Technical Support Technical Support
SafenSoft
Solutions chevron-down
Products chevron-down
Projects chevron-down
Partners chevron-down
About us chevron-down

Enterprise Suite

Enterprise Suite is a comprehensive network security solution that effectively protects against intrusion by targeted hacker attacks or malware threats without the need for signature updates. It also protects against insider threats caused by unauthorized access to sensitive data and system configuration changes.
Trial version

Overview

By controlling the launch and activity of all applications and system drivers, Enterprise Suite enables effective protection of endpoints against all types of malware and vulnerability exploits without the need for signature updates. This approach also blocks zero-day threats and user activity such as unauthorized information or device access, launching unapproved applications, and other actions that run counter to corporate security policies.

User-driven rules for application activity, file system and registry access, peripheral device and network resource access, combined with monitoring and logging, allow administrators to control and block malicious or unwittingly-risky employee activity. Centralized management and modular architecture significantly reduce the cost of security administration.

Why Enterprise Suite?

Protection against all types of malicious software and hacker attacks

Dynamic integrity control

Controls application launches, blocking the launch of hidden applications, and preventing new applications from launching until the administrator can determine whether the application should be permitted to run.

Dynamic sandbox

Unknown or potentially dangerous applications are launched in a limited user account or a sandbox , so they cannot affect other processes or the system itself. This method allows malicious activity to be blocked before patches or signature updates can be applied.

Application activity control

Controls how different applications can access files and folders, USB drives, registry keys, external devices, and network resources. User-driven rules can be created to control application activity.

Targeted software protection

Enables custom protection to be implemented for specific software in the following ways:

  • Application data protection. Disable read/write access to application data files and registry keys for all other applications.
  • Application consistency control. Control over program code changes ensures that applications cannot be launched if the executable code has been modified.
  • Application executable code protection. Prevent executable modules from being modified by other applications.

User activity control and data loss prevention

Application launch control

Block attempts by users to launch any unknown application or block only specified unwanted software such as games or multimedia players.

Access to files and folders

Set access rules to files and folders for individual applications or groups of applications. Active Directory support enables rules to be set for individual users or groups of users.

Access to peripheral devices

Granular settings control access to USB drives and CD/DVD devices, down to the level of device type, name, vendor and ID.

Monitor access to file storages and external devices

Alerts are generated whenever an unauthorized application launch or access to unauthorized file, registry or external device is attempted. Using the audit logs, reports can easily be created to provide timely information about all endpoint activity.

Time-limited rules

When setting application activity policies, access rules can be time-limited to allow for workstation maintenance.

Remote display screen shot session

Remote screen shot session of user’s workstation display in real time as part of a forensic investigation.

Record keyboard input

Automatically saves original copies of changed or deleted files and system registry keys.

Usage monitoring

Keep track of who uses which applications as well as the time spent using those applications.

Cutting edge technologies

SysWatch is built around SoftControl’s unique, patent-pending V.I.P.O. (Valid Inside Permitted Operations) technology, which combines three levels of protection:

D.I.C. (Dynamic Integrity Control)

Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur. Preserves the system in a known-good state.

D.S.E. (Dynamic Sandbox Execution)

Specially-designated user account for potentially dangerous software provides system-level privilege controls to block malicious software activity. Also protects the PC from software vulnerabilities.

D.R.C. (Dynamic Resource Control)

Controls how different applications can access files and folders, registry keys, external devices, and network resources.

Easy to deploy and manage

Scalability

Easily scales to meet the needs of growing businesses.

Integration with other security solutions

Operates alongside and can be integrated with other security and network management tools, such as SIEM, IAM, network traffic security, encryption, and traditional antimalware solutions.

Centralized management

Update server

SysWatch Workstation installations can be updated through local server connections.

Remote management

The built-in remote management console supports remote installation and uninstallation, policy and configuration changes.

Incident management

The management console enables administrators to remotely make decisions on action to be taken in case of incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.

Alerts

If, for any reason, the client is stopped on a remote workstation, or there is an attempt to breach security policies, an alert is issued to the management console or directly to a designated administrator via email.

Key features

  • Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur.
  • Granular application launch control settings allow precise controls and prevent unknown processes from launching, blocking malicious activity without the need for software patches or signature updates.
  • Controls how different applications can access files and folders, USB drives, CD/DVD, COM and LPT ports, registry keys, external devices, and network resources. User-driven rules can be created to control application activity.
  • When setting application activity policies, access rules can be time-limited to allow workstation maintenance to be scheduled.
  • Detection and prevention of VB and JavaScript scripting language launches.
  • Unknown or potentially dangerous applications are launched in an isolated =sandbox so they cannot affect other processes or the system itself.
  • The management console enables administrators to remotely determine actions to be taken on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
  • Protects SysWatch from being disabled by malicious software or hackers. System changes and uninstallation are password-protected, so only authorized personnel can change or uninstall SysWatch.
  • Application activity monitoring allows recovery of changed or deleted files.
  • Alerts are generated whenever an unauthorized application launch or unauthorized file, registry or external device access is attempted. Using the audit logs, reports can easily be created to provide timely information about all endpoint activity.
  • Logs which files were copied to USB device and when or what applications or files were run from a USB drive (file reading, writing, or deletion).
  • Remote screen shot session of user’s workstation display in real time as part of a forensic investigation.
  • Record all keyboard input for any application in order to track who, when and what data is entered.
  • Logs all outgoing emails and the names of attached files (only Outlook 2003 supported at this time).
  • Monitors and logs all files sent to printers.
  • Logs all changes made by users or applications to the system registry (reading, creating, deleting, renaming, keys changing).
  • Automatically saves original copies of changed or deleted files and system registry keys.
  • Useful information for human resource departments, this function optionally records the time spent by any user on any application.
  • Operates alongside and can be integrated with other security and network management tools, such as SIEM, IAM, network traffic security, encryption, and traditional anti-malware solutions.
  • Built-in remote management console allows remote installation, uninstallation or change of Enterprise Suite settings.
  • The management console enables administrators to remotely determine action to be taken on incidents such as attempts to launch unknown applications or breach of security policy or to process incidents automatically.
  • If, for any reason, the client is stopped on a remote workstation, or there is an attempt to breach security policies, an alert is issued to the management console or directly to a designated administrator via email.
  • SysWatch Enterprise Suite allows the use of a local server for workstation program component updates.
  • Comprehensive information about employee use of corporate systems is stored in the Service Center database. This information can be generated into forensic or audit reports that help analyze incidents and employee activity.
  • Used for generating reports based on monitoring data.

Products News

line-72px-2px

There are no articles for this section

All news →
Новости