Novell ZENworks Endpoint Security Management

Client Self Defense

Novell® ZENworks® Endpoint Security Management utilizes an installed client application to enforce complete security on the endpoint itself. This ZENworks Security Client protects client data by determining in real time the network location of the endpoint. Based on that location, the ZENworks Security Client:

• Implements policy-based filtering of all incoming and outgoing traffic, creating a personal firewall
• Implements policy-based control over hardware use (such as that of wireless access points, removable media and network adapters)
• Collects reporting data
• Launches nominated applications in policy-defined situations (For example, if policy dictates that in a certain location a VPN program must be used to access the network, the ZENworks Security Client launches)

The ZENworks Security Client is protected from being intentionally or unintentionally uninstalled, shut down, disabled or tampered with in any way that would expose sensitive data to unauthorized users, even by Local Admin users. Each measure protects the client against a specific vulnerability:

• Normal uninstall is not allowed without an installation password (if implemented; see Installation and Quick-Start Guide) or unless an uninstall MSI is pushed down by the administrator.
• Windows Task Manager requests to terminate ZENworks Security Client processes are disallowed
• Service Pause/Stop and client uninstall is controlled by a password, which is defined in the policy.
• Critical files and registry entries are protected and monitored. If a change is made to any of the keys or values that are not valid, the registry is immediately changed back to valid values.
• NDIS filter driver binding protection: If the NDIS driver is not bound to each adapter, ZENworks Security Client will rebind the NDIS filter driver.

Talk to us today about Novell ZENworks Endpoint Security Management. +