Benefits

ENDFORCE Enterprise enables enterprises to:

Provide both client and clientless assessment options for managed and unmanaged endpoints
Centrally define endpoint security policies
Proactively assess endpoint compliance prior to network access and periodically during the network session
Proactively manage compliance through real-time alerts on compliance state changes and enforcement actions
Report the state of endpoint compliance over time
Rapidly respond to new, unforeseen threats using custom application creation and enforcement
Provide systematic enforcement of endpoint security compliance policies
Provide easy identification and isolation of unmanaged endpoints
Enhance ROI of existing security applications and network infrastructure
Reduce help desk operating costs by automating the endpoint security policy management process
Achieve continuous regulatory compliance, assuring the integrity of compliance controls

ENDFORCE Enterprise™ Features

Complete Enforcement Coverage

Multiple enforcement options, used alone or in combination, provide enterprises with 100% network enforcement coverage today:

Agent enforcement protects the network by providing self-quarantine for non-compliant endpoints.
DHCP enforcement protects the network from LAN-connected devices by leveraging an enterprise's existing DHCP infrastructure to quarantine non-compliant and rogue endpoints.
IEEE 802.1X enforcement protects the network from devices connected to the LAN by leveraging an enterprise's 802.1X-compliant infrastructure.
ENDFORCE Enterprise fully supports dynamic VLAN assignment and guest access.
RADIUS enforcement protects the network from mobile devices by providing enforcement prior to opening IPSec, SSL-VPN, or wireless connections. On capable wireless access points and VPN concentrators, ENDFORCE Enterprise can also perform dynamic ACL assignment.

Centralized Policy Definition and Management

The ENDFORCE Enterprise Web interface provides an intuitive interface for defining and managing endpoint policies, supporting all major security applications, custom element definition, and point-and-click contextual OS patch definition. Policies and enforcement points are defined centrally for complete network coverage.

Comprehensive Reporting and Alerting

Includes powerful audit and reporting capabilities that enable administrators to monitor and manage endpoint compliance, as well as any changes made to policy. Gives access to real-time and historical endpoint data that provides sophisticated analysis, reporting, and trending information that can also be extracted and viewed in third-party data analysis tools such as Crystal Reports. Provides real-time alerting based on compliance state changes and enforcement actions.

Client-Based

A client-based ENDFORCE Agent provides comprehensive compliance assessment and enforcement of managed endpoints both prior to and during a session on the corporate network.

Client Web Agent

A clientless ENDFORCE Web Agent provides comprehensive compliance assessment prior to network access for remote or LAN-based unmanaged endpoints or on managed endpoints where a client is not practical.

Point and Click Functionality

Intelligent, context sensitive, and dependency-aware examination of Microsoft patches combined with out-of-the-box support for all leading security applications make this powerful functionality easy to use.

Standards-Based

ENDFORCE Enterprise is purpose-built for enterprises that have heterogeneous network and security software infrastructures and want to maximize these investments as they implement secure network access control solutions. ENDFORCE's on-going participation and commitment to industry partnerships enable us to provide solutions that extend Cisco® NAC, Microsoft® NAP and Trusted Network Group™ (TNG) Trusted Network Connect (TNC) architecture as they are developed.