Senforce enforces client security wisely

Senforce Technologies Inc.’s enterprise mobile security manager (EMSM) is a centrally managed platform for creating and deploying very granular access control policies to both local and remote users. EMSM goes well beyond checking to see whether the client’s antivirus is up to date. It focuses on enforcing security policies based on location, disabling remote storage devices, wireless adapters, and even specific IP services on the client, based on whether it is connecting wired or wirelessly, or via a trusted or untrusted network.

The EMSM management server requires Microsoft Corp.’s SQL Server 2000 for its storage needs and the client only runs on Windows 2000 and Windows XP Pro. It is US$89.95 per seat. The heart of EMSM is the Policy Editor, where administrators define the policies for specific situations, such as whether a PC is connecting via the LAN or a laptop is wirelessly accessing the corporate network. Senforce’s Policy Editor is a powerful tool and allows a fine level of control over users and PC services.

I did find the process of creating a policy a little confusing but it was not overly complex. Using Policy Editor, I created a couple of different profiles: one for my test lab and another for a remote user. In both situations, EMSM correctly identified my laptop’s network address and pushed the proper policy to it.

Admins use EMSM’s Network Environments to define network characteristics so they can determine where a client has logged in and which policy to enforce. I was impressed with the level of detail available when describing a network location. Choices include IP addressing, gateway, MAC address and wireless access point SSID (service set identifier), as well as DNS, DHCP, and WINS addresses. By using combinations of these parameters, you can deploy a policy for just about any location you can think of, even based on which DNS server was assigned to them via DHCP.

The Adapters and Access Points list provides a fine level of control over dial-up, wired and wireless adapters. Especially powerful for wireless locations, EMSM allows admins to define a specific access point a laptop can connect to while ignoring all others. This is especially useful when you want to make sure wireless communication only takes place inside your enterprise.

The Senforce Mobile Security Client intercepts network traffic at the NDIS layer. Inspecting network traffic from there requires much less CPU time than is required by other client integrity products, such as Sygate and Integrity. For all of its impressive features, EMSM is not a perfect product. Creating policies is not an intuitive process, although there are some wizards to step you through it. I felt like I was constantly jumping back and forth between settings to get my policy created. Also, the client-side application runs as a service under Windows 2000 and XP. If your users have local administrative rights to their PCs, they can stop the service and thereby circumvent the policy enforcement. Both of these problems are being addressed in an upcoming release of EMSM due early in 2005.

Senforce Enterprise Mobile Security Manager is a great tool for managing your end-point security from a single, centralized location and the level of granularity is first rate. It is flexible yet in control of not only which network services a client can use but on which types of network they can use them.

QuickLink 053848

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now