SmartLine Inc announced the general availability of DeviceLock® 6.1, a release that comprehensively addresses the challenge of enforcing endpoint security policy and auditing activity for all plug-and-play ports, drives, and removable devices on Windows computers.
DeviceLock controls and audits activity at all peripheral ports and removable device interfaces on Windows-based computers natively via Active Directory Group Policy Objects (GPO) and/or DeviceLock management console. With DeviceLock, administrators have precision control over which users and groups have what level of access to which devices on which computers and when that access is allowed. DeviceLock discretely manages any peripheral port and device interface with its layered security architecture and White List options, ensuring that even users with local computer administrator rights cannot tamper with policy enforcement.
With version 6.1, DeviceLock has a new option for handling audit records likely to be preferred by auditors and compliance professionals. To achieve a level of security and non-repudiation beyond that possible using the standard Windows Event Log alone, administrators can now configure DeviceLock to save audit records locally in protected format and collect audit records and store them centrally on a DeviceLock Enterprise Server. And with DeviceLock security features activated, these audit logs cannot be edited, deleted or otherwise tampered with, even by users with local admin privileges.
DeviceLock 6.1 can also detect USB keyloggers and block any keyboards connected to them. Attached between a keyboard and a computer, keyloggers are small hardware devices that record every keystroke typed on the keyboard by an unsuspecting user. Culprits who attach keyloggers to systems typically are looking to steal sensitive data, such as passwords and IDs, as well as other personal or proprietary information. In addition to the keylogger detection feature to root out this escalating USB-based threat, the latest version of DeviceLock comes packed with other new capabilities, such as blocking of external USB hubs.
A new Policy Template feature in DeviceLock allows administrators to establish a policy file that can be saved, exported and imported for later use with any DeviceLock console. To avoid tampering, these templates can be signed with DeviceLock Certificates.
DeviceLock now also supports Resultant Set of Policy (RSoP) reporting and Quality of Service (QoS) parameters for managing network traffic. Administrators can use the standard Windows RSoP snap-in to view the DeviceLock policy currently being applied, as well as to predict what policy would be applied in a given situation.
System requirements: DeviceLock requires Windows NT 4.0, Windows 2000, Windows XP or Windows Server 2003, 64 MB RAM, a hard drive with 4 MB of hard disk space.
What's New in DeviceLock® 6.1 (versus 6.0):
- Audit records can now be automatically collected from remote computers and centrally stored on DeviceLock® Enterprise Server. This provides a level of security beyond using the standard Windows Event Log on every computer. Even users with local admin privileges can't edit, delete or otherwise tamper with audit logs set to transfer to DeviceLock® Enterprise Server.
- Now you can define what log should be used to store audit records. DeviceLock® Service can write audit records to the standard Windows Event Log that stores locally and/or to its own protected log that sends to DeviceLock® Enterprise Server for centralized storage.
- DeviceLock® can now detect hardware keyloggers. Hardware keyloggers are devices that record keystrokes. DeviceLock® detects USB keyloggers and blocks keyboards connected to them.
- DeviceLock® now supports Resultant Set of Policy (RSoP). Now you can use the standard Windows RSoP snap-in to view the DeviceLock® policy currently being applied, as well as to predict what policy would be applied in a given situation.
- DeviceLock® now supports traffic shaping, allowing you to define bandwidth limits for sending audit and shadow logs from DeviceLock® Service to DeviceLock® Enterprise Server. When the Quality of Service component is installed on a computer running DeviceLock® Service, you can set three types of traffic priority: high, medium and low. Medium and low priorities reduce the network load.
- Now DeviceLock® Service can choose the fastest available DeviceLock® Enterprise Server from the list of servers. When the "Fast Servers First" parameter is enabled, all servers are divided into three groups depending on their network speed and preference is given to the fastest. If all of the fastest servers are unavailable, DeviceLock® Service attempts to select a server from the group of next fastest servers and so on. If the "Fast Servers First" parameter is disabled, DeviceLock® Service randomly selects a server from the list.
- A new access right for DeviceLock® Administrators, "Change", has been added in DeviceLock® Service and DeviceLock® Enterprise Server. Users with this access right can change settings, install, and uninstall DeviceLock® Service or DeviceLock® Enterprise Server, but they can't add new users to the list of DeviceLock® Administrators or change access rights for existing users in this list.
- DeviceLock® Enterprise Server can now automatically cleanup logs (Audit, Shadow, Server) according to defined rules and in a way that avoids database overflow.
- A read-only access right for tape devices has been added.
- Now you can enable audit for tape devices.
- You can now export/import all DeviceLock® Service parameters (including permissions, audit and shadowing rules, settings, etc.) to/from an external file from DeviceLock® Management Console or DeviceLock® Group Policy Manager. To avoid unauthorized modification this file can be signed with DeviceLock® Certificate using the DeviceLock® Signing Tool. Upon receiving this signed file, the user can import new settings using the DeviceLock® applet from the Control Panel. This setup method is ideal when a user computer is not online and thus out-of-reach via management consoles. Moreover, using this export/import feature, DeviceLock® Administrators can create and save a standard template and use it for applying settings to new computers.
- The DeviceLock® Temporary White List Administration Tool is now a part of the DeviceLock® Signing Tool.
- The DeviceLock® Temporary White List Authorization Tool is now a part of the DeviceLock® applet. To use the Temporary White List feature, users should run the DeviceLock® applet from Control Panel.
Existing customers that are still within their one-year free maintenance period can use this new version without any fee!