Tech Talk 1 by David Ferre
Novell ZENworks Endpoint Security Management – Balancing the Needs of Mobile Security and Agility
Mobile Device Protection
The integrity of your mobile devices is not only critical to the performance of the device itself, but it’s critical to the integrity and performance of your entire infrastructure. If a laptop has been exposed to malware while on the road, and it’s allowed to connect to your network upon return to the office, it can expose your entire network to viruses, bots, spyware and other malware. To ensure the integrity of your mobile devices and your network infrastructure, ZENworks Endpoint Security Management can verify that your devices are running the latest antivirus and anti-spyware software. If a device falls out of compliance, it can initiate remediation efforts to bring it back into compliance and quarantine it from your network until it is in compliance.
To provide additional protection to all your endpoints, ZENworks Endpoint Security Management uses a stateful personal firewall that only allows solicited inbound communications. This protects it against the infection and propagation of malware that could be introduced into your network by some other means, such as a non-managed infected machine. Furthermore, the solution provides application controls that can prevent the execution of dangerous and unauthorized applications.
Making a Difference
While ZENworks Endpoint Security Management has a comprehensive arsenal of security features to safeguard your mobile devices, the methodologies the solution uses to implement these protections significantly differentiate it from other offerings.
The first of these methodologies deals with policies and client self-defense. Instead of leaving endpoint security decisions up to end users, the solution gives you and your IT security specialists the power to make those decisions centrally for the entire organization. It allows you to centrally configure policies that are published to user or machine accounts in an organization’s directory services (Active Directory or eDirectory) and then have those policies enforced at the endpoint. Furthermore, the solution’s client agent has a built-in self-defense mechanism that prevents users from turning off or circumventing security policy settings even if they have administrator privileges for their laptop. This mechanism protects the agent from being intentionally or unintentionally uninstalled, shut down, disabled or tampered with in any way that would expose sensitive data to unauthorized users.
A second key differentiator for ZENworks Endpoint Security Management is its ability to automatically adjust security settings and user permissions depending on the location of the device. The solution provides you the ability to define a variety of locations, based on network settings, and then as a laptop moves from one location to another the solution’s agent can detect its current network location and enforce applicable policy settings. This allows you to configure tighter security restrictions as the laptop moves from the relative safety of your managed network environment into less secure environments. For example, you might allow removable storage device access while in the office, but when laptops move outside the office their removal storage access can be disabled or changed to read only.
A third powerful differentiator derives from the solution’s driver level enforcement. Most endpoint firewall technologies operate at the application layer or as firewall-hook drivers, which makes them susceptible to a variety of protocol-based attacks.
Subscribe to Connection Magazine
ZENworks Endpoint Security Management has an NDIS layer firewall that operates at the network driver level. This enables it to protect the computer the moment any traffic enters the Network Interface Controller (NIC), blocking any unwanted traffic before the traffic hits the operating system’s network stack.
In addition to its NDIS firewall, the solution also provides additional driver level protections. Its TDI filter driver allows the agent to block outbound network access from any application. The storage filter driver can disable or configure as read-only any device that dynamically enumerates onto the file system to protect against data theft from things like USB devices or flash memory cards. In a non-intrusive manner, the file system driver can block the execution of any file that poses a threat to your data.
Balanced Mobility and Agility
As you strive to balance the needs of security and mobility, ZENworks Endpoint Security Management allows your users to enjoy productive agility while addressing the three main areas of concern that affect mobile security. For mobile data protection it helps you achieve regulatory compliance while safeguarding sensitive data. It ensures safe and secure mobile communications. And the solution further increases user productivity while decreasing IT involvement by guaranteeing the system health and integrity of your mobile endpoints.
To help you evaluate where your organization stands in terms of addressing the needs of mobile data protection, mobile access protection, and mobile device protection, Novell has made available a free online threat assessment tool. The threat assessment asks the key questions that help you determine if you’re overlooking any areas of concern in terms of securing your mobile and fixed endpoints. To take the threat assessment, visit http://www.novell.com/threatassessment/.