Three vendors have announced improvements to their products for managing and securing the growing numbers of mobile devices in the enterprise.
Products from Safend and SmartLine products focus on giving IT staff control of device ports and interfaces to control data transfers. The third product, from Devicescape, simplifies wireless connectivity and security.
Safend has released Safend Protector 3.0, a client/server application for setting and enforcing security policies for the use of USB and CD-ROM across drives and other removable storage media on laptops and other devices. The new version has a logging capability that lets administrators view a complete audit trail of the data transferred — and when and how — by a specific user.
Other changes beef up Protector’s control over wireless LAN (WLAN) adapters used in a mobile client. Now the software analyzes the wireless traffic through the adapter and checks that various security requirements are operational, such as the correct encryption format and authorized access points. If not, the software blocks the clients connecting to an access point.
The Safend software now manages U3 smart drives, which are USB devices loaded with personal or enterprise desktop applications and services that can be plugged into a USB port on any computer. Safend authorizes only certain applications to be downloaded to a U3 drive. Version 3.0 incorporates the Cisco Network Access Control (NAC) client. The Safend code “reports” to this client, just as a third-party antivirus or mobile firewall does.
SmartLine’s DeviceLock, also a client/server application, lets administrators control the array of peripherals ports on client devices. For this new release, SmartLine completely rewrote the client to make it more compact, thus requiring less client memory.
One new feature is the Media White List. Administrators can authorize the use of particular CDs, for example a new corporate manual. A music CD, however, which carries the threat of a rootkit infection, won’t run in the same drive.
New optional server code lets DeviceLock continually listen to all clients on the network, capturing information, such as time stamps, that identifies and isolates data security breaches. A new feature called data shadowing lets DeviceLock use the new server capability to create copies of files transferred to removable storage devices. These shadow copies are analyzed to see if they’ve been renamed, encrypted or compressed, all of which could signal illicit activity. Version 6.0 costs $7.40 per managed client.
Devicescape has released its Devicescape Agent software, which manufacturers can incorporate into a range of mobile devices, providing users with simplified and secure access to WLANs.
The agent supports Windows Mobile 5.0, in addition to other Microsoft PC platforms. It implements the Wi-Fi Alliance’s Wi-Fi Protected Setup specification, which makes it much easier to set up secure WLAN connections in home networks. The agent also supports the Personal and Enterprise versions of the Wi-Fi Protected Access 2 specification and all Extensible Authentication Protocol methods.
The Cisco Compatible Extensions agent for the Windows Mobile 5.0 operating system is included. The agent works with an array of popular WLAN chipsets.
