Protect On Q v2.7
Strengths: Added security to web browsing and provides protection to any PC used with a near-zero footprint on the device
Weaknesses: Limited endpoint protection features and reporting
Verdict: Not a full-featured endpoint offering; a good web app protection tool
Protect On Q (POQ) v2.7 from Quarri Technologies is a security software solution that empowers organisations to protect browser-delivered content from compromise on the endpoint.
POQ enables IT professionals to deliver and enforce secure web sessions on-demand that prevent the unauthorised use and replication of confidential data while it is in transport and use. The solution works by protecting web sessions from pre-authentication to logout, with minimal installation requirements and without leaving installed software behind on the accessing device.
The POQ-hardened browser shields sensitive data from keyloggers, frame grabbers, session hijackers, cache miners and other malware, while blocking inbound attacks as well. POQ also enables organisations to enforce security policies that prevent end-users from copying, saving, printing or screen-capturing browser-delivered data, including from browser-launched processes such as Adobe Reader, Microsoft Office and ZIP files.
POQ is delivered on-the-fly when end-users log in, ensuring privacy by encrypting session data, including cached files, cookies, password store and history. All session data is overwritten and deleted at the end of the session. What's more, POQ also protects against session hijacking by controlling all browser networking.
Before installation of the POQ application, Java and Apache Tomcat (or another Java servlet container) must be installed and operating. The manager installs into Tomcat 6+ or other servlet engines with Java 6+. The server also installs into Tomcat 6+ or other servlet engines with Java 6+. After Java and Tomcat are installed, the POQ server and manager installation is fairly straightforward. One downloads and copies the WAR files into the Tomcat web apps directory, restarts and then accesses the console via a browser through the local host address.
The first thing one sees in the console is the policy screen. Administrators use the policy manager to create policies and set the default protections through the security settings that control how POQ will handle - and prevent - malware.
POQ enables organisations to define security policies that deliver application-specific settings that are packaged with the binary Enforcer components. The provisioning server can be the web application server or a remote standalone server.
POQ enforces security only in the protected session. No other browser instances or applications are affected. POQ integrates directly with web servers or with popular web gateway frontends.
The product can be configured to either be optional (the end-user clicks a link on a web page to start the protected session) or required (the end-user must be running a POQ browser in order to access the web resources).
Documentation is good and helped us through the install and configuration activities.