System Requirements
Server
Operating System: Windows® Server 2003
Database: Microsoft® SQL 2000
Agent
Operating Systems:
- Windows® 98
- Windows® NT
- Windows® 2000
- Windows® XP
- Windows® Server 2003
- Windows® Vista
Supported Enforcement Applications (500 +)
- BigFix™
- Cisco®
- Computer Associates®
- Hewlett-Packard
- Internet Security Systems™
- Juniper Networks™
- McAfee®
- Meetinghouse™
- Microsoft®
- Sophos
- Symantec™
- Trend Micro™
- Zone Labs™
ENDFORCE Enterprise™
How It Works
ENDFORCE Enterprise is a software-based, vendor-neutral framework that protects enterprise networks from non-compliant or untrusted endpoints by enabling enterprises to enforce security policies and gain control of their network security. Leveraging the existing network, user store and security software infrastructures, ENDFORCE Enterprise enables enterprises to:
- Centrally define security policies for endpoints
- Proactively assess compliance prior to network access and also during the network session
- Report the state of compliance over time and systematically enforce compliance
This extensible solution allows enterprises to deploy a network access control solution today that provides comprehensive security policy management and enforcement, which extends the capabilities of Cisco NAC, Microsoft NAP and TCG/Trusted Network Connect architectures as they are developed.
Define Policy
The ENDFORCE Enterprise Web interface provides a central location for enterprises to define policies and associated compliance and enforcement actions. Policy details may include the installed and running version of the software, a signature file (if applicable), and any required security patches or service packs. Policies can be defined to include applications that must be installed and running as well as those that must not be installed and running, such as file sharing applications. Additionally, customers can define custom detections for any process, file, or registry key that requires endpoint inspection.
Assess Endpoints
An ENDFORCE Agent determines whether each endpoint is in compliance with the defined policy. For managed endpoints, this inspection can be performed by a distributed low-profile client that performs rules-based assessment of software applications and OS patch compliance and reports the results of compliance assessment back to the ENDFORCE application server. A clientless Web Agent can also be utilized to perform the same level of assessment for unmanaged or managed endpoints where a client may not be possible.
Report and Alert Results
ENDFORCE Enterprise includes a rich set of tools that report and alert on the compliance status of all enterprise endpoints. Enterprises must know the state of security compliance of their endpoints and users. The ENDFORCE Enterprise Web interface provides data and intelligence relating to user session, policy compliance, quarantine, and network access. This data is a realistic view of endpoints that are compliant or non-compliant with the defined security policies. Numerous predefined reports exist along with the ability to create custom reports. The combination of robust reporting, and real-time alerts allow administrators to react quickly to significant compliance issues as they occur and improved risk management of the enterprise network environment.
Enforce Compliance
Enterprises need to enforce compliance with their defined security policies to protect their networks from threats arising from non-compliant endpoints. Through endpoint authentication and access enforcement, ENDFORCE Enterprise permits, quarantines, or denies access to the network based on each endpoint’s compliance with policy.
Context Aware Authorization™ (CONTEXT™) Technology
ENDFORCE developed Context Aware Authorization (CONTEXT) technology to power ENDFORCE Enterprise. CONTEXT technology combines the awareness of a user's role, access method, endpoint health, and available threat responses when determining authorization to enterprise network resources. By defining security policy using CONTEXT technology, the enterprise can customize access to its network resources based on the current state of system security. CONTEXT technology allows granular enforcement; users may be placed in quarantine or permitted restricted access until they become compliant with enterprise security policy.
User Role
Access to specific enterprise resources are based on clearance level and requirements of defined organizational roles. These roles may include executive management, employees, remote employees, and contractors.
Access Method
A single policy is enforced independently of access method and technology — or can be tailored to the differing risk profile of various access methods, such as LAN, WiFi, broadband, and remote.
Threat Response
Available responses to security vulnerabilities, such as OS patches and security application updates, are automatically made available for enforcement when determining resource authorization.
Endpoint Health
Endpoint status is determined through contextual analysis of the status of a device's operating system, installed security applications, service packs, OS patches, and related applications and customized assessments.
