Added stream compression for audit logs and shadow data sending from DeviceLock® Services to DeviceLock® Enterprise Server. By enabling stream compression you can decrease the size of data transfers and thus reduce the network load.
  • In DeviceLock® Enterprise Manager, a new Set Service Settings plug-in is added, replacing the former Set Permissions/Auditing plug-in. Using this Set Service Settings plug-in you can apply DeviceLock® Service parameters (including permissions, audit and shadowing rules, settings, etc.) to remote computers.
  • Added a DeviceLock® Service Settings Editor which allows you to create and modify all DeviceLock® Service parameters (including permissions, audit and shadowing rules, settings, etc.) in an external file. Later this file can be loaded into DeviceLock® Management Console and DeviceLock® Group Policy Manager, used in the Set Service Settings plug-in of DeviceLock® Enterprise Manager or signed using the DeviceLock® Signing Tool. The DeviceLock® Service Settings Editor is a snap-in for MMC and has the same interface as DeviceLock® Management Console and DeviceLock® Group Policy Manager.
  • Changed the interface of Permissions and Audit & Shadowing dialogs. Now these dialogs support new permissions and audit and shadowing rules for Windows Mobile devices, encrypted PGP and Lexar SAFE PSD disks.
  • In DeviceLock® Management Console's audit and shadowing logs viewers, parameters in the filter dialogs can now be saved/loaded to/from the external files.

Existing customers that are still within their one-year free maintenance period can use this new version without any fee!

Other customers can also receive an upgrade but for the additional fee.  If you want to purchase an upgrade, please e-mail us at sales (at) advancedforce.com. (Please delete the space before and after the "(at)" letters and also replace "(at)" with @ mark. We are sorry for this inconvenience, but these steps are necessary to help us avoid SPAM.)