ICL-KME CS offers you DeviceLock – a solution for managing access to USB, FireWire, floppy drives, CD-ROM and other devices, developed by SmartLine Inc.

DeviceLock enables you to:

• Manage access for users or groups to devices (floppy drives, CD/DVD-drives, removable storage devices, hard drives, WiFi, Bluetooth, etc.) and input/output ports (USB, FireWire, COM, LPT, IrDA).
• Manage access for users or groups to devices and input/output ports depending on time and weekday.
• Set “read-only” access type for removable media drives, floppy drives, hard drives and CD/DVD- drives.
• Protect disk drives and removable storage devices from accidental or intentional formatting.
• Define for each user or group a list of devices to which access is always allowed. The devices may be identified by models and unique serial numbers.
• Identify a specific CD/DVD based on data recorded and allow to use it even if the CD/DVD drive is blocked. A separate list of media may be defined for each user or group.
• Grant temporary access to devices without network connection to the agent. The administrator tells the user over the phone a special short alphanumeric code which temporarily enables access only to the required device.
• Log all the users’ operations with devices and files (copying, reading, deleting, etc.). It is also possible to log changes in DeviceLock settings, and the agent’s start and stop time.
• For each user or group, save the shadow copy of data copied on peripheral devices and transferred via serial and parallel ports (shadow copying). Shadow copies of all files and data are saved in the SQL database on the server.
• Provide the required security level even if the network users have administrative privileges on their local computers. When DeviceLock protection is enabled nobody except authorized administrators can connect to the agent, stop or delete it. Even the members of Administrators local group (if they are not on the Authorized administrators list) cannot get round the protection.
• Using the remote management system provides access to all possible program functions from the system administrator’s workstation. DeviceLock Management Console is a snap-in for Microsoft Management Console with a standard interface intuitive for any Windows administrator. Besides, for managing DeviceLock in networks where Active Directory is not used, there is an additional console with its own interface – DeviceLock Enterprise Manager.
• Manage via Windows group policies in the Active Directory domain using standard Group Policy snap-in which is delivered as part of Windows 2000 and later operating systems. Full integration into Windows group policies enables one to automatically install DeviceLock on new computers connected to the corporate network and do the setup for new computers in an automatic mode.
• Choose computers directly from LDAP directory services (such as Novell eDirectory, Open LDAP, etc.).
• Provide centralized storage of audit history and shadow copying. For centralized retrieval and storage of shadow copying data and audit history an additional component, DeviceLock Enterprise Server, is used. You can install several instances of DeviceLock Enterprise Server in your network in order to uniform load. DeviceLock Enterprise Server users SQL Server for data storage.
• Generate reports on setups and devices (USB, FireWire, and PCMCIA) used by users on their local computers.

For further information please call us on +7 (843) 272 8161, 513 0145 or e-mail security@icl.kazan.ru.