| |
Certus Lateo® turns your network infrastructure into a secure network compound, accessible only to devices which have been granted access in the solution's central management. A software component, respectively a driver, is installed on previously-defined members of the network compound. This driver then serves as an automatic identification. If this identification is not present, the machine will be prevented from communicating with the network compound.
First the definition of the members, which are allowed on the network compound needs to be done. Some examples are:
- Entire corporate net (LAN/MAN/WAN)
- Single departments (e.g. Finance, Management, R&D etc.)
- Single Network Segments (e.g. Server Farm etc.)
Each of these members of the network compound (workstations, notebooks and server) gets a Certus Lateo® driver. This can be performed manually or by software deployment solution (Certus Lateo® is delivered as .msi packet).
Subsequently the members must be allocated to the groups on which the predefined security policies are defined. Below some examples of possible configurations per group:
| Group |
Network Traffic |
Exceptions |
Mass Storage Devices |
CD/DVD-ROM |
| Accounting |
Yes |
Port 80 |
Encrypted |
Blocked |
| HR |
Yes |
192.xxx to 192.xxx |
Blocked |
Blocked |
| Management |
Yes |
192.xxxxx |
Open |
Open |
| Administration |
No |
Port 4455 to Port xxxx |
Blocked |
Blocked |
Once the members are allocated to the group the predefined security policies are activated. Please be aware: The more exceptions you will define, the more possible security vulnerabilities you have!
This way of implementation wraps a basic protection around your network infrastructure which covers the network traffic as well as mass storage devices like USB Sticks, CD/DVD-ROM and other mobile devices. Your data will be protected once they leave the secure environment.
Operation range
Encryption and blocking functions for:
- Network connections (LAN/MAN/WAN)
- WLAN
- Peer to Peer
- USB Sticks (type independent)
- Memory cards
- Mobile device storage
- External hard drives
- CD/DVD/Blu-ray drives (blocking of write capability)
|
