Centennial Devicewall Frequently Asked Questions
What is DeviceWall?
DeviceWall is a software solution designed to give organizations control over unauthorized use of specific portable devices based upon user profiles.
Which devices does DeviceWall support?
DeviceWall can actively manage a wide range of devices such as PDAs, iPods and other music players, USB sticks and external storage devices (including CD writers, Zip drives and external hard drives). DeviceWall also manages internal diskette and optical (CD and DVD) drives.
Which platforms does DeviceWall support?
DeviceWall works with the most common enterprise IT operating systems – Windows NT4, 2000, XP and 2003. DeviceWall does not currently support earlier versions of Windows or non-Windows operating environments.
How does DeviceWall work?
DeviceWall is an innovative solution that applies security policies selectively to specific classes of device. If a user attempts to access a ‘blocked’ device, such as a USB drive, Windows will simply generate an ‘Access Denied’ message. Access policies (or ‘Access Control Lists’) in DeviceWall are managed directly from a single Control Center.
How will DeviceWall be installed?
The DeviceWall Client Service must be installed on every computer where control of devices for user access is required. DeviceWall installs the Client Service seamlesslessly from a centralised management console on the server (the DeviceWall Control Centre), without any interruption to the user. IT administrators can manage and deploy the DeviceWall Client Service on every computer in their network from the Control Centre. The administrator simply sets the permissions required to allow or deny the user or groups of users (forming an Access Control List) and simply deploys the service.
Do IT Administrators need to manually connect to each computer in the network to make changes to permissions?
No. DeviceWall’s unique Control Centre technology enables this procedure to be achieved centrally simplifying the process.
Can users disable DeviceWall once a permission has been set?
No. Only IT administrators have the authority to control the permissions according to their network set-up and configuration. They should ensure users do not have the authority to make administrative changes.
Can DeviceWall be remotely deployed?
Yes. Administrators can perform this procedure from the Control Centre. Permissions can only be set from the Control Centre.
Does DeviceWall manage users or PCs?
Devicewall enables administrators to set permissions to access various classes of portable media device by users or groups of users. The actual computer upon which the client is installed will allow permitted users to access permitted devices but will block any activity by unauthorized users.
Can DeviceWall protect users computers who are offline and not on the network?
Yes. The security policy applied to a user is valid regardless of whether the PC is connected to the network or not.
Can DeviceWall enable a policy to be updated quickly if a legitimate need arises?
Yes. An updated policy can be instantly pushed to a PC in the instance of a normally-restricted user needing legitimate access to a certain device. Where the PC is not connected to the network (i.e it is ‘offline’), DeviceWall has the capability to grant one time access to a specific class of device until the end of the current Windows session. This unique feature means that organizations can maintain a high level of security by default while still reacting quickly and effectively to exceptional requirements on a case-by-case basis.
Does DeviceWall work with Microsoft Active Directory?
Yes. DeviceWall integrates with Active Directory to enable the Access Control List to be managed as well as to allow computers users and user groups to be browsed for deployment of the client service. However, Active Directory is not a required component.
Is it possible to control access to devices with only a password?
No. DeviceWall prevents unauthorised access to devices on a user-level basis – certain USB storage devices can bypass passwords set to computers, thus making a password-only solution weak.
How are real-time access rights and unattended policy updates made?
DeviceWall uses MS IIS to automatically update the client service when a policy update is made by the administrator. This ensures simple and rapid deployment across network with minimal interruption to users.
|
