Reflex Magnetics - Security Software Experts, UK Data Security Software Since 1985
www.reflex-magnetics.co.uk

home news products services support corporate downloads online sales
search
Reflex Magnetics - Security Software Experts, UK

reflex disknet pro
security policies on a company-wide basis...

Disknet Pro Logo

Reflex Magnetics Disknet Pro

current server version: 4.70
current client version: 4.70

What Reflex Disknet Pro offers?
 
» Removable media encryption
» Removable media content management
» USB Port Control
» USB Device Control
» Control the use of removable media storage devices
» Centralised auditing and alerts
» Unauthorised software/file protection

What can Reflex Disknet Pro do?
 
» Seamlessly encrypt removable media
» USB management of storage devices
» Flash memory security
» Allow managed access to USB storage devices
» Block malicious e-mail content
» Block illegal software installation
» Block .exe .com .vbs .mp3 files etc
» printer, modem permissions management

View Page
 
Introduction
Features Explained
Detailed Description
Endorsements & White Papers
Certificates






common criteria cert. ELA2

DIPCOG cert.

ITSEC cert.
Features & Benefits Explained

goto:

Manages the use of all removable media & I/O devices (printers, modems, PDAs, scanners, RIM, Bluetooth etc)
Using kernel mode filter drivers the Reflex Disknet Pro Device Manager enables the system administrator to centrally manage access to all I/O/removable media devices. Supporting both "Black List" and "White List" security the system administrator can manage access to any device based on either device type or more granular protection such as specific brand and/or model of device.

All device connectivity is filtered on any PC port including, USB, Com, Bluetooth, IDE etc. By applying security permissions to devices it is also possible to block access to all removable media, CD/DVD drives, and Unauthorised hard disks.

This feature prevents users from connecting unauthorised devices to the PC ports including hardware such as a modem and provides On/Off/Read only protection as opposed to the more granular approach offered by Removable Media Manager detailed above.
Removable media manager (I/O device management)
It is often desirable to provide greater control over the use of removable media storage devices than offered by Device Manager. The Removable Media Manager enables the unique identification of each and every device used on the network using a digital signature. By uniquely controlling access to removable media/IO devices, the system administrator can control user/group access to floppy disks, memory sticks, PDAs, flash memory, Zip/Jazz drives, digital cameras etc. (CDs, CDRs, DVDs can be protected by integrating Reflex Optimum).

Removable Media Manager controls device access on all available ports including USB and Firewire. All removable media/IO devices must be authorised before use is granted. Authorisation can be centrally managed or users can authorise their own devices providing certain rules are met (see data authorisation & Anti-Virus scanner integration below).

A digital signature is written to each device to mark it as authorised. The digital signature is automatically updated during file transfers within the protected environment. If changes to the media are permitted outside of the organisation, the device will require re-authorisation before it can be used again within the protected environment.

The system enforces that all devices are virus free, prevents illegal importing of data and more importantly can prevent the unauthorised exporting of data. This system will also stop users gaining access to any unauthorised hot-swap & plug-and-play devices.

download

Transparent Removable Media Encryption (Encryption Policy Manager)
Reflex Disknet Pro can be supplied with the optional Encryption Policy Manager (EPM). The Reflex Disknet Pro EPM has been designed to address the issue of information leakage via removable memory devices. Flash memory is very useful and with modern operating systems providing plug 'n' play interoperability it is an extremely appealing storage medium. However, along with the ease of use - with the very portability of this new memory (small in physical size) gigabytes of data can be transported about on devices no larger than a pen. The Encryption Policy Manager promotes the secure use of removable media storage devices where clear business drivers exist. Encryption can be a global organisation standard or segregated into organisational units and groups.

EPM is a client>server based component providing encryption to all removable media storage devices via a secure encrypted client>server communication channel. Encryption is policy driven and can be enforced from the server. Although the initial encryption of a device requires the client to be online to the server, it is possible by means of a user password to decrypt previously encrypted media when off-line if permitted by the system administrator.

There are 2 modes of offline access:

EPM Freeware Client: The EPM freeware client can be downloaded and installed onto any third party system. Once installed the user can access encrypted removable media off site with full read/write access via a password.

EPM Explorer: Due to operational requirements of many organisations and the required usage of removable media storage devices, the installation of client software onto third party systems to access encrypted media would not be a suitable solution. To enable transparent and authenticated access to encrypted removable media a standalone application has been created that can run without the requirement to install any third party software onto the target machine.

The Encryption Policy Manager Explorer provides the following features:
  • Access encrypted removable media devices without requiring any software installation
  • Enables the user to extract encrypted data into clear text on the target machine
  • Provides secure 'double click access' to open encrypted documents and then performs a secure erasure on the target machine once the document is closed. In this mode all traces of sensitive data will be removed from the target workstation.
The encryption/decryption technology is wherever possible transparent to the user thus negating any need for the user to understand the underlying technology. All encryption is AES 128/256 Bit. Key management has been designed to be uncomplicated and minimal requiring no user action if keys need to be upgraded or changed. Legacy keys will always decrypt older media. Key recovery is built in allowing the crypto custodian(s) access to all media at any time if required.

Once a user has been added to a group that has the encryption module activated, the user will not be aware that all data being written to the memory device is being transparently encrypted, nor would they have the choice not to encrypt this data.

download

Unauthorised software/file protection
Provides profile based file management. Users can be prevented from creating defined file types on the local workstation and network drives. File types are specified by extension and can be used to prevent the introduction of unlicensed software (.EXE, .COM, DLL etc), malicious file types (.VBS .SCR etc), or simply unwanted file types (MPG, MP3, JPG etc).

Protection is provided from any external source including e-mail attachments and web downloads. This component also provides unrivalled protection against new and unknown virus attacks. For example, both W32/MSBlast & W32/SoBig would be automatically blocked from infecting the machine simply by preventing the creation of unauthorised executable files. This feature will also block the introduction of any adware or spyware.

download

<< Introduction Features & Benefits Explained (cont.) >>

Home | News | Products | Support | Links | Contact Us | Site Map | Employment | Downloads | Press releases | E-Sales
© Reflex Magnetics 2002-2006. All rights reserved