DeviceLock Endpoint DLP Suite consists of three powerful components, the first being the DeviceLock module.
DriveLock from CenterTools provides a full set of endpoint security features. With this, from one single platform administrators can deploy policy that includes control over removable media, applications and devices, encryption and anti-virus.
Endpoint Protector 4 from CoSoSys provides endpoint protection through the use of three feature-rich modules: Device Control for endpoints, Content Aware Protection for endpoints and Mobile Device Management.
Trend Micro’s Enterprise Security for Endpoints, with Enterprise Data Protection add-on v10.6, secures the endpoints both on and off the network with anti-malware, malicious websites blocking and host intrusion protection.
Eset Endpoint Security provides a full range of endpoint protection features and offers administrators the ability to easily secure and protect Microsoft Windows endpoints throughout the network from viruses and spyware, as well as deploy firewall capability, spam protection, web filtering and device control.
FortiClient from Fortinet is an endpoint security client designed to be deployed alongside FortiGate. While these clients can run independent of an appliance, the true management capability is done through it.
Invincea Enterprise takes a unique approach to stopping and controlling malware infection at the endpoint. With this software deployed, virtually all malware can seamlessly be detected, contained and prevented without any need for user interaction.
Kaspersky Endpoint Security for Business provides a full suite of endpoint security features in one easy-to-manage application.
LANDesk Security Suite v9.5 manages, assesses and controls security at the endpoint through a single agent and server architecture.
Lumension Endpoint Management and Security Suite (LEMSS) v7.3 unifies the functions of IT operations and security through a single console, server and agent architecture to seamlessly and more effectively address IT risk and systems management requirements across the enterprise.
Novell Endpoint Protection Suite is a compilation of three software products: Novell Zenworks Endpoint Security Management, Novell Zenworks Full Disk Encryption and an optional subscription to Novell Zenworks Patch Management.
Protect On Q (POQ) v3.2 from Quarri takes a fairly unique approach to endpoint protection. It is a security software solution that helps to prevent data leakage.
Safetica manages and controls data security at the endpoint through its client-server architecture and three major components: Endpoint Client, Management Server and the Safetica Management Console.
Sensitive Data Manager by Identity Finder comprises the Data Discover Endpoint and Enterprise DLP Console.
Sophos Complete Security Suite provides a good set of endpoint protection tools, including: an enterprise console; device control (including Windows, Linux, Unix, Mac and mobile units); web filtering; application control; data control; network access control; client firewall; encryption; anti-virus; and Sophos patch assessment.
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows, Macs and servers. It protects against malware (such as viruses, worms, Trojans, spyware and adware), and provides protection against sophisticated attacks that evade traditional security measures (such as rootkits, zero-day attacks and spyware that mutates).
Total Defense for Business is a cloud-based endpoint security platform offering advanced anti-malware technology that protects an organisation's endpoint devices from malware, secures and controls applications being used by end-users, and protects against threats from removable media (e.g. USB drives).
Vipre combines a small-footprint anti-virus agent with integrated patch management and mobile device management (MDM), while Vipre Business Premium helps enterprises manage and control endpoint security without sacrificing system performance.
Wavelink Avalanche from allows administrators to remotely manage a number of endpoint devices, including those from Apple, Android and Windows Mobile, as well as wireless printers and Windows client machines.
Many security professionals appreciate the utility of collaborative workspace features they see in many of the free, online, cloud-based applications out there, but loathe the idea of entrusting the security of their corporate data to another company's cloud, no matter how sterling that company's reputation. That is why we love ...
Providing complete isolation of corporate data within an end-user-owned mobile device, Bitzer Enterprise Application Mobility (BEAM) allows IT departments to enforce data leakage protection policies while offering secure access to internal applications - without the use of VPN.
Mobile device management products shouldn't have to be complicated, and Fixmo SafeZone is proof of that. Incorporating 256-bit AES encryption, two-factor authentication support and a secure sandbox model into an easy-to-deploy application, it is a great choice for administrators who want robust, yet simple, data security on their users' mobile ...
Combining full mobile device management (MDM) with end-to-end encryption, Good for Enterprise from Good Technology offers an expansive suite of products, which allow administrators to embrace BYOD policies while remaining confident in their ability to maintain a data security posture.
Targeted at small to mid-sized businesses, Kaspersky Security for Mobile 10 integrates mobile device management into the company's security suite. While the initial setup may be slightly more complicated than some other products, the end result offers superb security and flexibility.
Mobile Enterprise Compliance and Security (MECS) Server from Mobile Active Defense (MAD) is making another appearance this year. For those who have not yet seen it, here is an introduction: The MECS Server provides full-on, tamper-proof firewall and compliance policy that is pushed down to mobile devices connected either via ...
Sophos Mobile Control provides a full set of features and functionality for management and control of a broad range of mobile devices. Administrators can use this tool to secure both employee-owned and corporate devices, including iDevices, Android devices, BlackBerry and Windows Phone 8.
TrustCall for iPhone from KoolSpan offers hardware-based encrypted calling between off-the-shelf iPhones. It achieves this by sending communication through the TrustRelay Server, which can be installed onsite or hosted by KoolSpan.
Zenworks Mobile Management from Novell allows for full control of a mobile device from both a security and policy perspective. It allows administrators to easily mange a device's security settings, such as requiring a PIN or password on the device, as well as encryption and file sharing requirements.
Many organisations outsource email to a cloud provider, and one of the most successful of these providers is Microsoft with its Office 365 offering.
One of the major issues in cloud-based security is that it is very hard to do. For lots of reasons, many from the business perspective, it is difficult to make the cloud as secure as the on-premise data centre.
Symplified addresses access management to cloud applications. It is visualised best as a single sign-on (SSO) product for the cloud.
Total Defense provides end-to-end security delivered from the cloud, including unified web, endpoint and email security, giving the same level of security as in the enterprise with a single console.
Zscaler is a comprehensive suite of security services delivered from the cloud. It covers email, web and mobile computing.
Agiliance RiskVision manages enterprise risk by making it visible, actionable and measurable across business units, IT operations and security management in near real-time.
AlgoSec Security Management Suite comprises three parts: FireWall Analyzer, FireFlow and BusinessFlow.
Allgress Business Risk Intelligence helps companies quickly and automatically aggregate data from security and compliance assessments and technical inputs and turn this into meaningful, actionable, risk-specific intelligence that can be aligned with the goals of the business.
Aruvio GRC is a complete set of governance, risk and compliance (GRC) applications, including controls, compliance, vendor risk, enterprise risk, incident management and policy and training.
Citicus One is an integrated system for organisations to automate their IT governance, risk and compliance management processes.
FireMon Security Manager with Risk Analyzer and Policy Planner modules offers comprehensive network security management, including firewall and router risk analysis, policy compliance auditing, change management and risk analysis.
LockPath Keylight is a family of applications that includes management of compliance, threats, risks, vendors, incidents and business continuity.
Lumension Risk Manager (LRM) is a compliance and risk management solution that provides a framework for streamlining compliance management and assessing business risk.
DeviceExpert from ManageEngine provides a comprehensive approach to network configuration and change and compliance management.
McAfee Total Protection (ToPS) for Compliance reduces remediation time from months to days by providing unique, countermeasure-aware, impact/risk assessment capabilities.
Modulo Risk Manager is a single, fully integrated platform for organisations to automate and unify their IT GRC processes.
NetIQ Secure Configuration Manager provides a feature-rich platform for monitoring and ensuring policy compliance throughout the network environment.
Change Tracker Enterprise from New Net Technologies (NNT) offers full change and policy compliance management and monitoring.
Promisec Endpoint Manager is a full-scale policy and endpoint management platform that allows administrators to inspect, monitor and enforce configuration and compliance policy across the entire IT environment from one easy-to-manage console.
RedSeal 6 is a risk-based IT security management platform that enables organisations to identify, prioritise and respond to critical points of weakness in complex enterprise security control infrastructure.
RSA Archer’s Risk Manager is part of an enterprise GRC product portfolio sold and licensed as modules for audit, policy, risk, compliance, enterprise, incident, vendor, threat and business continuity management.
Rsam GRC v8 is a platform for risk management and security risk intelligence enabling organisations to perform risk assessments and to manage compliance, threats, vulnerabilities, policies, remediation activities, issues, incidents and more.
Skybox View Enterprise Suite v6.5 is a complete portfolio of proactive security risk management solutions that automatically find and prioritise risks and drive remediation.
Patch Manager and Firewall Security Manager from SolarWinds are two products that can be used together by administrators and security professionals to achieve a full picture of system patch policy and firewall policy auditing.
Symantec Control Compliance Suite (CCS) automates key IT risk and compliance management tasks.
Tripwire Enterprise and Via Data Mart are two products that comprise a suite for maintaining configuration states of servers, network devices and databases, as well as robust reporting services, to allow for deeper analysis of security and configuration policy.
Tufin Security Suite is back again this year and it has some great new features onboard. It comprises SecureTrack and SecureChange and Tufin’s newest offering, SecureApp.
There are three products in AccessData's forensic suite that every digital forensic investigator needs: Mobile Phone Examiner (MPE) Plus, Forensic Toolkit (FTK) and AD Triage. The compatibility of the three tools enables the user to complete a thorough and organised investigation.
Encase Forensic v7 is a tool for computer investigation that both searches a computer system for information, as well as aids in the process of developing this information into a complete report.
Forensic ComboDock is a read/write blocker. It makes it impossible to unintentionally turn off write blocking. Every time it is turned on, it asks the user to choose either write blocking or read/write mode, avoiding problems that can occur when the user forgets to change the mode to write blocking.
Lima Forensic Case Management Software from IntaForensics is a complete, end-to-end case management system that offers an easy way to organise every aspect of a digital forensic investigation.
Both Mac Marshal Forensic Edition and Field Edition provide user-friendly forensic tool kits. Each allows users to access a computer with ease and flexibility. While these offerings were designed originally for Mac OS X to access data, logs and virtual machines running within the Mac OS, the Forensic Edition for ...
Niksun NetDetector Alpine 4.2.1 is a network security monitoring tool with advanced forensic analytical capabilities and consists of some of the most advanced software and hardware on the market.
ProDiscover Incident Response (IR) from Technology Pathways is a computer security tool that allows users to preview, image, view, search, analyse and report. It also provides solutions for corporate policy compliance investigation, e-discovery and computer forensics.
HBGary's Responder Professional is a Windows memory acquisition and analysis tool that offers a variety of features useful to malware analysts and computer forensic investigators. It allows the investigator to capture data and processes residing in volatile random-access memory for the purpose of further examination later.
ADF Solutions' Triage-G2 was quick to set up and use. All we had to do was download the software, configure the triage key so it knew what to collect, plug the key into the targeted device, and then analyse the information.
Cellebrite’s UFED Touch Ultimate is a fully equipped mobile forensic tool that enables quick and easy data acquisition from more than 8,000 mobile devices, including not only mobile phones, but handheld GPS units, tablets and other mobile platforms.
AlienVault Unified Security Management (AV-USM) combines open source technologies for asset discovery/inventory, vulnerability assessment, threat detection, behavioural monitoring and security intelligence/event correlation.
BlackStratus Log Storm combines log management and security information management with correlation technology, real-time monitoring and an integrated incident response system.
CorreLog Enterprise Server combines real-time log management with correlation, auto-learning functions, high-speed search, ticketing and reporting services. This software solution can be installed in minutes on a Windows host platform with at least 512Mb of memory and sufficient disk space to store log files.
ManageEngine’s EventLog Analyzer from Zoho is a little application that provides a lot of functionality. It takes an agentless approach to collecting and analysing machine-generated logs.
EventTracker Enterprise is comprehensive and designed to be scalable to address multiple locations, business units and domains using the EventTracker standalone, collection point and collection master architecture.
GFI EventsManager collects, centralises, normalises, consolidates and analyses a wide range of log types, such as: World Wide Web Consortium (W3C) and any text-based formats; Windows events; SQL Server and Oracle audits; and syslog and simple network management protocol (SNMP) traps generated by devices, such as firewalls, servers, routers, switches, ...
HP ArcSight Express features a full set of SIEM capabilities, including security event correlation, log management, IT search, NetFlow monitoring and compliance reporting.
The LogRhythm appliance goes way beyond traditional security event monitoring and management. It features log and event management functions, as with any SIEM, but beyond that it includes advanced correlation and pattern recognition driven by its onboard Advanced Intelligence Engine, host and file integrity monitoring and drill-down capabilities to get ...
McAfee Enterprise Security Manager is back this year after a full transformation from its former self, the Nitro ESM. Many of the obvious differences are skin deep and much of the robustness of the previous product remain intact, including the familiar management console.
Sentinel from NetIQ offers a lot of robust SIEM features and functions, including log collection, aggregation, correlation and analysis and reporting all from one single point that is easy to use and manage.
SecureVue from eIQ Networks provides all of the elements one would expect in a SIEM – log consolidation, threat correlation, incident management (including ticket issuance), event analytics, forensic analysis, compliance reporting, change auditing, event alerting, an array of user definable/customisable alerting and reporting options, and more.
SolarWinds Log & Event Manager (LEM) is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis.
The Threat Prevention Appliance from Check Point provides full-scale threat protection at the perimeter, as well as incorporating with endpoint security applications to provide a comprehensive security infrastructure.
Cyberoam CR2500iNG unified threat management appliance offers a multitude of security and threat prevention features for the network perimeter.
The NSA E8510 from Dell SonicWall is a monster security appliance designed for the large enterprise environment.
The InstaGate 604 from eSoft is an appliance we have seen come back year after year with an array of great features and functionality at a reasonable cost.
The FortiGate-60C-POE from Fortinet offers a combination of the functionality of a security appliance with the capabilities of a power over Ethernet switch POE.
Gateprotect GPZ 5000 is the ultimate multifunction security gateway appliance.
The term unified threat management can sound intimidating to administrators lacking in information security experience. Fortunately, basic UTM protection doesn't need to be overly complex, and Kerio Control is a great example of that.
Unified threat management solutions shouldn’t be limited to large corporations with unlimited budgets. Netgear agrees, and offers its ProSecure UTM25S at a price point that should be attractive to small businesses.
Panda Security’s GateDefender Integra eSeries eSB is both easy to set up and offers a rich feature set, with a great deal of flexibility. To get the most out of the product however, administrators should be familiar with a number of open-source technologies.
Perhaps best known for its anti-virus products, Sophos has produced a stellar UTM with its 220.
Administrators of smaller environments on a fixed budget could do very well by the aXsGuard Gatekeeper by Vasco.
While best known for its firewalls, WatchGuard is no slouch in the UTM space. As we detail below, its XTM 830, while somewhat pricey, provides an excellent enterprise-grade perimeter defence against viruses, spam and other unwelcome traffic – and includes a number of other features all in one easy-to-administer device.
Wedge 1005G Anti-malware Gateway looks good on paper, but in reality is a little disappointing. While the initial setup was easy enough, ease-of-use issues and documentation gaps made for a frustrating deployment experience.
This sounds a bit like one of those inflatable toys at local fairs inside of which children bounce around, or perhaps some science fiction environment that surrounds a planet.
Anti-malware today suffers from a frustrating dichotomy. First, it is, arguably, the most mature of all of the capabilities in the security practitioner’s toolkit. Certainly, McAfee is one of the grand old products of the genre.
This is one of those products that one would think is a no-brainer. Virtualised data centres can get very large and complicated and managing it is a challenge.
The notion of wrappers has been with us for a long time. Back in the early days of Unix and Linux, we used wrappers to provide security to not-so-secure applications, such as telnet. Today that concept has matured and we see it popping up in modern apps.
Rapid7’s Nexpose assists clients through the entire vulnerability management lifecycle – spanning discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation. Organisations can use it to gain insight into their security posture and IT environment.
GFI LanGuard 2012 offers a full set of vulnerability scanning and management features. It brings together vulnerability scanning, remediation and patch management, as well as network and software auditing, all under one roof. LanGuard is software-based and can be installed on almost any Microsoft Windows machine in the enterprise environment ...
The people at Core Security are at it again. We found this version of the product to contain more automation, more wizards and more options than previous versions we have tested.
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS option.
ManageEngine Security Manager Plus (Professional Edition) is a network security scanner that proactively reports on network vulnerabilities and helps to remediate them and ensure compliance.
Internal Scan - Cloud edition from netVigilance offers a full cloud-based vulnerability scanning engine that can scan both internal and external systems for vulnerabilities and compliance.