StormShield Device Control
Strengths: Very strong endpoint solution to protect enterprise or corporate assets
Weaknesses: Not a lot of protection on the portable device
Verdict: If you want to control access from personal portable devices to your PCs this is a great solution
StormShield Device Control version 5.1 is part of the StormShield integrated offering. StormShield is a distributed protection system that covers all the workstations belonging to an organisation. Its architecture is based on a multi-tier model and on deployment techniques that allow it to be quickly integrated into the network. The architecture includes the StormShield Server, database, StormShield Management Console and client agents.
The server installation went well. The product required a database back end but it did ship with an integrated MSDE that we used as part of our test load. There are capabilities to deploy slave servers with a shared SQL back end that would complicate the deployment.
The product is a full-featured endpoint security solution. For this review we focused solely on its ability to deliver protection based upon our criteria for portable devices. This protection was delivered through the product's Device Control feature.
StormShield policies are centrally managed by the SkyRecon console, where risk-based policies can be defined to control how, where, and by whom any I/O device can be used. Portable phones are treated as any other USB I/O device. We had full AD integration for discovery and management of our remote PC and agent deployment options to automate the remote installation.
Once we could manage the remote PC we were ready to manage our portable device. Portable devices would be managed through its port connection on the remote workstation/PC. It would also need to be synchronised using ActiveSync. We could then manage the portable device as any other USB connected storage device.
Standard support is included for 18 per cent of the licence fee. Additional support options are available. Documentation was complete and very detailed.
This is a great solution for an organisation that would want to cover all aspects of endpoint security. As a standalone portable device security solution, it was very complex for little additional security on the device. As a corporate endpoint protection solution against devices attaching in an unauthorised fashion to corporate assets, it's a great solution. You have to decide what is important to you.