Altiris makes security location-aware
PrintLock up your ports and limit your apps
Posted in Hardware, 27th October 2006 13:52 GMT
Free whitepaper – Deploying high-density zones in a low-density data center
Location-awareness will be the next big thing in device security, claimed Altiris as it became the latest vendor to jump into the increasingly crowded market for endpoint security software this week.
As well as all the usual capabilities to control USB and wireless usage, block keyloggers and spyware, and so on, the Altiris software can apply rules that depend on the device's current location.
"Organisations tend to try to control by saying that things are not allowed, but that doesn't work," says Altiris marketeer Chris Ewing. "So you need the ability to flexibly control policy depending on where the user is.
"Our control is more granular than Vista's, for example. We can define locations, types of devices, the type of wireless networks to connect to the level of encryption required, and so on."
So it might allow you to copy data to an encrypted USB stick, but not an ordinary one, enforce the use of a VPN on a public Wi-Fi hotspot, make a device read-only when it's out of the office, or block data transfers via infra-red or Bluetooth.
The client security software works with other Altiris applications that set security policies, scan for viruses and security patches, quarantine out-of-compliance systems for fixing, and so on.
Altiris also added software to centrally manage the administrator passwords for PCs. Ewing said that by generating randomised passwords and storing them in the main configuration management database, this avoids the risks inherent in admins using the same password for everything.
She added that next week the company will introduce application control software that prevents unknown or unauthorised programs from running. As well as blocking malware and preventing users from installing their own software, this will allow different applications to run with different privileges on the same system.
"You can demote privileges, for example to stop Internet Explorer running with admin rights, or promote older applications that need admin rights to run," Ewing said.®
Free whitepaper – Fundamental Principles of Air Conditioners for Information Technology
Analyst Keynote: The Register Agile Data Center Summit
Managing desktop software for fun and profit
Seven ways to lower storage costs
Dell PowerEdge M710 with Dell EqualLogic storage vs. HP ProLiant BL685c with HP StorageWorks EVA 4400
Analyst Keynote: The Register Agile Data Center Summit
HP shoots low with Lynnfield ProLiants
VMware virtually crashes Windows 7 desktop party
zPrime cost-cutting mainframeware gets traction
Delays, password problems hit UK2 email restore