Endpoint Protector - User Manual
Contents
1. Web Browser E mail Instant Messaging Cloud Services File Sharing Social Media Others E Internet Explorer a F Outlook Attachments a F Icq a E Google Drive Client a EasyLock a Chrome J Outlook Body J F AIM E iCloud Client F Windows DVD Maker J Mozilla Firefox Mozilla Thunderbird Skype F F Dropbox Desktop FileZilla E Opera J Windows Live Mail F Windows Live Messeng iCloud Photo Stream f GoToMeeting E Safari F F Outlook Express 7 F Yahoo Messenger F SugarSync File Manag HTC Sync for Android AOL Desktop 9 6 Windows Mail Gaim uTorrent F InfraRecorder Aurora Firefox AOL Mail E Pidgin E BitComet iTunes K Meleon Courier F Trillian Microsoft Skydrive c F iTunes Apple Maxthon X F IBM Lotus Notes v Google Talk X LimeWire X F iTunes ConHost v All All m All E All All There are five main categories of transfer destinations to control e Controlled device types comprises the list of all removable devices registered to My Endpoint Protector 38 My Endpoint Protector User Manual Note For Controlled Device Types category My Endpoint Protector will monitor file transfers both to and from removable media e Clipboard refers to all content captured through Copy amp Paste and Cut amp Paste operations e Disable Print Screen refers to the screen capture option e Scan Network Share refers to content2. Ce MY ENDPOINT PROTECTOR Dashboard D My Account Filter Device Control nentis Content Aware Protection CAP i E Mobile Device Management les Offline Temporary Password fan Reports and Analysis as Alerts Define Alerts Alerts History Define Content Aware Alerts Content Aware Alerts History r Define MDM Alerts MDM Alerts History 4 Downloads B ser SE fa o 3 3 a T ilil 193 results 20 x per page Delete History My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Device Type Internal CD or DVD RW Serial Port USB Storage Device USB Storage Device USB Storage Device USB Storage Device USB Storage Device Internal CD or DVD RW Serial Port Internal CD or DVD RW Local Printers Local Printers USB Storage Device USB Storage Device Internal CD or DVD RW Serial Port Serial ATA Controller USB Storage Device Serial ATA Controller USB Storage Device Back Device TEAC CD 552G Communications Port COM1 USB_FLASH_DRIVE USB_FLASH_DRIVE USB_FLASH_DRIVE USB_FLASH_DRIVE USB_FLASH_DRIVE TEAC CD 552G Communications Port COM1 TEAC CD 552G HP LaserJet P1005 1 2 0 224 HP Officejet 5600 series SD MMC USB_FLASH_DRIVE HL DT ST DVDRAM GH24NS95 SCSI CdRom Devi Communications Port COM1 Intel R 7 Series C216 Chipset Family SA USB_FLASH_DRIVE Intel R 7 Series C216 Chips
3. _ 03 Jul 2014 12 52 4 2 8 9 PC Licensed 24 Jun 2014 11 11 35 ZAA E w Ss Sse 86 124 96 62 WORKGROUP 03 Ju2014 11 32 4 2 8 9 PC Licensed ZAA E w e pa 86 124 96 62 WORKGROUP 01 Jul 2014 16 30 1 2 2 0 Macintosh Offine 24 Jun 2014 12 04 07 FAA E w F E 86 124 96 62 WORKGROUP 01 JuL2014 09 47 4 2 8 9 PC Offine 27 Jun 2014 17 54 52 ZAA E w e Computer Rights CESSES 86 124 96 62 WORKGROUP 26 Jun 2014 14 17 4 2 8 9 PC Offline 26 Jun 2014 11 30 29 FAA E w e D m 86 124 96 62 WORKGROUP 27 Mar 2014 12 00 4 2 4 4 PC Offline FAA E w User Rights T 86 35 2228 WORKGROUP 16 Dec 2013 10 40 4 2 6 6 PC Offline FAA E w e Groups 86 124 96 62 WORKGROUP o 28 Aug 2013 16 51 1 2 2 3 Macintosh Offline 26 Jun 2014 11 05 38 FAR E w eO Group Rights J 192 168 0 16 Unlicensed 16 Aug 2013 13 26 31 FAA E w ee Custom Classes 192 168 0 1 Wowwww Unlicensed 02 Jub2014 12 22 12 ZAA E w Content Aware Protection CAP 40 results 20 x per page g Mobile Device Management o Create ov Export Delete Back igs Offline Temporary Password aa Reports and Analysis fag Alerts Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 20 My Endpoint Protector User Manual The available actions here are F 440 Eme Edit Manage Rights Manage Settings Offline Temporary Password Computer History E
4. agent agency etc won t be reported blocked The URL Whitelist displays a list of URL whitelists By selecting one or more whitelists the Content Aware Protection agent will not scan uploads or attachments to the web addresses present in the whitelists Whitelisting works for Internet Explorer File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Policy Action will apply only to the following applications if selected Internet Explorer _ All 7 Default URL Whitelist To add delete and edit URL Whitelists Go to Content Aware URL Whitelists The Domain Whitelist displays a list of domain whitelists By selecting one or more whitelists the Content Aware Protection agent will not scan mails sent to the recipients or domains present in the whitelists Whitelisting works for Microsoft Outlook and Mozilla Thunderbird Policy Content File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Regular Expressions F Policy Action will apply only to the following applications if selected Outlook and Thunderbird All E Default Domain Whitelist To add delete and edit Domain Whitelists Go to Content Domain URL Whitelists The Regular Expressions shows the list of the created regular expressions and the administrator can select up to five 5 expressions Policy Content File Type Filter Predefined Content Filter Custom
5. 124 96 62 Disconnected 5n 88 124 96 62 Device act TD DEAPAD PC WINS 86 12496 62 Unblocked DEAPAD PC WINS S5 12496 62 z 3 amp g ia mE See Al Loos My Endpoint Protector Copyright 2004 2014 CoSoSys Lid Al rights reserved Last login 26 seconds ago trom your current P 8 My Endpoint Protector User Manual Device Control Used for administration of Devices Computers Groups and Client Users Device Control Dashboard Global Rights Effective Rights Global Settings Devices Device Rights Computers Computer Rights Users User Rights Groups Group Rights Custom Classes This is the most important module of My Endpoint Protector In this module the administrator can set up and enforce security policies by assigning specific rights to devices computers and computer groups In this module the administrator can edit manage rights and settings or even delete devices computers or groups He can also create groups and add or remove client users Reports and Analysis Designed to offer the administrator information regarding the past and current activity on the system Server and Clients It includes several sections such as Logs Report Content Aware Report Admin Actions Online Computers User History etc Several information formats are available for view and export a Reports and Analysis Logs Report Ez Content Aware Report Admin Actions Online Computers mM On
6. Delete Once a new domain whitelist is added it will be automatically displayed inside the Domain Whitelists tab 6 5 Content Aware Regex Regular Expressions By definition Regular Expressions are sequences of characters that form a search pattern mainly for use in pattern matching with strings An administrator can create a regular expression in order to find a certain recurrence in the data that is transferred across the protected network Content Aware Regular Expressions Show all departments Regular Expressions Name Description Expression Createdat Createdby Modifiedat Modified by Actions Default Regular Expression Expression To Verify An E mail Address 0 9a zA Z _ 0 9a zA Z _ a zA root root A amp D Add New Edit Regular Expression Information Regular Expression Name Default Regular Expression Regular Expression Description Expression To Verify An E mail Address Regular Expression Content 0 9a zA Z _ 0 9a zA Z _ a 2zA Z 2 4 G Save 1O Delete Example that matches an e mail 0 9a zA Z _ 0 9a zA Z _ a ZA Z 2 4 44 My Endpoint Protector User Manual Example that matches an IP 25 0 5 2 0 4 0 9 01 0 9 0 9 25 0 5 2 0 4 0 9 01 0 9 0 9 3 Note If possible avoid using Regular Expressions as their complexity typically increases the resources usage Using a large number of regular expressions as filtering criteria typically increases CPU usage
7. HO 19 My Endpoint Protector User Manual 5 5 2 Enable Device Read Only Access With this option the administrator can enable read only access to devices preventing the deletion or alteration of data on the device s The administrator can configure each device individually and can also choose for what computer and group it will apply to 5 5 3 TrustedDevice Level 1 to Level 4 This option has four levels Selecting either one of these implies that you already have knowledge and understanding of how TrustedDevices and EasyLock work For more information please see section How a Level 1 TrustedDevice Works in this user manual 5 5 4 WiFi Block if wired network is present With this option the administrator can disable the WiFi connection while a wired network connection is present The WiFi connection will be available when the wired network is not present 5 6 Computers This is the module responsible for managing the client computers MY EN DPOINT Welcome Network Administrator Logout PROTECTOR Live Help Online C Q Advanced Search Dashboard List of Computers FA My Account Filter m Device Control Resuts Dashboard s 5 z J Computer Name IP Workgroup Domain Default User Location LastTime Version License Modified at Modified by Groups Actions Global Rights All Online v Eiecive vig EEE 86 124 96 62 WORKGROUP
8. Financial Depoartment i Test User Computer TestPC Device type USB Storage Device D Any Event Disconnected Alert administrators Addresses administrator email company com Add New Address Note Insert e mail addresses if you want to send the alerts to multiple addresses G Save G Save Add t Back Then select the Group Client Computer Device type or Device depending if you mean a single device or all devices of a certain type and the event that will trigger the notification You can also select one or more users to receive the same notification s This is useful in case there is more than one administrator for My Endpoint Protector Example if you want to be notified when a certain device is connected to a certain computer you must set up an alert choosing the specific device and computer that you wish to be notified of and selecting the Connected event from the events list The Client and Group fields do not influence the triggering of the alert so there is no need to fill them out Setting up a value for the Group field means that the alert will be triggered when the selected event occurs for any clients or computers in that group If you try deleting any items Users Groups Computers etc that have been used in setting up an alert you will receive a notification and you will not be able to delete them Could not delete the selected Client machine Could not
9. Q Apply filter Users User Rights Righ Result Groups Group Rights Custom Classes A The rights are displayed from lower to highest priority and they are in a raw form Content Aware Protection CAP Device Type Device Right Using File Whitelist Observation Defined On g Mobile Device Management Unknown Device Deny Access No Inherited from Global Policies Global Offline Temporary Password iPad Deny Access No Inherited from Global Policies Global USB Storage Device Allow Access No inherited from Global Policies Global E Reports and Analysis iPod Deny Access No Inherited from Global Policies Global Internal CD or DVD RW Deny Access No Inherited from Global Policies Global Alerts Serial ATA Controller Deny Access No Inherited from Global Policies Global Internal Card Reader Deny Access No Inherited from Global Policies Global Downloads WiFi Allow Access No Inherited from Global Policies Global Internal Floppy Drive Deny Access No inherited from Global Policies Global O Support Bluetooth Allow Access No inherited from Global Policies Global Local Printers Deny Access No Inherited from Global Policies Global FireWire Bus Deny Access No inherited from Global Policies Global Windows Portable Device Media Transfer Protocol Deny Access No inherited from Global Policies Global Serial Port Deny Access No Inherited from Global Policies Global Digital Camera Deny Access No Inherited from Global Policies Global PCMCIA Device Deny Access No inherited from
10. This module will allow the administrator to edit group settings It is accessible from the Groups tab where you have to click on the Settings a button Welcome Network Administrator Logout es PROTECTOR FW Live Help Online Q Advanced Search Dashboard Edit Group Settings fn My Account Cl Device Control Mame Sales Department Dashboard Description This group belongs to the sales deparment Global Rights Effective Rights Settings Global Settings g Toe Mode Normal Device Rights Notifier Language English Computers Computer Rights Logging Users User Rights Created at 26 Jun 2014 10 29 06 Groups Created by Group Rights Modifi t 30 Jun 2014 14 46 55 ee p odified a Modified by Content Aware Protection CAP G Save t Back g Mobile Device Management les Offline Temporary Password T Reports and Analysis fag Alerts s Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP Creating groups of Computers makes editing of settings easier and more convenient 5 15 Custom Classes This module is responsible for creating new classes of devices for an easier management inside the system It is a powerful function especially for devices belonging to the same vendor and or being the same product same VID and or PID 29 My Endpoint Protector User Manual
11. c 50 8 Reports and AnalySIS ccceeceecseeeeeseeeees 51 8 1 Content Aware Report ou ccccscsecscnevesccevesuncvesevavessauanesenars 51 CZ AUMMM ACUONS ceca eee 52 Gio ONIN COM DULCIS siscrisiiin isin tcectaasadecceatanustcoasiestsuasdeases 53 oe ONNE USE i a a A 53 Das ONING Blo see ee R 54 8 6 Computer HIStOTY ssssssssssssernrsrrrnrnnnnrnrnrrrnrnrrnrnrnrrrrrnrnne 55 S E a e E E EEEE EEEE EE 55 8 8 Device HISCOy sesesessssrernrnnrnrnnrrnrnnrnnrnrnrnrnrnrnnrnrnrrrrrnrnne 56 P EO EEE A EF 57 9 1 Dene Alerts cacncnsecareverucaresoccentssninceresnracstacercorsconacstesniace 59 Dees AOR SCOR soissericuis eis renn AEEA AENA 60 9 3 Define Content Aware AlertS sssssssssssrssrenrrenrenrrrsnresrrnns 61 9 4 Content Aware Alerts HIStOry ssssssssssnnnnnnnnurununnnnnnnsennnas 62 9 5 Define MDM Alerts sssssnasnnnnnnnnnnnannnnnnannnnnnnnnnnnsnnnnnnnnnnnn 62 9 6 MDM Alerts HISO WV sricsosisosorisnisrori sinisen inni nia 63 WO DOWMOSGS sccgcctecnaserececancesieeatevecasgase 64 10 1 Installation Files amp Enrollment cccccceceeeeeeeeeeeeeeeeeeeeeeees 64 10 2 EasyLock Encryption Software sessssssessesssussnsnsnnsnsnsnenas 64 Ll My ACCOUN ccsessscecacernsascce ceveceswnnceauess 66 Ede ONG DE OO renari nE EENAA NE 66 i Ea SLES E E E E E E E E 66 Loy SUD CND UON ene EEES 67 Pleads CIAC eee r E ee ee ere ee rere 68 11 3 2 Appetizer liC NSC cccccseeeeeeceeeeeceeescecccuuennaeunteseeeenesegs
12. disabled via My Endpoint Protector PCMCIA Devices These devices can be enabled disabled via My Endpoint Protector Biometric Devices These devices can be enabled disabled via My Endpoint Protector Bluetooth These devices can be enabled disabled via My Endpoint Protector Printers Applies to serial USB and LTP connection methods These devices can be enabled disabled via My Endpoint Protector 1 4 Windows and Mac OS X Client Support All features in My Endpoint Protector are available for Windows Clients The Support for Mac OS X Clients is in some ways limited but all core security features are alSo supported for Mac OS X We do our best to not only have My Endpoint Protector as the best device control and endpoint security solution for Windows but also for Mac OS Thank you for your support and understanding 1 5 Conclusions As information theft and proprietary data leakage are a reality of today s business world effectively preventing all possible security breaches is becoming an ultimate concern for enterprise security experts Endpoint security comes to complete your existing security policies aiming to render it full proof As new circumvention and data compromising techniques come to diminish the benefits of new devices and gadgets My Endpoint Protector secures your company s technologically enabled mobility Thus by easily protecting all exposed endpoints from inbound and outbound threats you can
13. f Also the password needs to be at least 8 characters long Content Aware Protection CAP Personal Information go Mobile Device Management Salutation Mr lgs Offline Temporary Password First Name Network Last Name Administrator E Reports and Analysis Company Company VAT ID 123456789 fag Alerts Phone 07444444444 Fax 07444444445 E mail 1 administrator email compai E mail 2 2admin email company cor Downloads Street CompanyStreet O Support City CompanyCity State CompanyState ZIP Code 400000 Country Romania Other After login Show My Endpoint Protector Start Page Language English x Timezone GMT 02 00 Bucharest Note Fields with are required G Save My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 day ago from your current IP 11 3 My Subscriptions My Subscriptions contains a list of your subscriptions trial appetizer and paid ones with information like their type their number and their expiration date Welcome Network Administrator Logout PROTECTOR BW Live Help Online C Q Advanced Search Dashboard My Subscriptions Account ny Your unique ID for installation enroliment Prole Dek My Packages My Licences My Subscriptions oa Name Type Description Subscription Start Date PCs MDs to Protect Subscription Until Next Payment Client Software Upgrade Client Uninstall Custom Package Device Control And Content
14. 68 PA A Gel a SUDSCHDUON acseatetnnceatetasceatetanstatetanssatetaneeatetanesaeeens 68 11 5 Client Uninstall Protection ccccccccceeeeeeeeeeeeeeeeeeeeeeeeeenees 69 12 My EPP App for iPhone and iPad 70 13 Enforced Encryption with TrustedDevices71 IV My Endpoint Protector User Manual 13 1 How a Level 1 TrustedDevice WOrkS cece ee eeeeeeeee eee eens 72 13 2 EasyLock Software for TrustedDevices Level sses 73 14 My Endpoint Protector Client 74 14 1 My Endpoint Protector Client Security cc eee eeeeeeeeeeeeeeees 74 14 2 Client Notifications Agent cccecceenueeeuseecceeuueesneeuuueennees 74 14 3 Offline Functionality for My Endpoint Protector Client 75 14 4 DHCP 7 Manual IP GOGESS vive cicecdwintenstwccivndiwkctuacianeteaciukawn 75 14 5 Client Removal s ccaccaansaansaceescaearaed qeeaadeaareeeueaaceseesaaaeeaeeaans 75 14 5 1 Client Removal on Windows OS ssssssssssssssressrenrrrrsrrrsrrrnns 75 14 5 2 Client removal ON MAGC OS Xissreriisirerrenerier iritira erkka 76 15 Terms and Definitions s sssssssssssrsssrss 77 dedi SEL V Cl REI a E E 77 PO ee COMIC a e E E 77 16 Endpoint Protector Product Family 80 EZ SUPPO cariene rann E 81 18 Important Notice Disclaimer 82 Portable storage devices such as USB flash drives digital cameras and MP3 players iPods are virtually everywhere and are connected to a PC via plug and play within s
15. Aware Protection Device Control And Content Aware Protection Package for 50 PCs for 365 days 02 Aug 2013 07 12 56 50 02 Aug 2014 07 12 56 Custom Package Mobile Device Management Mobile Device Management Package for 50 MDMs for 365 days 02 Aug 2013 07 12 56 50 02 Aug 2014 07 12 56 Device Control Content Aware Protection CAP 7 Get a Subscription Mobile Device Management a Note Subscription purchases to My Endpoint Protector can take up to 30 minutes to 3 process and to appear in your My Subscriptions overview Thank you for your patience Offline Temporary Password Reports and Analysis Alerts Downloads SARA mA Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 68 My Endpoint Protector User Manual Licenses can be purchased for Device Control Device Control and Content Aware Protection and separately for Mobile Device Management Device Control licenses are used for registering the My Endpoint Protector Client enabling the communication with the My Endpoint Protector Server Once registered with a valid Endpoint license the My Endpoint Protector Client remains active for an unlimited period of time regardless of the status of the other license types Content Aware Protection licenses can be purchased together with Device Control licenses Since these licenses are purchased together they are also assigned as such to endpoints meaning t
16. CAP Financial Sales Marketing IT Trading Create your own Dashboard Priority 1 Priority 2 Priority 3 Priority 4 Priority 5 Effecive Rights File Types File Types File Types File Types Create new Policy with your Content Aware Policies own settings Custom Content Custom Content Dictionaries Click on Policy to select it Content Aware URL Whitelists Content Aware Domain Whitelists Double dick on Title to edit a Content Aware Regex On On On On On Policy B Mobile Device Management Add New Duplicate gR Edit Delete les Offline Temporary Password E Reports and Analysis Policies Apply To Show Help E wn FF aa Groups Caa Macs A Users 4 Downloads dik F Financial Depoartment V MacBook Pro Vv O Support Marketing Department Tony s MacBook Pro Sales Department Q Search amp Q ch amp Q h amp All m All All G Sa My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP The available actions are Add New Duplicate Edit and Delete A new policy can be created also by clicking on the Create your own policy icon An existing policy can be edited also by double clicking the upper part of the policy icon By selecting a policy the groups computers and users on which the selected policy applies will be highlighted for an easier policy management The administrator can then uncheck previously enabled entities for monitoring or check new ones All c
17. Companion TeamViewer HTC Sync for Android phones Total Commander LogMeIn EasyLock GoToMeeting Windows DVD Maker FileZilla ALFTP GoToMeeting The last step in defining a new policy consists in selecting the content to detect from the three separate tabs for Content Filters The File Type Filter contains a list of supported file types grouped in six categories 39 My Endpoint Protector User Manual e Graphic Files JPEG PNG GIF ICO BMP TIFF EPS CorelDraw etc e Office Files Word DOC DOCX Excel XLS XLSX PowerPoint PPT PPTX PDF Infopath XSN RTF OneNote ONE Outlook PST OST etc e Archive Files ZIP 7z RAR ACE TAR etc e Programming Files C CPP JAVA PY SH CSH BAT CMD PAS XML DTD TEX F etc e Media Files MP3 M4A WAV WMA AVI AIF M3U MPA etc e Other Files EXE SYS DLL SO etc For each category the most common file types are displayed To be able to view and select more file types click on the More File Types option at the end of each file type enumeration File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Policy Action will apply to selected File Types Graphic Files M All V JPEG V PNG V GIF mv Ico BMP M TIFF More File Types Office Files V All V Word V Excel V PowerPoint V PDF V Infopath V Outlook More File Types Archive Files Vv All M ZIP V ZIP password Vi 7z JV RAR V ACE M TAR More File Types Progra
18. Content Filter URL Whitelists Domain Whitelists Regular Expressions Policy Action will apply to selected Custom Content for ALL File Types regardless of the selected File Type Filter EO All E Default Regular Expression To add delete and edit Regular Expression Go to Regular Expressions 41 My Endpoint Protector User Manual Once a policy is created it will be displayed inside the Policies List To enforce a content aware policy inside the network one must select the specific policy that they want to apply by clicking on it and check the corresponding boxes to the network entity on which they want to apply the content rules If a Content Aware Policy was already enforced on a computer user or group when clicking on it the corresponding network entities on which it was applied will be highlighted The administrator can be notified of each occurrence of an event described in a newly created policy by setting up a Content Aware alert for that specific policy from Alerts gt Content Aware Alerts 6 2 Custom Content Dictionaries Custom Content Dictionaries are custom defined lists of terms and expressions to be detected as sensitive content by My Endpoint Protector The list of custom content dictionaries is available under Content Aware Protection gt Custom Content Dictionaries The available actions for each dictionary are Edit Export Dictionary and Delete ea ies One can create a new dictionary by clicking on
19. DVD GCC H10N ATA Device HL DT ST RW DVD GCC H10N ATA Device Sta EEIE Dim 23 Aug 2013 08 33 SEE OEE vice USB Storage Device USB_FLASH_DRIVE USB_FLASH_DRIVE ADATA Ss 30 Jun 2014 17 21 EES S Compu S Computer Rights Windows Portable Device Media Transfer GT 19100 GT 19100 Samsung Electronics Co Ltd EE 19 Aug 2013 14 40 EE S Users Local Printers HP LaserJet P1005 HP LaserJet P1005 HP DE E 07 Jan 2014 09 05 e a User Rights Windows Portable Device Media Transfer GT 19100 GT 19100 Samsung Electronics Co Ltd LSE Ges 22 Aug 2013 11 14 SEE _O E E Groups USB Storage Device DMC FX9 DMC FX9 MATSHITA E E 05 Aug 2013 12 04 aa T Group Rights BlackBerry Blackberry Handheld Blackberry Handheld Research In Motion 23 Jun 2014 11 58 Custom Classes Webcam Mic PTZ Mic PTZ Logitech inc a oe 23 Jun 2014 12 00 m Content Aware Protection CAP iPhone iPhone 4 iPhone 4 Apple Inc e 24 Jun 2014 17 12 iPad Port_ 0004 Hub_ 0008 Port_ 0004 Hub_ 0008 Apple Inc e 27 Jun 2014 16 08 Gi Ws 5 Mobile Device Management Local Printers HP LaserJet P1005 1 2 0 224 HP LaserJet P1005 1 2 0 224 MacBook Pro 01 Jul 2014 16 25 I Local Printers HP Officejet 5600 series HP Officejet 5600 series MacBook Pro 01 Jul 2014 16 25 u igs omina pemu Password Serial ATA Controller Intel R 7 Series C216 Chipset Family SA Intel R 7 Series C216 Chipset Family SA IDEA
20. Ericsson etc Preserve global setting x Card Reader Device SCSI Preserve global setting x ZE Aere SmartPhone USB Sync Preserve global setting x ZIP Drive Preserve global setting z SmartPhone Windows CE Preserve global setting Teensy Board Preserve global setting x p Downloads SmartPhone Symbian Preserve global setting Thunderbolt Preserve global setting x O Support Webcam Preserve global setting Network Share Allow Access E iPhone Preserve global setting Already Existing Devices G Save Restore Global Rights t Back 5 8 Computer Settings This module will allow the administrator to edit the settings for each computer It is accessible from the Computers tab where you have to click on the Settings button C5 MY ENDPOINT PROTECTOR Dashboard Edit Settings for Computer Account ny Computer Device Control Default User pS IP 86 124 96 62 Global Rights MAC Address 5 as Computer Name IDEAPAD PC WIN8 Global Settings Location Devices Device Rights Computers Computer Rights Mode Normal x Users User Rights Notifier Language English x Groups Group Rights Logging Custom Classes Created at 05 Aug 2013 15 52 37 Content Aware Protection CAP Created by auto g Mobile Device Management Modified at Modified by les Offline Temporary Password G Save t Back E Reports and Analysis fag Alerts ER Live Help Online Welcome Network Ad
21. Global Policies Global BlackBerry Deny Access No inherited from Global Policies Global Card Reader Device MTD Deny Access No inherited from Global Policies Global Mobile Phones Sony Ericsson etc Deny Access No Inherited from Global Policies Global Card Reader Device SCSI Deny Access No inherited from Global Policies Global My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 5 2 2 Effective Rights Devices This module displays the rights applied for the selected device MY ENDPOINT Welcome Network Administrator Logout CD PROTECTOR Live Help Online CQ Advanced Search Dashboard Effective Rights My Account A Currently the system is using both computer and user rights user rights have priority Device Control Dashboard Effective Rights Endpoints Effective Rights Devices Global Rights Effective Rights Filter Global Settings Select a device type USB Storage Device KA Devices aen Device Rights Select a device N A A Computers Computer Rights v Reset Mor Apply filter i sa a Results Groups Group Rights Custom Classes A The rights are displayed from lower to highest priority and they are in a raw form m2 Content Aware Protection CAP Device Type Device Right Using File Whitelist Observation Defined On g Mobile Device Management USB Storage Device Allow Access No Inherited from Global Policies Global les Offline Tem
22. M EN DPO NT Welcome Network Administrator Logout ie PROTECTOR ER Live Help Online Q Advanced Search Dashboard Edit Devices eA My Account i Cdl i Device Control Name Allow Access Custom Class Dashboard Description Global Rights Right Allow Access Effective Rights Global Settings Device Type Devices Device Rights omputers Computer Rights Device Class Users User Rights Note In the fields bellow enter the information in the following order Device Type VID PID Description Groups USB Storage Device v AAAA 1111 custom devi Group Rights z vice Custom Classes Content Aware Protection CAP Devices Offline Temporary Password G Save t Back Mobile Device Management My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 4 hours ago from your current IP By selecting Device Control gt Custom Classes the administrator is able to create and edit custom classes by adding new entities to the existing ones Results All Name Description Right Actions a Allow Access Custom Class Allow Access x A CD ROM deny class denying certain CD ROMs Deny Access R 2 2results 50 per page Create Delete t Back When creating a new custom class or editing an existing one the administrator may provide a unique name and a short description followed by the specification of the rights that will be automatically applied to all included devices Custom Class Nam
23. Protector User Manual 5 10 Users The client users are the end users who are logged on a computer on which the My Endpoint Protector Client software is installed Welcome Network Administrator Logout w MY ENDPOINT PROTECTOR WB Live Help Online o Qa Advanced Search Dashboara eA My Account Filter m Device Control Results Dashboard 3 r 7 r 7 3 Global Rights All Username Domain First Name Last Name Phone E mail Modified at Modified by Groups Actions Effective Rights F ss ee 26 Jun 2014 10 43 57 FAA w Global Settings A FAanw Devi w Device Rights n Ef a El Computer Rights Lal oe FIENO Gr n 20 Aug 2013 15 40 38 e s assena E a E gvi Group Rights gt BR a E yi Custom Classes _ R a E ov O Content Aware Protection CAP a g g E b i x g _ FAanw g Mobile Device Management E EA a E gyi T 02 Jul 2014 12 21 28 F ENO gg Offline Temporary Password 14 results 50 per page E Reports and Analysis Create ov Export Delete Back fag Alerts Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP This module has a self completing mechanism as soon as a user has some activity on the system and he is new in the system he will be added to the system database These
24. X ez bi BlackBerry Deny Access Card Reader Device MTD Deny Access X E Reports and Analysis Mobile Phones Sony Ericsson etc D Deny Access Card Reader Device SCSI Deny Access fas Alerts SmartPhone USB Sync Deny Access ZIP Drive Deny Access SmartPhone Windows CE Deny Access Teensy Board Deny Access x 4 Downloads m T a SmartPhone Symbian Deny Access X Thunderbolt Deny Access z Support Webcam Deny Access x Network Share Allow Access p iPhone Deny Access Already Existing Devices G Save C Back My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 5 2 Effective Rights oy ae This module displays the rights applied for all device types at that moment in time for the entire system or a specific user computer Effective Rights Endpoints 14 My Endpoint Protector User Manual MY ENDPOINT Welcome Network Administrator Logout Ce PROTECTOR Live Help Online Q Advanced Search Dashboard Effective Rights om eo A D My Account A Currently the system is using both computer and user rights user rights have priority am Device Control Dashboard Effective Rights Endpoints Effective Rights Devices Global Rights Effective Rights Filter Global Settings Select a computer IDEAPAD PC WIN8 Devices Device Rights Select a user N A v Computers Computer Rights amp Reset
25. are the actions available to the administrator in this module F S E w Edit Manage Rights User History Export User History and Delete There are two users created by default during the installation process of My Endpoint Protector noUser is the user linked to all events performed while no user was logged into the computer Remote users names who log into the computer will not be logged and their events will be stored as events of noUser Another occurrence of noUser events would be to have an automated script software which accesses a device when no user is logged into the specific computer autorunUser indicates that an installer has been launched by Windows from the specific device It is the user attached to all the events generated by the programs launched from that specific device when Autoplay is enabled in the Operating System 25 My Endpoint Protector User Manual The users can be arranged in groups for easier management at a later point 5 11 User Rights This module is built around the user allowing administrators to manage rights of access to devices per users Welcome Network Administrator Logout fe MY ENDPOINT PROTECTOR Q Advanced Search Edit User Rights ey Live Help Online Dashboard My Account A Currently the system is using both computer and user rights user rights have priority Device Control Dashboard User Global Rights Effective Rights User Name Je
26. connectivity without any interference from firewalls etc 5 Device Control 5 1 Global Rights This module applies rights to computers in the entire system Welcome Network Administrator Logout Kap Y ENDPOINT e PROTECTOR FB Live Help online ae Advanced Search Management of Global Rights Dashboard My Account Currently the system is using computer rights Device Control Dashboard Groups Global Rights Effective Rights Name Global Global Settings Description Global Group induding all the machines Devices Device Rights Device Types Computers Computer Rights Unknown Device Deny Access SA iPad Deny Access r Users ni a USB Storage Device iPod User Rights Allow Access X Deny Access X Groups internal CD or DVD RW Deny Access Tl Serial ATA Controller Deny Access Group Rights Internal Card Reader D Deny Access lia WiFi Allow Access Custom Classes H Ta internal Floppy Drive Deny Access Bluetooth Allow Access x Content Aware Protection CAP Ss Local Printers Deny Access X FireWire Bus Deny Access X g Mobile Device Management Windows Portable Device Media Transfer Protocol Deny Access Serial Port Deny Access Digital Camera D Deny Access PCMCIA Device Deny Access x les Offline Temporary Password za
27. drive plus additional space for optional offline file tracing and file shadowing Attention In case you are using an internal or external firewall please assure that the computer you are installing the client on has the server specified port open By default this is port 443 In case you are behind a router consult the device s user manual or contact the manufacturer of your device about setting up port forwarding Download the correct My Endpoint Protector installer for the computer you want to protect Run the downloaded executable e My Endpoint Protector Setup MY ENDPOINT _ PROTECTOR Welcome to the My Endpoint Protector Setup Wizard The Setup Wizard will install My Endpoint Protector on your computer Click Next to continue or Cancel to exit the Setup Wizard Sign Up for a My Endpoint Protector account now 12 My Endpoint Protector User Manual It is important that you enter your correct Unique ID when requested ie My Endpoint Protector Setup Enter unigue ID Spedfy the My Endpoint Protector unique ID Please enter your unique ID for My Endpoint Protector If you do not have a unique ID and a My Endpoint Protector account please create one If you do not know your unique ID please login to your My Endpoint Protector account You find the unique ID in the account info page or on the start page Account Login Please assure that your client PC has full internet access network
28. enjoy enhanced portability efficiency and productivity As it enables your employees to use devices you have already invested in and it protects your company from losses generated by attacks from outside and within all financial costs entailed by implementing My Endpoint Protector such as purchase implementation and usage training expenses are fully justified by the yielded return on investment The functionality of the My Endpoint Protector is designed to be around several physical entities Computers PCs or MACs with My Endpoint Protector client installed Devices the devices which are currently supported by My Endpoint Protector e g USB devices digital photo cameras USB memory cards etc The cloud server side of My Endpoint Protector is the Administration and Reporting Tool It is responsible for centrally managing devices computers users groups and their behavior together To access the online Administration and Reporting Tool simply open a browser and enter the My Endpoint address Here you will need to enter your username and password If you have not already done so please provide a user name and sign up for My Endpoint Protector to receive your login credentials To create a My Endpoint Protector account please choose a username and password and follow the steps in the sign up wizard To finish the sign up process you need to confirm your e mail address For this please click the confirmation link i
29. not be accessed by unauthorized persons and CoSoSys disclaims any warranties to that effect to the fullest extent permitted by law 2004 2014 CoSoSys Ltd Endpoint Protector Basic EPPBasic Endpoint Protector My Endpoint Protector are trademarks of CoSoSys Ltd All rights reserved Windows is registered trademark of Microsoft Corporation Macintosh Mac OS X are trademarks of Apple Corporation All other names and trademarks are property of their respective owners
30. section 78 My Endpoint Protector User Manual Client refers to the client user who is logged in on a computer and who facilitates the transaction of data Rights applies to computers devices groups users and global rights it stands for privileges that any of these items may or may not possess Online computers refers to PC s Workstations and or Notebooks which have My Endpoint Protector Client installed and are currently running and are connected to the My Endpoint Protector server Connected devices are devices which are connected to online computers Events are a list of actions that hold major significance in My Endpoint Protector There are currently 17 events which are monitored by My Endpoint Protector e Connected the action of connecting a device to a computer running My Endpoint Protector Client e Disconnected the action of safely removing a device from a computer running My Endpoint Protector Client e Enabled refers to devices the action of allowing a device access on the specified computer s group s or under the specified user s e Disabled refers to devices the action of removing all rights from the device making it inaccessible and therefore unusable e File read a file located on a portable device was opened by a user or the file was automatically opened if the portable device was autorun by the operating system e File write a file was copied onto a portable device
31. uploaded to local networks e Applications Online Services Attachments File Transfers comprises Web Browsers E MAIL Clients IM File Sharing Social Media Others Type Web Browsers List of Applications Internet Explorer Mozilla Firefox Chrome Opera Safari SeaMonkey Maxthon AOL Destop 9 6 K Meleon Aurora Firefox E MAIL Clients Microsoft Office Outlook Mozilla Thunderbird Windows Live Mail Outlook Express Windows Mail AOL Mail Opera Mail SeaMonkey Mail Courier IBM Lotus Notes GroupWise Client Instant Messaging AIM eBuddy MySpace IM ICQ Google Talk Skype Windows Live Messenger Yahoo Messenger mIRC Trillian MyChat LingoWare Chit Chat For Facebook Nimbuzz Facebook Messenger Microsoft Communicator 2007 Facemoods Gaim LAN Chat Enterprise OpenTalk TurboIRC WinSent Messenger Pink Notes Plus fTalk XChat ooVoo TweetDeck Pidgin Instant Messenger NateOn Messenger QQ International Twhirl Daum MyPeople Cloud Services File Sharing Google Drive Client iCloud Dropbox Microsoft SkyDrive eMule Kazaa Shareaza Morpheus eDonkey DC BitTorrent Azureus BitComet uTorrent iMesh Daum Cloud KT Olleh uCloud Naver NDrive Microsoft Skydrive client Limewire FTP Command ownCloud client Pogoplug Backup Pruna P2P Sendspace Evernote FileCloud Sync client Social Media Others InfraRecorder iTunes Nokia PC Suite 2008 2011 Samsung Kies Sony Ericsson PC
32. 14 10 01 46 E Custom Classes CREATE Name 02 Jul 2014 16 26 32 E Custom Classes CREATE Name 02 Jul 2014 16 19 30 E User Rights EDT User Name User Name 02 Jul 2014 12 25 35 E Computer Rights EDIT Computer Name Computer Name 02 Jul 2014 12 22 12 E Computers EDT P IP 02 Jul 2014 12 21 52 E Users CREATE Username 02 Jul 2014 12 21 28 E Computers CREATE P 02 Jul 2014 12 19 02 E Computer Rights EDT Computer Name Computer Name 02 Jul 2014 12 08 59 E Computer Rights EDT Computer Name Computer Name 02 Jul 2014 12 08 43 E Computer Rights EDT Computer Name Computer Name 02 Jul 2014 12 08 36 E Computer Rights EDIT Computer Name Computer Name 02 Jul 2014 12 08 16 E Global Rights EDT Name Name 02 Jul 2014 11 27 15 E Global Rights EDT Name Name 02 Jul 2014 11 27 09 E Devices DELETE Description 01 Jul 2014 17 36 46 E Device Rights EDIT Device Description Device Description 01 Jul 2014 17 35 54 E 692 results 20 x per page n 4 12345 ov Export My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 53 My Endpoint Protector User Manual The logs can be exported in a csv file while the filter can help find the desired information quickly and easily 8 3 Online Computers yi m sary Welcome Network Administrator Logout PROTECTOR FW Live Help Online C Q Advanced S h D
33. 2014 My Endpoint Protector Version 4 2 6 9 50 My Endpoint Protector User Manual The user will tell the administrator the code for the device and the administrator will tell the user the password after generating it on the Server see above paragraph for password generation The password will be inserted in the corresponding field and applied by clicking Enter For Computer and Content Aware Protection authorization the administrator will tell the user the password he previously generated The user will simply enter it in the Password field and apply it by clicking Enter 7 5 Setting the Administrator Contact Information The Administrator contact information can be edited under My Account gt Profile Details module at the Personal Information panel Personal Information Salutation Mr First Name Network Last Name Company Company VAT ID 123456789 Fax 07444444445 E mail 2 Zadmin email company cor street CompanyStreet City CompanyCity state CompanyState ZIP Code 400000 Country Romania 8 Reports and Analysis This module is designed to offer you the administrator feedback regarding system functionality and information related to devices users and computers in the entire system 8 1 Content Aware Report This module provides detailed logs of all Content Aware activity It allows the administrator to see exactly what data incidents were detected corre
34. 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 37 My Endpoint Protector User Manual A policy can be enforced to detect amp report all transfers of sensitive content data and or block all transfers a Block amp Report E Report only Attention The Block amp Report action will block all file transfers on the selected network entity We recommend using the Report only action initially to detect but not block data transfers This way no activity will be interrupted and you can gain a better view of data use across your network By default data control is turned off To activate the defined content rules a newly created policy must be enabled ON The policy status can be changed later by using the simple ON OFF switch from the policy icon On Note An enabled ON Policy will be enforced only after selecting the network entities to be monitored To complete the policy definition the transfer destinations to be monitored must be selected and the content to be detected must be specified Control Transfers To a Controlled Device Types Clipboard F Disable Print Screen Q F Applications Online Services Attachments File Transfers
35. 44444445 E mail 1 administrator email compai E mail 2 2admin email company cor 4 Downloads a Street CompanyStreet Support City CompanyCity State CompanyState ZIP Code 400000 Country Romania Other After login Show My Endpoint Protector Start Page Language English X Timezone GMT 02 00 Bucharest X Note Field t d G Save My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 day ago from your current IP 11 2 Unique ID The My Endpoint Protector Unique ID is an important part of your account It is mandatory you enter it when installing the My Endpoint Protector client agent on a new computer It is also essential when purchasing additional licenses through the E Store 67 My Endpoint Protector User Manual You can find your Unique ID in the Profile Details My Subscriptions Get a Subscription Installation Files and Enrollment and Download EasyLock Software tabs The last two tabs can be found under the Downloads module Welcome Network Administrator Logout MY ENDPOINT FW Live Help Online Q Advanced Search Dashboard Edit Profile My Account TE Profile Details Username EEE My Subscriptions Get a Subscription Unique ID Gient So e Upgrade Old Password Client Uninstall New Password Confirm New Password m Device Control k To create a secure password we recommend induding a combination of letters and numbers
36. AIVE E rap_epoiiblestdecinatesidata iqinws decTest 397 K text pain Fite Type Text fies 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 Onire Devces Content Threat Oetected DESEE 66 124 96 62 come mho USB Storage Device USB_FLASH_DAIVE E zap_eppibiestideomakestdsta dqhNextPius decTest 21 KB mfc ukibmcom Predefined Content reguisr expression 24 Jun 2014 12 02 09 10 Oct 2017 1203 04 Windows 1 Computer Mestory Content Threat Detected m n 06 124 96 62 e tno USB Storage Device USB_FLASH_DRIVE EJzap_eppibiestdecoma estdataidqScaie8 decTest 18 43 KB text plain Fie Type Text fies 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 as Content Threat Detected EES 66 124 96 62 m tnho USB Storage Device USB_FLASH_DRIVE EJzap_eppibiestdecmakestdata dqSameQuantumdecTest 17 34 KE mfco ukbmcom Predefined Content reguisr expression 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 faa Alerts Content Threat Detected 86 124 96 62 em tinno USB Storage Device USB_FLASH_DRIVE E zap_epoviiestidecimatesidata dgSameQuantumdectest 17 34 K text plain File Type Text fies 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 Content Threat Detected 861249662 xum tinno USB Storage Device USB_FLASH_DAIVE EJzep_eppidiestdecimakesidata dqRotsie decTest 20 2K8 mic ukimmcom Predefined Content reguier expression 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 Downloads Content Threat Detected SEES 060 124 9562 mm tinno USB Storage Device USB_FLASH_DAIVE E zap_eppvibiestidecima
37. Also improper regular expressions or improper use can have negative implications This feature is provided as is and requires advanced knowledge of the Regular Expression syntax The regular expressions feature is provided with no direct support and it is the responsibility of the customers to learn and implement regular expressions and to thoroughly test 6 6 How Content Aware Protection works for monitored Applications Online Services The following table shows a list of actions and content that are screened inspected or left unscreened uninspected by the Content Aware Protection feature APPLICATION Web Browsers SCREENED Uploaded Files Webmail Attachments NOT SCREENED Webpage Content Downloaded Content Blog Posts E MAIL Clients File Attachments Microsoft Outlook E MAIL Content Microsoft Outlook Forwarded and Saved Attachments Microsoft Outlook E mailed directly from Windows Explorer Microsoft Outlook Copied Attachments from one E MAIL to another Mozilla Thunderbird E MAIL Content E MAIL Content for other E MAIL Services Forwarded Attachments Saved Attachments Attachments e mailed directly from Windows Explorer Copied Attachments from one E MAIL to another Instant Messaging File Transfers Shared Picture Files IM Message Content Sent Files 45 My Endpoint Protector User Manual File Sharing File Uploads Saved Files Social Media
38. Domain G Check all matched items G 1 matched found from a total of 14 users m My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 4 hours ago from your current IP 5 13 Group Rights This module is built around a group of computers and or users allowing administrators to manage rights of access to devices per groups Welcome Network Administrator Logout E MY ENDPOINT Cc a PROTECTOR ic Live Help Online Q Advanced Search Dashboard ay My Account Management of Rights per Groups v Filter m Device Control Results Dashboard ie Name Description Actions Global Rights ne Financial Depoartment This group belongs to the financial depa a Global Settings z r E Marketing Department This group belongs to the marketing depa a eei Sales Department This group belongs to the sales deparmen a Device Rights ee 3results 20 x per page Computer Rights teers iD Edit All s Back User Rights Groups Group Rights Custom Classes e Content Aware Protection CAP a Mobile Device Management Offline Temporary Password E Reports and Analysis Alerts p Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 4 hours ago from your current IP The administrator can use the Edit All action here to edit rights for all groups at once 28 My Endpoint Protector User Manual 5 14 Group Settings
39. History Content Threat Detected LIES Ges USB Storage Device USB_FLASH_DRIVE E zap_eppllib test decimaltestdata dqSameQuantum decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Content Threat Detected LIES Gee USB Storage Device USB_FLASH_DRIVE E zap_eppj lib test decimaltestdata dqgSameQuantum decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 pranoni Content Threat Detected LSE Ges USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqSameQuantum decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 O Support Content Threat Detected LILES Gees USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqRotate decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 Content Threat Detected LILES ees USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqRotate decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 Content Threat Detected LIES Gee USB Storage Device USB_FLASH_DRIVE E zap_eppj lib test decimaltestdata dqRotate decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 Content Threat Detected LEE Gee USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqRotate decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Content Threat Detected LESS es USB Storage Device USB_FLASH_DRIVE E zap_eppi lib test decimaltestdata dqRotate de
40. Jul 2014 16 25 w E pence History S USB Storage Device USB_FLASH_DRIVE S USB _FLASH_DRIVE ADATA 125f c08a 132212022221001D 30 Jun 2014 17 21 oy E Alerts USB Storage Device Port_ 0003 Hub_ 0004 Port_ 0003 Hub_ 0004 Realtek Semiconduct bda 129 20100201396000000 30 Jun 2014 10 12 oj E Bluetooth RTL8723A 4 0 High Speed Chip RTL8T23A 4 0 High Speed Chip Reattek S bda 1724 00E04C000001 30 Jun 2014 10 12 E s Downloads WiFi Realtek RTL8723A Wireless LAN 802 11n US Realtek RTL8723A Wireless LAN 802 11n US bda 1724 00E 04C000001 30 Jun 2014 10 12 oy E Support Webcam Lenovo EasyCamera Lenovo EasyCamera Chicony Electronics Co 4f2 b322 0000 30 Jun 2014 10 12 oy E iPad Port_ 0004 Hub_ 0008 E Port 0004 Hub_ 0008 Apple Inc Sac 12ab 2DC8E174A020793F2154 27 Jun 2014 16 08 E Serial ATA Controller Intel R ICH8 2 port Serial ATA Storage Intel R ICH8 2 port Serial ATA Storage 8086 2825 3 amp 11583659808FD 26 Jun 2014 14 17 Sy Internal CD or DVDRW HL DT ST DVDRAM GH24NS95 ATA Device a SEES HL DT ST DVDRAM GH24NS95 ATA Devicel Sta 0 0 CDROMHL DT ST_DVDRAM 26 Jun 2014 10 54 E iPhone Phone 4 S Phone 4 Apple Inc Sac 1297 E09B822BC36F8D47CSBF 24 Jun 2014 17 12 Sj E 60 results 20 x per page JL 123L gt JL My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 6 minutes ago from your current IP My Endpoint Protector allows you
41. MY ENDPOINT PROTECTOR 2 cososyYs I My Endpoint Protector User Manual Table of Contents L INCrOCGUCTION 2 cee cce cee ee eee e eee eeeeeeeeeeeaeeeas 1 1 1 What is My Endpoint Protector cccccccceeeee sence ee eeeeneeeeenees 2 L2 MIn FEQGUI CS a a inane tenecinedenactsed wenseuet uous dumosnae duns 2 1 3 Controlled Device Types Ports ccccecceceeeseeeeeeeeeeseeeeeneeges 3 1 4 Windows and Mac OS X Client Support cc cece eee esse eee eeeees 5 Lo CONCIISIONS orrip er roer Ea EEEE EEE EERE EEEE EEE TEREE 5 2 Cloud Server Functionality cccseeeaessenees 6 2 1 Accessing My Endpoint Protector Online Administration and Reporting TOOL sesssssssssnsssnrsnsrnnrnrrrerenerrrnrnernerrnrnnrerrnrnrrrrrrnrrnre 6 ZN N U a E E E ses oeas 6 2l EOG E E A 7 Pike FOrgOtyoUr PASSWOVO isansep ene esse tas nenuenssouerencneee ey can erasers 7 Ze WOGOULeisccvend actiesdacctveasancosestancevesdiaeaseacesetveasanesseanenesvesdee 7 2 2 Online Administration and Reporting ToOol cccccceeeeeseeeeees 7 3 My EPP Client System Requirements 10 4 Client Installation s ssssssssesssrssnnrnsssensas 11 5 Device Control ssceysteewescnenevesussacssaasecusenus 13 Dike GODAL RIONU rerainan A A AEA AAS 13 Dees OCU VC RONU orari ea E AE 13 5 2 1 Effective Rights Endpoints s ssssesssrsnssrsrrnrsrrsrrrrerenas 13 5 2 2 Effective Rights Devices ssssssssssnsssnnsunsnrnnsnr
42. Other File Transfers Blog Posts Other limitations may apply This module allows the user of the commercial My Endpoint Protector account to generate a temporary password for a specific device on a client user computer It can be used when there is no network connection between the client computer and the Server Note Once a device is temporarily authorized any other rights settings saved afterwards for this device will not take immediate effect until the time period is passed and the connection with the Server is re established A password is unique for a certain device and time period In conclusion the Same password cannot be used for a different device or for the same device twice The password will give permission to the device for the specified amount of time The time intervals which can be selected are 30 minutes 1 hour 2 hours 4 hours 8 hours 1 day 2 days 5 days 14 days and 30 days 47 My Endpoint Protector User Manual Welcome Network Administrator Logout ke MY ENDPOINT PROTECTOR BW Live Help Online Q Advanced S h Dashboard Generate Offline Temporary Password A t A slat Device Offline Temporary Password Computer Offline Temporary Password Content Aware Protection Offline Temporary Password Device Control 7 Content Aware Protection CAP duncani N A E Mobile Device Management Devices les Offline Temporary Password Search for device 2 Offline Temporary Passwo
43. PAD PC WINS ttm 03 Jul 2014 11 27 EE E EE E faa Reports an d Analysis Bluetooth RTL8723A 4 0 High Speed Chip RTL8723A 4 0 High Speed Chip Realtek S IDEAPAD PC WINS ttm 30 Jun 2014 10 12 Zr WiFi Realtek RTL8723A Wireless LAN 802 11n US Realtek RTL8723A Wireless LAN 802 11n US IDEAPAD PC WINS Sm 30 Jun 2014 10 12 mm EE Oa fag Alerts Webcam Lenovo EasyCamera Lenovo EasyCamera Chicony Electronics Co IDEAPAD PC WINS Mam 30 Jun 2014 10 12 oz USB Storage Device Port_ 0003 Hub_ 0004 Port_ 0003 Hub_ 0004 Realtek Semiconduct IDEAPAD PC WINS tm 30 Jun 2014 10 12 EEE S ee 4 Downloads USB Storage Device DATATRAVELER_2 0 DATATRAVELER_2 0 KINGSTON 20 Aug 2013 09 37 E 58 results 20 per page O Support lz z 4 r o Create oy Export Delete t Back My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP These are the actions available to the administrator in this module E S Eg Edit Manage Rights Device History Export Device History Delete Manage Rights is actually a shortcut to the Devices Rights module and will be explained in one of the following chapters The status column indicates the current rights for the devices he Red means that the device is blocked in the system Green means that the device is allowed on computers or users Q Yellow means that device is allowed on some users or computers with restricti
44. Protector User Manual 11 5 Client Uninstall Protection The Client Uninstall Protection feature protects the My Endpoint Protector Client from being uninstalled by using a password based mechanism The My Endpoint Protector Administrator defines this password from within the Reporting and Administration Tool of My Endpoint Protector When somebody tries to uninstall the My Endpoint Protector Client they will be prompted for the password If they do not know the password the Client removal cannot continue This password can be set by accessing Device Control Global Settings entering a password in the Client Software Windows and Mac Uninstall Protection Password field and clicking on Save To clear the password simply click on the Clear Password button MY EN DPOINT Welcome Network Administrator Logout PROTECTOR FA uvene onines C a Advanced h Dashboard Management of Global Settings Group FA My Account Cal Device Control coba Description Global Group including all the machines Dashboard Global Rights General Settings Effective Rights Global Settings Mode Normal x Devices Notifier Language English Device Rights Computers Rights Functionality Computer Rights Users Computer Rights HELS User Rights Groups Group Rights Both Rights Custom Classes Priority Computer Rights User Rights Content Aware Protection CAP ea z g Mobile Device Management Note The
45. USB_FLASH_DAIVE E zap_eppiibiestidecrratesidataiisEncode decTest 15 15 KB text ptsin Fite Type Text fies 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Reports and Analysis Content Threat Detected 06 124 96 62 come tenho USB Storage Device USB_FLASH_DAIVE Evzap_eppiibtestidecmabestdata dsincode decTest 18 18 KB mfc ukiomcom Predefined Content reguisr expression 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Logs Report a Content Threat Detected 86 124 96 62 Set tnho USB Storage Device USB_FLASH_DRIVE E zap_eppibiestidecmakestdata dq or decTest 27 2K8 text plain File Type Text fies 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Pes 2 Content Threat Detected 86 124 96 62 See tino USB Storage Device USB_FLASH_DRIVE E zap_eppiibfestidecimatesidata dsbase cecTest 47 37 KS text piain File Type Test fies 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Ahrin Actions Content Threat Detected eee 86 124 96 62 mumm tinno USB Storage Device USB_FLASH_ORIVE E zap_eppidiestdecimakesidata dsBase GecTest 47 37 K mo ukbmcom Predefined Content regular expression 24 Jun 2014 1202 10 10 Oct 2017 12 03 05 Windows 2 Online Computers y Content Threat Detected ee 86 124 96 62 cet tinno USB Storage Device USB_FLASH_DAIVE E zap_eppibiestdecimahesidata dq cor GecTest 27 2K8 mic ukiomcom Predefined Content reguiar expression 24 Jun 2014 120210 10 Oct 2017 12 03 05 Windows 2 Online Users Content Threat Detected _ 866 124 9662 See tinho USB Storage Device USB_FLASH_D
46. Windows 64bit XP Vista 7 8 Mobile Device Management Offline Temporary Passwort d ana Amr eea Mac OS X 10 5 Download Reports and Analysis RETE OSX Device Enrollment Setup J Downloads iOS Device Enrollment Setup Installation Files amp Enrollment iOS Client to locate iOS device EPP MDM on iTunes EasyLock Encryption Software Support Android Device Enrollment Setup Android Client to enroll Android devices EPP MDM Client on Google Play Download Client Software URL See _ EEE U My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP 10 2 EasyLock Encryption Software The latest Windows and MAC version of EasyLock 2 Encryption Software can be downloaded from this module 65 My Endpoint Protector User Manual a oe HERR 9 Dashboard My Account Device Control Content Aware Protection CAP Mobile Device Management Offline Temporary Password Reports and Analysis Alerts Downloads Installation Files amp Enrollment EasyLock Encryption Software Support ENDPOINT PROTECTOR Welcome Network Administrator Logout FR werepoaine C Advanced Search EasyLock Encryption Software Your unique ID for installation enrollment aaa EasyLock is there to protect your data saved on portable storage devices such as a USB stick with military strength 256bit AES encryption It supp
47. according to the defined policy 6 1 4 Setting up Content Aware Policies To set up a Content Aware Policy go to Content Aware Protection gt Content Aware Policies and click on the Create Your Own Policy icon or push the Add Policy button This will open the Add a new Policy window which will allow setting the parameters of the newly created policy MY ENDPOINT Welcome Network Administrator Logout PROTECTOR E Live Help Online Q Advanced Search Dashboard Add a new Policy A Account A My Policy OS Type Fad Device Control OS Type Windows Mac OS xX Content Aware Protection CAP 3 Ss Policy Information Dashboard Effective Rights Policy Name Content Aware Policies Policy Description Custom Content Dictionaries Policy Action Report only Block amp Report Content Aware URL Whitelists ee Policy Status Enabled ON Disabled OFF Content Aware Domain Whitelists E Content Aware Regex IT forsTo g Mobile Device Management F Controlled Storage Device Types Clipboard F Disable Print Screen Scan Network Share les Offline Temporary Password faa Reports and Analysis E Applications Online Services Attachments File Transfers faz Aak Web Browser E mail Instant Messaging Cloud Services File Sharing Social Media Others Internet Explorer F Outlook A
48. ailed auditing Content Aware Report Filter Event Name Client Computer Client User Destination Type Destination File Name Content Policy Item Type Matched Item Item Details Date Time Server Date Time Client Rest iQ Apply filter 8 2 Admin Actions Every important action performed by administrators in the interface is recorded Clicking the view details button will open the Admin Actions Details page where further details about the specific event is shown with the status of the modified feature before and after the change took place CN MY ENDPOINT PROTECTOR Dashboard A My Account Device Control Content Aware Protection CAP g Mobile Device Management Offline Temporary Password Ky Reports and Analysis Content Aware Keport Admin Actions Computer History User History Device History fag Alerts p Downloads O Support Live Help Online Show all departments Welcome Network Administrator Logout CQ Advanced Search Online Computers Online Users Online Devices Filter v Results Section Action Type Before After Created at v Actions MDM Alerts DELETE Event 03 Jul 2014 11 08 52 E MDM Alerts EDIT Event Event 03 Jul 2014 11 08 47 E MDM Alerts DELETE Type 03 Jul 2014 11 08 39 E Content Aware Alerts CREATE Department 03 Jul 2014 10 36 30 E Alerts CREATE User 03 Jul 20
49. ashboard Online Computers FA My Account Result Device Control Name User Logged Domain Workgroup IP MAC Address Location Status Actions Content Aware Protection CAP gt WORKGROUP 86 124 96 62 Onine EI WORKGROUP 86 124 96 62 Online E Ej Mobile Device Management 2 computers online 20 per page les Offline Temporary Password E Reports and Analysis Logs Report Content Aware Report Admin Actions 3 Online Computers y o Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP Offers real time monitoring of the client computers registered on the system which have an established connection with the server depends on the Refresh Interval if the Refresh Interval for computer X is 1 minute than the computer X was communicating with the server in the last 1 minute The administrator has the possibility of accessing the log for a certain computer by pressing the List action button Pressing this button will take you to the logs report where it will only display the actions of that specific computer for which the button was pushed 8 4 Online Users Shows a list of users that are connected to the My Endpoint Protector Server in real time 54 My Endpoint Protector User Manual Welcome Network Administrator Logout ay M ENDPOINT PROTECTOR SA Live Help Online C Q Advan
50. be blocked REPORTED BLOCKED IGNORED Information will be reported BLOCKED REPORTED IGNORED Information will be blocked Attention The information left unchecked when creating a policy will be considered as Ignored by My Endpoint Protector and NOT AS ALLOWED 6 1 3 Types of Content Aware Policies Depending on the selected content to detect a policy can be classified in e File Type Filter Policy detects blocks all transfers of preselected file types including preselected file types archived in zip files with no password protection e Predefined Content Policy detects blocks all file transfers containing Credit Card and or Personal Identifiable information e Custom Content Policy detects blocks all file transfers containing terms from a preselected Custom Content Dictionary Combined policies can be created by selecting several filter types for the same policy An example of a combined Content Aware Policy for the Sales Department to detect specific file types and custom terms is shown below 36 My Endpoint Protector User Manual Priority 3 File Types Custom Content Depending on the selected content to monitor the icon corresponding to the newly created policy will highlight the specific selected filters Note Content Aware Policies apply also to File Whitelist This means that all files that were previously whitelisted will be inspected for sensitive content detection reported and or blocked
51. cTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 21520 results 20 x per page n 4 112345 gt W Delete History t Back My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP 9 5 Define MDM Alerts To create a new MDM alert go to the Define MDM Alerts tab and press the Create button Welcome Network Administrator Logout C Advanced Search List of Mobile Device Management Alerts MY ENDPOINT PROTECTOR C o a Live Help Online Dashboard My Account Result Device Control Type Device Name Event a Content Aware Protection CAP Any Any Change SIM card EF Any Any Change carrier B Mobile Device Management hay A eee F Offline Temporary Password 3results 50 p per page Reports and Analysis Create Alerts Define Alerts Alerts History Define Content Aware Alerts Content Aware Alerts History Define MDM Alerts MDM Alerts History o Downloads B son My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP 63 My Endpoint Protector User Manual Alerts can be created for IOS MDM profile removal Android application removal SIM card changed and carrier changed 9 6 MDM Alerts History A history of the MDM alerts is kept in this tab for later auditing Each event that triggers an MDM alert will be saved here Administrators
52. can search for data more easily with the implemented filter while if not needed anymore the logs can be deleted from the Delete History button Welcome Network Administrator Logout CS a ROTETA a Live Help Online Qa Advanced Search My Account Filter Device Control Resis Content Aware Protection CAP Event Name Client Computer Client Destination Type Destination File Name Content Item Type Matched Item Item Details Created at v User Policy B Mobile Device Management Content Threat Detected LSS p USB Storage Device USB_FLASH_DRIVE E zap_epp lib itest decimaltestdata dqMinus decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Content Threat Detected EEDE ees USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqMinus decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 igs Offline Temporary Password Content Threat Detected LIES es USB Storage Device USB_FLASH_DRIVE E zap_eppllib test decimaltestdata dqMinus decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Content Threat Detected LEE Gee USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqNextPlus decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 E Reports and Analysis Content Threat Detected TESSE Ge USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqNextPlus decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oc
53. can search for data more easily with the implemented filter while if not needed anymore the logs can be deleted from the Delete History button Welcome Network Administrator Logout MY ENDPOINT PROTECTOR ER Live Help Online C Q Dashboard Mobile Device Management Alerts History ay My Account Filter Device Control Results Content Aware Protection CAP Event Name Type OS Device Name Created at v g Mobile Device Management Uninstall App Any Any 24 June 2014 15 57 Uninstall App Any Any 24 June 2014 13 46 les Offline Temporary Password Uninstall App Any Any 24 June 2014 8 29 3results 20 er page T Reports and Analysis l x per pagel Delete Histo Back m Aers z t Define Alerts Alerts History Define Content Aware Alerts Content Aware Alerts History Define MDM Alerts MDM Alerts History s Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP 10 Downloads 10 1 Installation Files amp Enrollment The latest Windows and MAC clients for My Endpoint Protector can be downloaded from this module Welcome Network Administrator Logout CN MY ENDPOINT e PROTECTOR ER Live Help Online Q anced Search Dashboard Client Download My Account ique ID for installation enroliment ae Device Control Windows 32bit XP Vista 7 8 Downloa d Content Aware Protection CAP
54. ced Search a a My Account i a553 Device Control Username Name Computer Name IP Connected Device 86 124 96 62 GT 19100 Intel R 7 Series C216 Chipset Family SATA AHCI Controller 1E03 RTL8723A 4 0 High Speed Chip Bluetooth Device Personal Area Network Realtek RTL8723A Wireless LAN 802 11n USB 2 0 Content Aware Protection CAP 86 124 96 62 Communications Port COM1 TEAC CD 552G gt ESE EEE a Mobile Device Management 2users online 20 z per page les Offline Temporary Password m E Reports and Analysis Logs Report Content Aware Report Admin Actions Online Computers Online Users Online Devices Computer History fag Alerts p Downloads O Support m My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 8 5 Online Devices Offers information regarding the devices connected to the computers on the system MY ENDPOINT Welcome Network Administrator Logout PROTECTOR iB Live Help Online Q Advanced Search Dashboard A My Account H Device Control Computer Name User IP Device Type Device Name VID PID Serial No Actions z Logged Content Aware Protection CAP SSE SESS 86 124 96 62 Internal CD or DVD RW TEAC CD 552G LY SSH a 86 124 96 62 Serial Port Communications Port COM1 eee E g oere IDEAPAD PC WINS 86 124 96 62 WiFi Realtek RTL8723A Wireless LAN 802 11n USB 2 0 Ne
55. ctionary and are sent through Skype while with the second policy to block the same files if they are sent through Yahoo Messenger and NateOn Messenger Similar to this example it is possible to create combinations that will allow you to block a file type or a file that contains predefined content custom content regular expression for one application while letting it through and report it only for another application The following rules are used in the application of one or more Content Aware Policies on a computer user group department for each separately selected item e g a specific file type predefined information or a custom content dictionary Policy A with Policy B with Policy C with Endpoint Protector Priority 1 Priority 2 Priority 3 Action IGNORED IGNORED IGNORED Information will not be blocked or reported IGNORED IGNORED REPORTED Information will be reported IGNORED REPORTED REPORTED Information will be reported REPORTED REPORTED REPORTED Information will be reported IGNORED IGNORED BLOCKED Information will be blocked IGNORED BLOCKED BLOCKED Information will be blocked BLOCKED BLOCKED BLOCKED Information will be blocked IGNORED REPORTED BLOCKED Information will be reported IGNORED BLOCKED REPORTED Information will be 35 My Endpoint Protector User Manual blocked REPORTED IGNORED BLOCKED Information will be reported BLOCKED IGNORED REPORTED Information will
56. d Account a i Device Offline Temporary Password Computer Offline Temporary Password Content Aware Protection Offline Temporary Password Cal Device Control c t Content Aware Protection CAP A Mobile Device Management lss Offline Temporary Password Offline Temporary Password faa Reports and Analysis GY Generate code as Alerts es 025r d O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP The administrator can allow the use of all the endpoints on an offline computer He does this by generating a Computer Offline Temporary Password After selecting the computer and duration the password will be generated by clicking on the Generate Code button The obtained password will be communicated to the user for temporarily allowing the use of all the endpoints as explained in paragraph 5 5 7 3 Content Aware Protection Offline Temporary Password The administrator can allow the transfer of sensitive data on an offline computer He does this by generating a Content Aware Protection Offline Temporary Password After selecting the computer and duration the password will be generated by clicking on Generate Code button The obtained password will be communicated to the user for temporarily allowing transfer of sensitive data as explained in paragraph 5 5 49 My Endpoint Protector User Manual W
57. dashboard also shows alerts for all activities 23 My Endpoint Protector User Manual 5 9 2 Stealth Mode Similar to Transparent mode Stealth mode allows the administrator to monitor all users and computers activities and actions with all devices allowed No system tray icon is displayed no system tray notifications are shown everything is allowed nothing is blocked regardless of what activity Administrator receives alerts dashboard shows also alerts for all activities 5 9 3 Panic Mode If Stealth Mode and Transparent Mode are set manually Panic Mode will be set automatically by the system when it considers it necessary system tray icon is displayed notifications are displayed everything is blocked regardless if authorized or not Administrator receives alert dashboard also shows alerts when PCs are going in and out of Panic mode 5 9 4 Hidden Icon Mode The Hidden Icon Mode is similar to the Normal mode the difference consisting in the fact that the Agent is not visible to the user no system tray icon is displayed no system tray notifications are shown all set rights and settings are applied 5 9 5 Silent Mode The Silent Mode is similar to the Normal mode the difference consisting in the fact that the notifications do not pop up to the user system tray icon is displayed no system tray notifications are shown all set rights and settings are applied 24 My Endpoint
58. delete the selected Client machine Make sure t does not have any associated tems 59 My Endpoint Protector User Manual 9 1 Define Alerts Welcome Network Administrator Logout iu e MY ENDPOINT PROTECTOR ER Live Help Online Q Advanced Search Dashboard List of Alerts FA My Account i Cdl Device Control User Computer Group Device Type Device Event Actions Content Aware Protection CAP Any Any Any Any Any Connected F E Mobile Device Management a les Offline Temporary Password gase E Reports and Analysis BQ Aers Define Alerts Alerts History Define Content Aware Alerts Content Aware Alerts History Define MDM Alerts MDM Alerts History Downloads Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP To create a new alert go to Define Alerts and click Create Alert fields Group Financial Depoartment User Test User Computer Test PC Device type USB Storage Device Device Any Event Disconnected Alert administrators Addresses administrator email company com Add New Address Note Insert e mail addresses if you want to send the alerts to multiple addresses G Save G Save Add t Back Then select the Group User Computer Device type or Device depending if you mean a single device or all devices of a certain type and the event that will
59. e Allow Access Custom Class Description allows acces to the selected devices Right Allow Access G Save G Save and Add t Back Delete Note The rights set for a Custom Class will override all the other existing rights for the devices included in the newly created class and they will apply for any Endpoint Protector Client PC Example For the case above we created an Allow Access Custom Class and set Allow access rights to devices of type USB Storage Let s say that USB Storage Devices have Deny access right set on Client PC CIPO Once the custom class 30 My Endpoint Protector User Manual Allow Access Custom Class is created all USB Storage devices will have access even if on the Client PC CIPO they have Deny access This module allows the administrator to setup and enforce strong content filtering policies for selected users computers or groups and take control over the risks posed by accidental or intentional file transfers of sensitive company data such as e Personally Identifiable Information PII social security numbers SSN driving license numbers E MAIL addresses passport numbers phone numbers etc e Financial and credit card information credit card numbers for Visa MasterCard American Express JCB Discover Card Diners Club bank account numbers etc e Confidential files sales and marketing reports technical documents accounting documents customer databases etc To pr
60. e DataTraveler 2 0 DataTraveler 2 0 Kingston 930 6545 08606E69C773ED706965 04 Jul 2014 10 00 E Unknown Device _ I o o 04 Ju2014 09 54 oy E Offline Temporary Password USB Storage Device USB_FLASH_DRIVE p_i E USB_FLASH_DRIVE ADATA 125f cb10 1311804011470018 03 Jul 2014 17 27 amp E EEE Meee Serial Port Communications Port COM1 Communications Port COM1 Standard por 0 0 COM_ACPLPNPOSO1_1_0 03Jul201417 27 4 E USB Storage Device SD MMC SD MMC GENERIC 58f 6364 058F63646476 03 Ju2014 17 27 amp E E gan c Internal CD or DVDRW HL DT ST DVDRAM GH24NS95 SCSI CdRom Devi a S HL DT ST DVDRAM GH24NS95 SCSI CdRom Devi 0 0 CDROM amp VEN_HL DT ST amp P 03 Juk2014 17 27 4 E Drine Cantera Serial ATA Controller Intel R 7 Series C216 Chipset Family SA intel R 7 Series C216 Chipset Family SA 8086 1e03 3811583659808FA 03 Jub2014 11 27 OB Gelen Internal CD or DVDRW TEAC CD 552G TEAC CD 552G Standard CD ROM drives 0 0 CDROMTEAC_CD 552G_74 02Jul201411 30 oy E Online Devices Local Printers HP LaserJet P1005 1 2 0 224 _ HP LaserJet P1005 1 2 0 224 0 0 usb Hewlett Packar 01 Juk2014 16 25 ov E Computer History Local Printers HP Officejet 5600 series m HP Officejet 5600 series 0 0 usb HP Officejet 2 01 Juk2014 16 25 oy E User History Serial Port Communications Port COM1 Communications Port COM1 Standard p 0 0 COM_ACPI_PNP0S01_1_6 01
61. e Logs Report page filtered for the respective Computer Welcome Network Administrator Logout PROTECTOR ER Live Help Online Qa Advanced Search Dashboard Computers History A My Account Filter Device Control Results Content Aware Protection CAP Computer Name Domain WorkGroup IP Computer Location Last Time Online v Actions g Mobile Device Management SaaS WORKGROUP 86 124 96 62 03 Jul 2014 12 47 ow El SS WORKGROUP 86 124 96 62 03 Jul 2014 11 32 ov E esl Offline Temporary Password WORKGROUP 86 124 96 62 01 Jul 2014 16 30 ww E 7 LSS _ gt WORKGROUP 86 124 96 62 01 Jul 2014 09 47 ov E E Reports and Analysis f mn SESE WORKGROUP 86 124 96 62 26 Jun 2014 14 17 ov E Logs Report g n WORKGROUP 86 124 96 62 27 Mar 2014 12 00 amp E Content Aware Report a WORKGROUP 86 35 222 8 16 Dec 2013 10 40 ov E Admin Actions lt WORKGROUP 85 124 96 62 28 Aug 2013 16 51 ow E Online Computers 192 168 0 16 amp E Online Users re Wowwww 192 168 0 1 ov E Online Devices Computer History 10 results 20 x per page HQ Mers Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 8 7 User History This module shows all users that were at least once connected to the server With the help of the Export button the logs can be saved to a csv file while pressing the View User log will show the Logs Report pa
62. e system My Endpoint Protector has an automatic system implemented meaning that it will automatically add any new devices connected to a protected client computers to the My Endpoint Protector database thus making them manageable through the Administration and Reporting Tool interface When an unknown device is connected to one of the client computers the device s parameters are stored in the system database as device data Vendor ID Product ID and Serial Number The user who first used the device is stored as the default user of the device This however can be changed anytime later 16 My Endpoint Protector User Manual MY ENDPOINT PROTECTOR Welcome Network Administrator Logout A Live Help Online Q Advanced Search Dashboard List of Devices eA My Account Filter lt Device Control Results Dashboard Rights Status TD Device Type Device Name Identification Description Last Location Last User Last Connec tion VID PID Serial Number Global All Effective Rights z s 3 gt Serial ATA Controller Intel R ICH8 2 port Serial ATA Storage Intel R ICH8 2 port Serial ATA Storage SESS Gc 26 Jun 2014 1417 E E OE T Serial Port Communications Port COM1 Communications Port COM1 Standard por D c 24 Jun 2014 11 06 EE penas Rights Internal CD or DVD RW HL DT ST RW
63. econds With virtually every PC having easily accessible USB ports the theft of data or accidental loss of data is for individuals a mere child s play Data theft or infecting the company s network through a simple connection is easy and doesn t take more than a minute Network administrators had little chance to prevent this from happening or to catch the responsible user s This was the hard reality until now 2 My Endpoint Protector User Manual 1 1 What is My Endpoint Protector My Endpoint Protector SaaS Endpoint Security as a Service provides device control and data loss prevention to customers who don t have the time and resources to manage their own on premise endpoint security solution My Endpoint Protector allows individuals and companies of all sizes to manage all their endpoints from one centralized online console be it Desktops Notebooks or Netbooks used in the office at home or on the road My Endpoint Protector is eliminating the risks of data loss and data theft that are posed by portable devices like USB Flash Drives Controlling ports and devices through a server in the cloud is the best solution to centrally manage one or more PCs or MACs without having to become an expert in installing and managing servers 1 2 Main Features Your confidential sensitive data is only as safe as your endpoints are My Endpoint Protector offers powerful features in order to control monitor and enforce network a
64. elcome Network Administrator Logout fey MY ENDPOINT PROTECTOR ee Live Help Online C Q Advanced Search Dashboard Generate Offline Temporary Password A My Account A p 5 Device Offline Temporary Password Computer Offline Temporary Password Content Aware Protection Offline Temporary Password Cdl Device Control c t Content Aware Protection CAP iad N A g Mobile Device Management Other Options les Offline Temporary Password Duration 30 min z Offline Temporary Password aa Reports and Analysis GY Generate code Generated Password E ae Passwor d po Downloads B smon My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 7 4 Offline Device Computer and Content Aware Protection Authorization In order to select a device and enter a password the user needs to click on the My Endpoint Protector icon from the system tray The user will select the device from the list and contact the administrator at the displayed contact information I Offline Device Authorization o e Ta ENDPOINT PROTECTOR Select Device Standard port types Communications Port COM GENERIC SD MMC ADATA USB_FLASH_DRIVE Standard CD ROM drives 7 HL DT ST DVDRAM GH24l Code for Administrator Password To authorize a device contact your administrator Contact info Ord444444q administrator emailcompany com Last server connection at MonJun 30 17 38 14
65. et Family SA Port_ 0003 Hub_ 0004 Welcome Network Administrator Logout R Live Help Online Q Event Connected Connected Disconnected Device not TD Disconnected Device not TD Blocked Blocked Blocked Blocked Connected Connected Connected Connected Connected Connected Connected Connected Connected Connected Advanced Search Alerts History v Created at v 17 October 2017 16 25 17 October 2017 16 25 10 October 2017 12 04 10 October 2017 11 20 10 October 2017 11 20 10 October 2017 11 12 10 October 2017 11 12 9 October 2017 10 58 9 October 2017 10 58 9 October 2017 10 58 1 July 2014 16 19 1 July 2014 16 19 30 June 2014 17 21 30 June 2014 17 21 30 June 2014 17 21 30 June 2014 17 21 30 June 2014 10 12 30 June 2014 10 12 30 June 2014 10 12 30 June 2014 10 12 M 4 12345 gt Last login 1 minute ago from your current IP 61 My Endpoint Protector User Manual 9 3 Define Content Aware Alerts Welcome Network Administrator Logout CN MY ENDPOINT PROTECTOR Live Help Online i ooo Q Advanced Search Dashboard List of Content Aware Alerts A My Account i Cdl Device Control 2 5 a 6535553 Client Computer Group Content policy Event Actions Content Aware Protection CAP Any Any Any Any Content Threat Blocked gR g Mobile Device Management es Offline Temporary Password Create E Reports and Analysis fag Alerts Define Alerts Alerts His
66. event sensitive data leakage My Endpoint Protector closely monitors all activity at endpoints and other exit ways e Transfers on portable storage and other media devices USB Drives external hard disks CDs DVDs SD cards etc either directly or through encryption software e g EasyLock e Transfers on local networks e Transfers via Internet E MAIL clients file sharing application Web Browsers Instant Messaging Social Media e Transfers to the cloud iCloud Google Drive Dropbox Microsoft SkyDrive e Transfers through Copy amp Paste Cut amp Paste e Print screens 32 My Endpoint Protector User Manual Note The Content Aware Protection feature requires separate licensing in addition to the My Endpoint Protector license for Device Control 6 1 Content Aware Policies Content Aware Policies are sets of rules for sensitive content detection and blocking enforced on selected network entities users computers groups departments A content aware policy is made up of four elements e Policy Type defines for which type of OS the policy applies Windows or Macintosh e Policy Action defines the type of action to be performed reporting of sensitive content detection or blocking and reporting of sensitive content transfers e Policy Filter specifies the content to be detected including file type filtering predefined content filtering and custom content filtering e Policy Control Points establishes
67. ge filtered for the respective User 56 My Endpoint Protector User Manual Welcome Network Administrator Logout ke MY ENDPOINT PROTECTOR ER Live Help Online Q Advanced Search a My Account Filter Ea Device Control Results Content Aware Protection CAP User Name First Name Last Name Phone E mail Actions E Mobile Device Management a a ow El les Offline Temporary Password ww E UE EENE DEME E Reports and Analysis 8 Lontent Aware Keport 5 a wv E Admin Actions Online Users p ov E Online Devices Se ov E Computer History E e ad Eo v E fag Alerts pi y E Downoad 14results 50 per page O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved 8 8 Device History Similar to Computer and User history all devices that were at least once connected to the server can be found here Logs can be exported to a csv file by pressing the Export button while View Device Log will show the Logs Report page filtered for the respective device Last login 1 hour ago from your current IP Welcome Network Administrator Logout CO aa ET qu Advanced Search Dashboard My Account Filter lt Device Control faiis Content Aware Protection CAP Device Type Device Name identification Last User LastComputer Description TD VID PID Serial Number Last Connection Actions Mobile Device Management USB Storage Devic
68. hanges performed on the page are applied after clicking Save 6 1 1 One or more Content Aware Policy can be enforced on the same computer user or group To avoid any conflicts between the applied rules a prioritization of policies is performed through a left to right ordering The leftmost policy has the highest priority Priority 1 while the rightmost policy has the lowest priority Changing priorities for one or more policies can be performed by moving the policy to the right or to the left with a simple click on the left arrow for higher priority or on the right arrow for lower priority Priorities for Content Aware Policies 34 My Endpoint Protector User Manual 6 1 2 How Content Aware Policies Work Content Aware Protection is a very versatile tool where granular implementation of the desired actions regarding report and or block and report of files can be performed A Content Aware Policy is a set of rules for reporting or blocking amp reporting the selected information All the other options left unchecked will be considered as Ignored by My Endpoint Protector When applying two policies to the same PC it is possible to block one type of file for example PNG files when they are uploaded through Mozilla Firefox while with a second policy to report only PNG files when they are uploaded through Internet Explorer In the same way it is possible to report only files that contain confidential words from a selected di
69. hat a Computer can t take separately a DC license or CAP license instead it will take one DC CAP license Mobile Device Management licenses are used for registering Mobile Devices The licenses are assigned when a new mobile device is enrolled Note When signing up for the first time to My Endpoint Protector you must choose either Trial license or Appetizer license as the account type Only after creating this type of account you will be able to purchase perpetual licenses from the user interface 11 3 1 Trial license The trial license account type can be chosen when signing up for the first time which upon creation will assign 10 day trial licenses for up to 50 computers and 5 mobile devices The trial licenses are assigned on a first in first served basis In case that one or more computers with assigned trial licenses are inactive for a certain interval of time the administrator can manually release those licenses which will automatically be reassigned to other online computers 11 3 2 Appetizer license The appetizer license account type can be chosen when signing up for the first time which upon creation will assign 1 year appetizer licenses for up to 5 computers and 5 mobile devices 11 4 Get a Subscription Here you can simply purchase a subscription For that enter the number of Computers PCs or MACs that you want to protect and the time period for which you want the protection to cover 69 My Endpoint
70. icies for a better control of what data leaves the company network via any removable media or the Internet Reporting and Analysis My Endpoint Protector offers powerful reporting and analysis tools that lets you analyze all activity e g devices connected files transferred etc at the endpoint Network Offline Mode to Support Your Field Employees Offline Temporary Password to allow limited time access to a specific device when the client computer is disconnected from the network Protected PCs that are temporary or frequently disconnected from the network like laptops stay protected based on the last locally saved policy All notifications are transmitted at the next network connection Enforced Encryption TrustedDevices Using Enforced Encryption with TrustedDevices gives the security that all endpoint devices are not only authorized and controlled but also protecting sensitive and confidential data in transit With the use of EasyLock to enforce encryption all data saved is encrypted while in transit 1 3 Controlled Device Types Ports My Endpoint Protector supports a wide range of device types which represent key sources of security breaches These devices can be authorized which makes it possible for the users to view create or modify their content and for administrators to view the data transferred to and from the authorized devices 4 My Endpoint Protector User Manual Removable Storage Devices No
71. inistrative privileges un installation is not possible To assure that your user password is the correct one go to the the Accounts settings in System preferences and try to change your password Here you can find a list of terms and definitions that are encountered throughout the user manual Computers refers to PC s workstations thin clients notebooks which have My Endpoint Protector Client installed File Tracing this feature will track all data that was copied to and from prior authorized portable storage devices File Shadowing this feature saves a copy of all even deleted files that were used in connection with controlled devices on a network storage server Devices refers to a list of Known portable storage devices ranging from USB storage devices to digital cameras LTP COM Serial port storage devices and biometric devices Groups can be groups of devices users or computers Grouping any of these items will significantly help the server administrators to easily manage rights and settings for them Endpoint can be a Personal Computer a Workstation you use at the office or a Notebook An endpoint can call and be called It generates and terminates the information stream TrustedDevices portable storage devices that carry a seal of approval from the My Endpoint Protector Server and can be used according to their level 1 4 For more information please see Enforced Encryption with TrustedDevices
72. line Users Online Devices Computer History Similar to the Dashboard this module displays usage statistics on past and current activities but with more details Alerts Allows the creation of Alerts notifications set up by administrators which will alert them if a certain device was connected or accessed a certain user performed a certain action etc Please see paragraph 9 Alerts for more details 9 My Endpoint Protector User Manual A Alerts Define Alerts Alerts History Define Content Aware Alerts Content Aware Alerts History Define MOM Alerts MDM Alerts History Offline Temporary Password Here Offline Temporary Passwords can be defined as described in paragraph 7 Offline Temporary Passwords J Offline Temporary Password Offine Temporary Password My Account Information related to your account can be managed here D My Account Profile Details My Subscriptions Get a Subscription Client Software Upgrade Client Uninstall Supported operating System Windows 8 all versions 32bit 64bit Windows 7 all versions 32bit 64bit Windows Vista all versions 32bit 64bit Windows XP Home or Professional Service Pack 2 is recommended Mac OS X 10 4 and 10 5 Administrative rights on the PC to install the MSI package Fully functional internet network connection 1 GHz processor or faster recommended Minimum of 256 MB RAM 32 MB of available memory on the hard
73. ministrator Logout Ca Advanced Search My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP Defining custom settings for all computers is not necessary since a computer is perfectly capable of functioning correctly without any manual settings defined It 22 My Endpoint Protector User Manual will do this by either inheriting the settings of a group to which it belongs or if not possible the global settings which are mandatory and exist in the system with default values 5 9 Modes for Computers and Groups My Endpoint Protector features several functionality modes for computers and groups These modes can be set through Computer Settings Group Settings or Global Settings applied by default You can change these at any given time Normal Normal Transparent Stealth Panic Hidden Icon Silent There are six modes from which you can choose Normal Mode default mode of Endpoint Protector Transparent Mode Stealth Mode Panic Mode Hidden Icon Mode Silent Mode 5 9 1 Transparent Mode This mode is used if you want to block all devices but you don t want the user to see and know anything about My Endpoint Protector activity no system tray icon is displayed no system tray notifications are shown everything is blocked regardless if authorized or not Administrator receives alerts
74. mming Files IV All V c cpp java IV py JV sh csh JV bat cmd JV pas vV xml dtd More File Types Other Files IV All V AutoCAD files V Text files JV DRM Files JV exe sys dll V so V Unidentified More File Types Media Files IV All V mov J mp3 V m4a JV wav vV wma IV avi More File Types G Save e Back Delete Note As many files e g Programming Files are actually TXT files we recommend more precaution when selecting this file type to avoid any undesired effects The Predefined Content Filter displays a list of predefined items to detect from credit card information to Personal Identifiable Information The Content Aware Protection module offers the option of Localization meaning that you can select specific formats for a list of countries for information such as Driving License ID Phone Number and Social Security Number By leaving unchecked this option all formats will be detected by the Content Aware Protection agent File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Policy Action will apply to selected Predefined Content for ALL File Types regardless of the selected File Type Filter Credit Cards 7 Al V Amex Diners Discover V JCB Mastercard Visa Personal Information All Driving License J E mail y Health Insurance Number J IBAN Passport Phone N
75. n the e mail that you will receive 7 My Endpoint Protector User Manual 2 1 2 Login To login to your My Endpoint Protector Account you need to enter your username and password here https my endpointprotector com 2 1 3 Forgot your Password In case you forgot your username and or password or both please provide your e mail address that you used in the registration process after clicking Forgot your password Then your password will be reset and a new password will be sent to you 2 1 4 Logout To Logout of your My Endpoint Protector Account simply click the Logout button located on the top right corner of the Administration and Reporting Tool 2 2 Online Administration and Reporting Tool In the online cloud based Administration and Reporting Tool you can manage the behavior of your protected computers and get the information regarding their device activity Access to Administration and Reporting Tool is restricted by a user password pair and requires you to login After login into My Endpoint Protector you will see the available modules Dashboard Lets you view statistics of the server such as the number of clients and devices currently connected the total number of protected computers last logged action newest added client etc and also provides shortcuts to the essential management tools EN I Wetcome Network Administrator Logout PROTECTOR BAB Live Help Online i Qq Advanced Search Da
76. nce you do that the Device Wizard will appear allowing you to select the device s you wish to manage 18 My Endpoint Protector User Manual Device Wirard e USB Video Device Suyin Corp 7T5256M F 24 120 JETFLASH Deny Access DATATRAVELER 2 0 KINGSTON m DATATRAVELER 2 0 KINGSTON HL DT ST DVDRAM GSA T50N Standard CD ROM drives U Read Only Access Atheros ARSB91 Wireless Network Adapter Atheros Allow Access if TD Level 1 Allow Access if TD Level 2 allow Access if TD Level 3 Allow Access if TD Level 4 Selecting a device will allow you to select one of the rights for that device Device Wizard x USB Video Device Suyin Corp 7T5256M JF 24 120 JETFLASH 3 Deny Access DATATRAVELER_ 0 KINGSTON 3 a CESS DATATRAVELER _2 0 KINGSTON Allow Access HL DOT ST DVDRAM GSA T50N Standard CD ROM drives i Read Only Access Atheros ARSB91 Wireless Network Adapter Atheros Allow Access if TD Level 1 Allow Access if TD Level 2 Allow Access if TD Level 3 Allow Access if TD Level 4 Click Save to store your changes The device s you selected will appear in the Already Existing Devices section Already Existing Devices DATATRAVELER _2 0 KINGSTON Allow Access Use Whitelist 2 69 To add more devices simply repeat the steps mentioned above To change or delete added devices use either Rights Wizard or Remove action buttons
77. nd endpoint security 1 Centrally manage your endpoint device use from anywhere 2 No server setup hardware licenses or maintenance 3 Enterprise class endpoint security for every size company 4 Manage one or hundreds of PC or MAC endpoints from one online place 5 Every PC user can set it up No experienced Admin needed 6 Setup in minutes 7 Works with any PC or MAC that has an internet connection Centralized web based Device Management Dashboard Network administrators have the ability to centrally manage and authorize the use of devices The My Endpoint Protector Dashboard is designed to meet the needs of both management and security staff and offer access to real time information charts and reports about organization wide controlled device and data transfer activity All in an integrated single view and web based Administration and Reporting Tool 3 My Endpoint Protector User Manual Enforcement of your Device use Policy Simple device management policies with customizable templates help define User Group permissions to allow for an efficient enforcement and maintenance of your latest security policies across your network Enforce internal device use policies with ease Comply with government regulations industry standards and IT governance in regard to data breach prevention and management has just become easier Content Aware Protection Separate module which allows creating and enforcing strong content aware pol
78. ne Q Advanced Search Dashboard Managemen t of Global Settings Group a My Account Senne Global fd Device Control Description Global Group including all the machines Dashboard Global Rights General Settings Effective Rights Global Settings Mode Normal vices Notifier Language English X Device Rights Computers Rights Functionality Computer Rights Users Computer Rights HE User Rights Gr pane Rights Both Rights Custom Classes Priority Computer Rights User Rights Content Aware Protection CAP 5 7 g Mobile Device Management Note The test e mail will be sent to administrator email company com Type SMTP les Offline Temporary Password rer Hostname Example smtp cososys com E Reports and Analysis SMTP Port 25 Example 25 Gmail uses port 465 for SSL and 587 for TLS STARTTLS ZE Alerta Require SMTP Authentication Username E o ee Example Your full email address nduding gmail com or your_domain com 4 Downloads Password pe eeeeeecee Your SMTP password Encryption Type None z Example None SSL or TLS STARTTLS B swn Send test e mail to my account Client Software Windows and Mac Uninstall Protection Password G You have defined an uninstall password Password Clear Password G Save t Back E My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 5 4 Devices In this module the administrator can manage all devices in th
79. ng x Thunderbolt Preserve global setting z Webcam Preserve global setting x Network Share Allow Access x iPhone Preserve global setting x Already Existing Devices G Save Restore Global Rights t Back My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 4 hours ago from your current IP 26 My Endpoint Protector User Manual Dede Groups This module is responsible for editing groups Edit Manage Rights Manage Settings and Delete are the commands available from this section Welcome Network Administrator Logout D MY ENDPOINT PROTECTOR R Live Help Online Q Advanced Search Dashboard List of Groups ay My Account i am Device Control nee oe All Name Description Domain Modified at Modified by Actio Global Rights Bravaria Financial Depoartment This group belongs to the financial depa 30 Jun 2014 14 45 07 ZAAG Sts Marketing Department This group belongs to the marketing depa 30 Jun 2014 14 46 38 gR a A dse E Sales Department This group belongs to the sales deparmen 30 Jun 2014 14 46 55 FAAO Device Rights E 3 results 20 x per page Computer Rights 6 Create Delete Back User Rights Groups Group Rights Custom Classes co Content Aware Protection CAP g Mobile Device Management esi Offline Temporary Password E Reports and Analysis fag Alerts Downloads O Support My Endpoint Protector Cop
80. nnennsnrnns 14 Jae GODA SO erario E A AA 15 Sf WCVICSS ancecaasacces neeeeaesenetaueasecteassgactecesgaacseaaderares jecaasa ces 15 5 5 Device Rights Functionality scccceurcmrananeeerscanscannsewensnnauneaeeees 16 5 5 1 Give Deny Access to Devices s sssssssssnsesnrsrsnsnsrrnrsnnnss 17 5 5 2 Enable Device Read Only ACCeSS ssssesssrsrnsnsrrererrsrenas 19 5 5 3 TrustedDevice Level 1 to Level 4 ssssssssssssnssrssnssnssnnnas 19 5 5 4 WiFi Block if wired network iS PreSent cccceeeeeeeeeeeeees 19 Dae COMPULSI acewctewav nev ewau byes cvatiewatenexeuaeeuadeueryuawenerevadouaiewases 19 5 6 1 Computer Self REGISU AO Mikeunctcesssartsersssedeevisasneeeeseeserias II My Endpoint Protector User Manual Died e COMpu ter RIGAS winncreee cuca vivasaceeeeusaeuvaes sn a a aa a 20 Jos COMPU SOEN necensteccceneserenscecsnaenccessesccesercesseracecacecews 21 5 9 Modes for Computers and GroupS csessseeuueeeuueeuueeenueenuees 22 5 9 1 Transparent MOG sc icctsintsarnctacasthesenesenieantsaintaderentencasdiada 22 2 O AN MOGO ween tee secssenawecustecuertenccecestatcncesenawects teaver scene 23 ka Pane OCG aorta tere esc gre es ic eee see eee epee eee pe eee er 23 Bros PMaden ICO MOGE rerigen nanira Er EAER EEE 23 5 99 55 Sillet MOOG isinisisi reirriiireinin kreDi iioii iieii Dni 23 SAU TE E E EE S 24 Sel LU Er RION S a a A A 295 oe GOUD eraa ET 26 513 Group RIGS paeronia anna a A A 27 5 14 Group SettingS sss
81. nt Global Settings First Name Devices Last Name Device Rights Computers Device Types Computer Rights Unki D Preserve se iPad Preserve se fae nknown sonal global tting e a global tting e USB Storage Device Allow Access x iPod Preserve global setting x Group Rights Internal CD or DVD RW Preserve global setting z Serial ATA Controller Preserve global setting x Custom Internal Card Reader Preserve global setting x WiFi Preserve global setting z AN i Content Aware Protection CAP Internal Floppy Drive Preserve global setting x Bluetooth Preserve global setting z g Mobile Device Management Local Printers Preserve global setting v FireWire Bus Preserve global setting v Windows Portable Device Media Transfer Protocol Preserve global setting x Serial Port Preserve global setting x Offline Temporary Password isa am Digital Camera Preserve global setting x PCMCIA Device Preserve global setting x T Reports and Analysis BlackBerry Preserve global setting x Card Reader Device MTD Preserve global setting z faa Alerts Mobile Phones Sony Ericsson etc Preserve global setting x Card Reader Device SCSI Preserve global setting SmartPhone USB Sync Preserve global setting x ZIP Drive Preserve global setting x s Downloads SmartPhone Windows CE Preserve global setting x Teensy Board Preserve global setting z O Support SmartPhone Symbian Preserve global setti
82. ons 5 5 Device Rights Functionality Endpoint Protector can handle a wide variety of devices and device types and offers several methods of usage for each device in particular These can be found by accessing Manage Rights and selecting one of the relevant Rights available Q 17 My Endpoint Protector User Manual Depending on the network policy administrators can use the following settings Deny access to devices Allow access to devices Enable read only access TrustedDevice Level 1 to Level 4 applies to USB Storage Devices only Block if wired network is present applies to WiFi device control only Preserve global setting reserve global setting Read Only Access Allow Access if device is Trusted Device Level 1 Allow Access if device is Trusted Device Level 2 Allow Access if device is Trusted Device Level 3 Allow Access if device is Trusted Device Level 4 5 5 1 Give Deny Access to Devices With this option the administrator can give or deny complete access to a certain device making it usable or obsolete for a certain group or computer The administrator can configure these settings for each device individually and can also choose for what computer s and group s they will apply to Select the device computer or group you wish to manage rights for and click the plus button at the bottom of the page under Already Existing Devices Already Existing Devices GHsave 4 Back O
83. orts Windows 2000 XP Vista 7 8 and Mac OS X 10 5 so you can even transport your files in a protected way between a PC or Mac computer 1 Download or copy directly to your USB storage device 2 Simple installation setup procedure 3 Set your password and you are ready to copy amp paste or drag amp drop files to protect them Windows MAC OS 10 5 My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP 11 My Account 11 1 Profile Details Personal information can be stored in this module You can change this information anytime Welcome Network Administrator Logout reS MY ENDPOINT PROTECTOR E Live Help Online Q Advanced Search Dashboard Edit Profile m My Account Login Information Profile Details User My Subscriptions Get a Subscription Unique ID Client Software Upgrade aand Client Uninstall New Password Confirm New Password Gal Device Control To create a se we recommend induding a combination of letters and numbers e a secure password Also the password needs to be at least 8 characters long Content Aware Protection CAP Personal Information CJ Mobile Device Management Salutation Mr les Offline Temporary Password First Name Network Last Name Administrator E Reports and Analysis Company Company VAT ID 123456789 BQ Aerts Phone oe Fax 074
84. porary Pa a USB Storage Device Allow A No Defined on Computer USB Storage Device Allow Access No Defined on Computer E T Reports and Analysis USB Storage Device Allow Access No Defined on Computer USB Storage Device Deny Access No Defined on Computer S fag Alerts USB Storage Device Allow Access No Defined on Computer ST USB Storage Device Allow Access No Defined on Computer es s Downloads USB Storage Device Port_ 0003 Hub_ 0004 Allow Access No Defined on User USB Storage Device Read Only Access No Defined on User O Support USB Storage Device Allow Access if TD Level 1 No Defined on User USB Storage Device Allow Access No Defined on User EE USB Storage Device Deny Access No Defined on User oe USB Storage Device Allow Access No Defined on User USB Storage Device Allow Access No Defined on User SS ExporttoPDF My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP 15 My Endpoint Protector User Manual 5 3 Global Settings This module holds the global settings which influence all computers within the system If there are no settings defined for a computer and it does not belong to a group these are the settings it will inherit If the computer belongs to a group then it will inherit the settings of that group Welcome Network Administrator Logout gt MY ENDPOINT PROTECTOR Live Help Onli
85. ppliance a hardware appliance device control solution for small and medium sized companies and enterprises Endpoint Protector a client server device control solution for small and medium sized companies Endpoint Protector Basic a standalone solution to secure PCs and MACs locally Endpoint Protector Basic has no server or online management console They offer great advanced features such as File Tracing File Shadowing File Whitelisting AD integration And many more More information can be found here 17 Support In this module you can download the user manual contact support if you need additional help find out what s next on our TO DO list visit our website and more You can consult the FAQ database by following this link http www endpointprotector com en index ph roducts How it Works My E ndpoint Protector or http www cososys com help htm You can also chat with an endpoint security technician using the Live Help feature of My Endpoint Protector Live Help Online Even if you do not have a problem but miss some feature or just want to leave us general comment we would love to hear from you Your input is much appreciated and we welcome any input to make computing with portable devices safe and convenient 18 Important Notice Disclaimer Security safeguards by their nature are capable of circumvention CoSoSys cannot and does not guarantee that data or devices will
86. r Manual MY ENDPOINT Welcome Network Administrator Logout PROTECTOR E Live Help Online Q Advanced Search Edit Computer Rights Dashboard My Account A Currently the system is using both computer and user rights user rights have priority Device Control Dashboard Computer Global Rights Effective Rights Computer Name TestPC Global Settings Location Devices Device Rights Device Types Computers Computer Rights Unknown Device Preserve global setting x iPad Preserve global setting x Users USB Storage Device iPod ji User Rights Allow Access x Preserve global setting x Gr Internal CD or DVD RW Preserve global setting x Serial ATA Controller Preserve global setting x Group Rights internal Card Reader Preserve global setting i WiFi Preserve global setting i Custom Classes Internal Floppy Drive Preserve global setting Bluetooth Preserve global setting x Content Aware Protection CAP Local Printers Preserve global setting x FireWire Bus Preserve global setting z E Mobile Device Management Windows Portable Device Media Transfer Protocol Preserve global setting x Serial Port Preserve global setting x Digital Camera Preserve global setti PCMCIA Device Preserve global setti iss Offline Temporary Password te a _ zl BlackBerry Preserve global setting x Card Reader Device MTD Preserve global setting z E Reports and Analysis Mobile Phones Sony
87. rd E Reports and Analysis Enter device code case sensitive BQ Aers Other Options Downloads Duration 30 min z B smon G Generate Code My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP The administrator can either search for an existing device using the search wizard Search for device PS or in case the device is not already in the database he can introduce the device code communicated by the client user explained in bellow paragraph After selecting the duration the password will be generated by clicking Generate Code button Another way to generate a password is by selecting a client computer from Device Control gt Computers list with the action Offline Temporary Password Generate Offline Temporary Password Computer Details Computer Name coso IP 188 MAC Address 00 1b 24 64 06 05 Domain Workgroup MSHOME Devices Search for device hp LaserJet 1010 2 or Enter device code Other Options Duration 30 min G Generate Code Generated Password Password 220i 48 My Endpoint Protector User Manual The obtained password will be communicated to the user for temporarily allowing his specific device as explained below 7 2 Computer Offline Temporary Password Welcome Network Administrator Logout ie MY ENDPOINT l PROTECTOR FR Live Help Online Qa Advanced Search Dashboar
88. rmal USB Flash Drives U3 and Autorun Drives Disk on Key etc USB 1 1 USB 2 0 USB 3 0 Wireless USB LPT Parallel ports By controlling the Parallel ports of a PC using My Endpoint Protector the network administrator can deny or allow users access to storage devices connected to these ports APPLIES ONLY TO STORAGE DEVICES Floppy disk drives Access to floppy disk drives can be managed through My Endpoint Protector and can be turned on off completely Memory Cards SD Cards MMC Cards and Compact Flash Cards etc These devices can be enabled disabled via My Endpoint Protector Card Readers internal and external These devices can be enabled disabled via My Endpoint Protector CD DVD Player Burner internal and external These devices can be enabled disabled via My Endpoint Protector Digital Cameras These devices can be enabled disabled via My Endpoint Protector Smartphones Handhelds PDAs This category includes Nokia N Series Blackberry and Windows CE compatible devices Windows Mobile devices etc iPods iPhones iPads These devices can be enabled disabled via My Endpoint Protector MP3 Player Media Player Devices These devices can be enabled disabled via My Endpoint Protector 5 My Endpoint Protector User Manual External HDDs portable hard disks These devices can be enabled disabled via My Endpoint Protector FireWire Devices These devices can be enabled
89. s e File read write a file located on a portable device was opened and edited changes were saved to the file e File renamed a file located on a portable device has been renamed e File delete a file located on a portable device has been deleted 79 My Endpoint Protector User Manual e Device TD means that a device is registered as a TrustedDevice and has access to files accordingly e Device not TD means that a device is not trusted and does not have automatic access to files e Delete refers to computers users groups alerts and devices the action of removing any of these items from the list e Enable read only refers to devices the action of allowing access to devices but disabling the ability to write on them User s can copy files from device s but cannot write anything onto the device Enable if TD Level 1 4 refers to TrustedDevices grants the device access if the device is a level one two three or four The Endpoint Protector Product family offers device control and endpoint security for any environment for home PCs or MACs medium sized offices or even entire enterprise networks My Endpoint Protector is part of it and offers your home and office PCs and MACs the best solution to control the use of portable devices on your protected computers so you data cannot be copied unauthorized to unwanted devices Other products from the Endpoint Protector Product family are Endpoint Protector A
90. shboard General Dashboard Start Page Endpoints and Mobile Devices Most Active Users of connected devices Installation Files amp Enrollment Search 6 7 T Account Windows 32bit XP Vista 7 8 w 12 Windows Gebit XP Vista 7 Device Control 3 9 Mac OS X 10 5 Content Aware Protection CAP a s s 7 OS Device Enrolment ESEE EE smato seeme 0 Mobile Device Management as Windows Macs os Osx Android z Android Device Enrolment Offline Temporary Password B Reports and Analysis Most Active Users of transfers blocked Passcode Protected Mobile Devices Latest News aq Alerts Setter visibility increased control 24 Jun 2014 With Admin Actions now being logged My EPP client remote un instaiment and Enforced Encryption for Removable Storage Devices for Mac OS X the new version of My Endpoint Protector offers verybody s 540 4 Downloads 339 B Support e2 EL 3 say i a USB Storage Device USB_FLASH_DRIVE 2014 06 20 10 13 12 Serial ATA Controter intel 7 Series C216 Chipset Family SATA AHCI Controler 1 03 2014 06 30 10 13 12 intel 7 Seriea C216 Chipset Famiy SATA AHCI Controtier 1 03 2014 06 30 10 13 12 USB Storape Device USB_FLASH_DAIVE 2014 08 20 10 13 12 USB Storage Device USB_FLASH_DRIVE 2014 06 20 10 13 05 USB Storage Device Port_ 0003 Hub_ 0004 2014 06 20 10 12 39 We RTLS723A 4 0 High Speed Chip 2014 05 30 10 12 34 Connected DEAPAD PC WINS 6 12496 62 Connected DEAPAD PC WING
91. sponding to the Content Aware Policies applied and at what time This information also contains the computer name user and transfer destination type the action taken and the file inspected The included granular filter is designed to make finding information quick and easy Welcome Network Administrator Logout eg M ENDPOINT a PROTECTOR s nline Q My Account i Device Control Results Content Aware Protection CAP Benoa tvent Name Client Computer IP Chent Content Destination Type Destination fie hame File Matched ttem item Type Item Details Date Time Server Date Time Client os Count Address User Policy Size z Type Mobile Device Management Content Threat Detected 5E 86 124 95 62 xmmm tinno USB Storage Device USB_FLASH_DRIVE E zap_epoibiestidecimahesidata exp decTest 37 86 KS text plain File Type Text fies 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Content Threat Detected meee 86 124 96 62 oem tinno USB Storage Device USB_FLASH_DAIVE E zap_epoibiestdeciratesidata exp decTest 37 86 K mic ukibmcom Predefined Content reguiar expression 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Offline Temporary Password Content Threat Detected 86 124 96 02 Do tinho USB Storage Device USB_FLASH_DRIVE E rap_eppiiblestidecimatestdata dqTobtegral decTest 11 69KB mfc ukibmcom Predefined Content reguir expression 24 Jun 2014 12 02 10 10 Oct 2017 12 03 05 Windows 2 Content Threat Detected 866 124 9662 Set tinho USB Storage Device
92. ssssssssssrnrnsrsrrnnnnrnrnrnsnrnnnnrnrnrnsnrnrrnenne 28 gb CUC ON Ea SEE e a e EEE EEES EEEE ere ere 28 6 Content Aware Protection s sssssssrssrssnas 31 Ol CONTENT AWare POUCICS cnsscrcsncescrenencrdecunececreimeercreimeerarenenss 32 6 1 1 Priorities for Content Aware PONCICS ciiicsccnsetestvecksenncewersanas 33 6 1 2 How Content Aware Policies Work sssssssssssrssrrssrssrrssrens 34 6 1 3 Types of Content Aware POIICi S cccccesseeseeeeeeeeeeeeeeenes 35 6 1 4 Setting up Content Aware Policies sesssssserensnsrrnrerrrrrrns 36 6 2 Custom Content Dictionaries s sssssssresssrrsrerrsrenrnrrnrerane 41 6 3 Content Aware URL WhiteliStS cccccceceeee eee eee renee neers 42 6 4 Content Aware Domain Whitelists ccccccceee cece reer rere rere es 42 6 5 Content Aware Regex Regular ExpreSSiOns ccceeeeeeeeeee 43 6 6 How Content Aware Protection works for monitored Applications ONNE SSP CS io ceceet cece este wees we ste ee et et ee ee ee ee 44 7 Offline Temporary Password ceeceeeeeees 46 7 1 Device Offline Temporary PaSSWOTFd cccccesseeuueeuueeenseeauees 46 7 2 Computer Offline Temporary Password cseeeeeeeeeeeeeeeeeees 48 7 3 Content Aware Protection Offline Temporary Password 48 7 4 Offline Device Computer and Content Aware Protection Authorization enn 49 III My Endpoint Protector User Manual 7 5 Setting the Administrator Contact Information
93. t 2017 12 03 04 Content Threat Detected LESS Eee USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqNextPlus decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 as Alerts Content Threat Detected LESS ees USB Storage Device USB_FLASH_DRIVE E zap_eppjlib test decimaltestdata dqScaleB decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Define Alerts Content Threat Detected LIES es USB Storage Device USB_FLASH_DRIVE E zap_eppilib test decimaltestdata dqScaleB decTest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Alerts History Content Threat Detected DEES es USB Storage Device USB_FLASH_DRIVE E zap_eppllib test decimaltestdata dqScaleB dectest tinho File Type text plain Text files 10 Oct 2017 12 03 04 Define Content Aware Alerts Content Threat Detected LEE Gee USB Storage Device USB_FLASH_DRIVE E zap_eppj lib test decimaltestdata dqSameQuantum decTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 tA Content Threat Detected LIES Gees USB Storage Device USB_FLASH_DRIVE E zap_eppjlib test decimaltestdata dqSameQuantum dectest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 Define MDM Alerts Content Threat Detected LESSEE ees USB Storage Device USB_FLASH_DRIVE E zap_epp lib test decimaltestdata dqSameQuantum dectTest tinho Predefined Content mfc uk ibm com regular expression 10 Oct 2017 12 03 04 MDM Alerts
94. ted for TrustedDevice Level 3 Level 4 Maximum security for military government and even secret agent use Level 4 TrustedDevices include strong hardware based encryption for data protection and are independently certified e g FIPS 140 These devices have successfully undergone rigorous testing for software and hardware Requires special hardware that is available primarily through security focused resellers 13 1 How a Level 1 TrustedDevice Works User connects Device to My Endpoint Protector protected Client PC Device is blocked by My Endpoint Protector default action Device is checked for authorization If device is an authorized TrustedDevice Level 1 the EasyLock software on Device will automatically open User can transfer files via Drag amp Drop in EasyLock from the PC to the TrustedDevice Data transferred to devices is encrypted via 256bit AES User cannot access the device using Windows Explorer or similar applications e g Total Commander User does not have the possibility to copy data in unencrypted state to the TrustedDevice TrustedDevice implies that the devices offer a safe risk free environment to transfer sensitive data Administrator can audit what user with what device on what PC has transferred what files 73 My Endpoint Protector User Manual lowe EasyLock Software for TrustedDevices Level 1 EasyLock allows portable devices to be identified as TrustedDevices and protec
95. test e mail will be sent to administrator email company com le Offline Temporary Password Eal Tpe _ Hostname m Example smtp cososys com E Reports and Analysis SMTP Port 25 Example 25 Gmail uses port 465 for SSL and 587 for TLS STARTTLS ZE Aat Require SMTP Authentication E Username as Example Your full email address induding gmail com or your_domain com Downloads Password O eooooooooo Your SMTP password Encryption Type None Example None SSL or TLS STARTTLS O Support Send test e mail to my account m Client Software Windows and Mac Uninstall Protection Password Password Clear Password G Save t Back My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP My Endpoint Protector users can check the status of their Computers and Device use with the My EPP App for iPhone iPad and iPod touch dseconnected USB2FLASHSTO Blocked USB2FLASHSTORAGE is Device not TD USB2FLASHSTO gt rs Connected USB2FLASHSTORAGE gt Blocked USB2FLASHSTORAGE gt je Device not TD USB2FLASHSTO C connected USB2FLASHSTORAGE gt disconnected FMI3VER_S 1 10 gt The App can be installed through iTunes search for My EPP The App is available directly here Protecting Data in Transit is essential to ensure no third party has access to data in case a device is lost or stolen The Enforced Encryption solu
96. testdata dqRotate decTest 20 2KB textiplain Fie Type Text fies 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows t Content Threat Detected Om EE GG 12696 62 u tmho USB Storage Device USB_FLASH_DAIVE E zap_eppiibfestidecrrabesidataiiqhemanderNeardecTest 29 94 KB mfic ukibmcom Predefined Content reguisr expression 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 Support Content Threat Detected Sm a 06 124 96 62 Soe tnho USB Storage Device USB_FLASH_DAIVE EJzap_eppibiestideoma estdatajdgRemanderNear decTest 29 94 KB text plain Fite Type Text fies 24 Jun 2014 12 02 09 10 Oct 2017 1203 04 Windows 1 Content Threat Detected DEED 86 124 96 62 mmm mho USB Storage Device USB _FLASH_OANME EJ zap_eppiibfestidecrmatesidata dqhemander decTest 26 33 K8 mfc ukimmcom Predefined Content reguisr expression 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 Content Threat Detected 86 124 96 62 Net tinno USB Storage Device USB_FLASH_ORIVE E Jzap_eppibdiestdecmakestdata dqRemander decTest 26 33 KS text plain File Type Test fies 24 Jun 2014 12 02 09 10 Oct 2017 12 03 04 Windows 1 48137 results 20 per pagel M 4 12345 H Export t Back My Endpoint Protector Copyright 2004 2014 CoSoSys Lid All rights reserved Last login 1 hour ago from your current P 52 My Endpoint Protector User Manual The administrator has the possibility of exporting both the search results and the entire log report as a CSV file which can later be printed out for det
97. the Add New button To populate the content of a newly created dictionary items of at least three characters might be entered either manually separated by comma semicolon or new line or directly imported from an Excel file by pressing the Import Dictionary button An example of a Custom Content Dictionary populated with Financial Terms is shown below Custom Content Dictionaries Show all departments List of Dictionaries Dictionary Name Dictionary Description Created at Created by Modified at Modified by Words Items Actions Confidential Dictionary List of Confidential Terms root root 102 A E amp Add New Dicti Inf ti Dictionary Name Confidential Dictionary Dictionary Description List of Confidential Terms Dictionary Content separated by new line comma or Agak Rahasia a semicolon Armee intern od dienstlich Interne au service E Import Dictionary El Export As Delete 42 My Endpoint Protector User Manual Once a new dictionary is created it will be automatically displayed inside the Custom Content tab when creating a new or editing an existing Content Aware Policy The Content Aware Protection module comes with a predefined set of dictionaries 6 3 Content Aware URL Whitelists URL Whitelists are custom defined lists of web addresses where uploading of confidential information will be allowed by My Endpoint Protector This feature works on Internet Explorer Content Aware URL Whitelists Show all depar
98. the transfer destinations to be monitored For example a policy can be setup for the Financial Department of the company to block Excel reports sent via E MAIL or to report all transfers of files containing personally identifiable and financial information e g credit card numbers E MAILS phone numbers social security numbers etc Financial Priority 4 File Types Predefined Content Custom Content Additionally each company can define its own sensitive content data lists as Custom Content Dictionaries corresponding to their specific domain of activity targeted industry and roles To ease this task the Content Aware Protection module comes with a predefined Custom Content Dictionary that covers the most used sets of confidential terms and expressions Exactly like for Device Control policies the Content Aware policies continue to be enforced on a computer even after it is disconnected from the company network 33 My Endpoint Protector User Manual The administrator can easily create and manage Content Aware Policies application inside the network from the Content Aware Protection gt Content Aware Policies submenu option fe MY ENDPOINT PROTECTOR Welcome Network Administrator Logout ER Live Help Online Q Advanced Search Dashboard Content Aware Policies ay My Account i k Device Control Show Help Content Aware Protection
99. tion gives administrators the possibility to protect confidential data on portable devices in case of loss or theft If a TrustedDevice fails to get authorization from the My Endpoint Protector server then it will not be usable How does it work Enforcing Encryption can be done by using TrustedDevices TrustedDevices must receive authorization from the My Endpoint Protector server otherwise they will be unusable There are four levels of security for TrustedDevices Level 1 Minimum security for office and personal use with a focus on software based encryption for data security Offers companies already regulatory compliance Any USB Flash Drive and most other portable storage devices can be turned into a TrustedDevice Level 1 with EasyLock Software from CoSoSys No hardware upgrade is required Level 2 Medium security level with biometric data protection or advances software based data encryption Requires special hardware that includes security software and that has been tested for TrustedDevice Level 2 Hardware is widely available in retail stores Level 3 High security level with strong hardware based encryption that is mandatory for sensitive enterprise data protection for regulatory compliance such as SOX HIPAA GBLA PIPED Basel II DPA or PCI 72 My Endpoint Protector User Manual 95 46 EC Requires special hardware that includes advanced security software and hardware based encryption and that has been tes
100. tments URL Whitelists URL Whitelist Name URL Whitelist Description Created at Created by Modified at Modified by Words items Actions Default URL Whitelist Default URL Whitelist root root 0 gR 3 Add New Edit Dictionary Information URL Whitelist Name Default URL Whitelist URL Whitelist Description Default URL Whitelist URL Whitelist Content separated by new line comma or semicolon G Save import Whitelist E Export As Delete Once a new URL whitelist is added it will be automatically displayed inside the URL Whitelists tab 6 4 Content Aware Domain Whitelists Domain Whitelists are custom defined e mail addresses to which sending of confidential information will be allowed by My Endpoint Protector This feature works on Microsoft Outlook and Mozilla Thunderbird 43 My Endpoint Protector User Manual Content Aware Domain Whitelists Show all departments Domain Whitelists Domain Whitelist Name Domain Whitelist Description Created at Created by Modified at Modified by Words iItems Actions Default Domain Whitelist Default Domain Whitelist root root 2 g ol Add New Edit Domain Whitelist Content Content Aware Domain Whitelists works only for Outlook and Thunderbird on Windows Domain Whitelist Name Default Domain Whitelist Domain Whitelist Description Default Domain Whitelist Domain Whitelist Content endpointprotector com support cososys com G Save import Whitelist g Export As
101. to set notifications Alerts for Devices Computers Groups and Users making monitoring them easier An Alert will trigger an e mail that will be sent to the selected administrator s which are intended to receive the alerts You can set up device related activity alerts in the System Alerts gt Define System Alerts module in Endpoint Protector The Define Content Aware Alerts option will allow administrators to set special alerts for sensitive content detection and transfer blocking Before you can create an E MAIL alert you must configure the server host and provide a user name and password to that mail server You can do that by accessing Global Settings in the Device Control module E mail Server Settings Note The test e mail will be sent to administrator email a Example smtp cososys com SMTP Port 25 Example 25 Gmail uses port 465 for SSL and 587 for TLS STARTTLS Example Your full email address including gmail com or your_domain com LLLI Your SMTP password None Example None SSL or TLS STARTTLS You can also verify if your settings are correct by checking the box next to Send test E MAIL to my account The test E MAIL and the Alerts will be sent to the E MAIL address configured in the My Account gt Profile Details gt E Mail 1 field Click Create to start creating the first alert D Create 58 My Endpoint Protector User Manual Alert fields Group
102. tory Define Content Aware Alerts Content Aware Alerts History Define MDM Alerts MDM Alerts History le Downloads Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 minute ago from your current IP To create a new Content Aware Alert corresponding to the policies defined in the Content Aware Protection module go to Define Content Aware Alerts submenu option and click Create Then select the Group Client Computer User that you want to monitor the Content Aware Policy to be considered and the event that will trigger the notification The filter is designed to make finding information quick and easy Example if you want to be notified when a file containing credit card information is attached to an E MAIL on one of the Financial Departments computers you must set up an alert choosing the Financial Department as the monitored entity the Content Aware Policy that inspects documents for that type of information and finally selecting the Content Threat Detected event from the events list Note Before creating the alert make sure that the selected Content Aware Policy is enabled on the chosen Computer User Group or Department 62 My Endpoint Protector User Manual 9 4 Content Aware Alerts History A history of the content aware alerts is kept in this tab for later auditing Each event that triggers a content aware alert will be saved here Administrators
103. trigger the alert You can add up to five 5 E MAIL addresses to which the alert s will be sent Example if you want to be notified when a certain device is connected to a certain computer you must set up an alert choosing the specific device and computer that you wish to be notified of and selecting the Connected event from the events list 60 My Endpoint Protector User Manual In this case the Client and Group fields do not influence the triggering of the alert so there is no need to fill them out Setting up a value for the Group field means that the alert will be triggered when the selected event occurs for any clients or computers in that group If you wish to delete any entity Users Groups Computers etc that have been used in setting up an alert you will receive a notification and you will not be able to delete them Could not delete the selected Client machine ould not delete the selected Client machine Make sure it does not have any associated items In order to be able to delete them the administrator must either edit the alert not to contain the respective entity or delete the alert 9 2 Alerts History A history of the alerts is kept in this tab for later auditing Each event that triggers an alert will be saved here Administrators can search for data more easily with the implemented filter while if not needed anymore the logs can be deleted from the Delete History button
104. ts data on the device with government approved 256bit AES CBC mode encryption With the intuitive Drag amp Drop interface files can be quickly copied to and from the device To install EasyLock on an USB Flash drive one has to copy the file EasyLock exe to the root folder of a partition associated with that device Managing TrustedDevices from EPP server console Access to TrustedDevices can be configured from the Global Rights module of My Endpoint Protector under Rights tab Access the drop down box next to USB Storage Device and select the desired level of TrustedDevices you wish to grant access to EasyLock is available here http www endpointprotector com en index ph roducts easylock Purchase a license here http www endpointprotector com en index php e estore https secure avangate com order cart php PRODS 1905891 The My Endpoint Protector Client is the application which once installed on the client Computers PC s communicates with the My Endpoint Protector server and blocks or allows devices to function as well as sends out notifications in case of unauthorized access The My Endpoint Protector Client has a built in security system which makes stopping the service nearly impossible This mechanism has been implemented to prevent the circumvention of security measures enforced by you If somebody tries to connect unauthorized devices they are blocked If the individual has a bad intent to steal data from yo
105. ttachments a F icq a E Google Drive Client F EasyLock Fa m FA k Bi A E F F Wi ws DVI ci 4 Downloads a Chrome m Outlook Body al AIM w iCloud Client E Windows DVD Maker E Mozilla Firefox E Mozilla Thunderbird Skype E uTorren t E ALFTP F Oper a F Mozilla Thunderbird Windows Live Messeng F BitComet ral F FileZilla O Support E Safari F F IBM Lotus Notes v 6 a F Yahoo Messenger F Daum Cloud E HTC Sync for Android F AOL Desktop 9 6 F IBM Lotus Notes v 7 Gaim E KT Olleh uCloud F InfraRecorder CD D F Aurora Firefox F IBM Lotus Notes v 8 F Pidgin E Naver N Drive E iTunes K Mel W F IBM Lotus Notes v 8 Trillian F Azureus F LogMeIn Pro F Maxthon X F Windows Live Mail X NateOn Messenger X F Microsoft Skydrive c F Nokia PC Suite 2008 F Al F Al F Al F Al F Al Policy Content a File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Regular Expressions Q Policy Action will apply to selected File Types Graphic Files E all F JPEG E PNG E GIF E Ico E BMP E TIFF More File Types Office Files m all F Word Excel E PowerPoint E PDF E Infopath F Outlook More File Types Archive Files E all E zp F ZIP password E 7z F RAR F AcE F TAR More File Types Pronrammina Filec i al _ c wan a a r Maun Cila Trenne i My Endpoint Protector Copyright 2004
106. twork Adapter Emmm E One Teatporary Pacewvord IDEAPAD PC WINS 86 124 96 62 Windows Portable Device Media Transfer Protocol GT I9100 E IDEAPAD PC WINS same 86 124 96 62 WiFi Bluetooth Device Personal Area Network ee a EIA T Reports and Analysis IDEAPAD PC WINS 86 124 96 62 USB Storage Device Port_ 0003 Hub_ 0004 see E IDEAPAD PC WINS 86 124 96 62 Bluetooth RTL8723A 4 0 High Speed Chip EE E Liadan DEAPAD PC WINS 86 124 96 62 Serial ATA Controller Intel R 7 Series C216 Chipset Family SATA AHCI Controller 1E03 EES lt EE Eg Soent aere enart IDEAPAD PC WINS 86 124 96 62 Webcam Lenovo EasyCamera E E Admin Actions a Online Computers F 9 devices connected 20 x per page Online Users Online Devices Computer History RQ Mens s Downloads O Support My Endpoint Protector Copyright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP The administrator can see which devices are connected to what computers and also the client user who is accessing them The administrator can also use the action buttons View Log and Manage Rights to quickly administer the device 55 My Endpoint Protector User Manual Eis 8 6 Computer History This module shows all computers that were at least once connected to the server With the help of the Export button the logs can be saved to a csv file while pressing the View Machine log will show th
107. u he or she will try to circumvent your My Endpoint Protector security With this build in security it makes this nearly impossible for any normal user The My Endpoint Protector Client depending on the mode it is currently running on will display a notification from the taskbar icon when an unauthorized device is connected to the system Not only does it log any attempts to forcefully access to system but it can also trigger the system s Panic mode x Security Warning My Endpoint Protector An unauthorized device was connected to this PC Remove the device now or contact the PCs administrator for authorization 75 My Endpoint Protector User Manual 14 3 Offline Functionality for My Endpoint Protector Client The My Endpoint Protector Client will store a local event history that will be Submitted and synchronized with the My Endpoint Protector Cloud Server upon next connection to the network The client remembers the last settings and rights If the protected PC is not connected to the internet permissions can be given to allow devices temporary using the Offline Temporary Password feature as described in paragraph 7 14 4 DHCP Manual IP address My Endpoint Protector Client automatically recognizes changes in the network s configuration and updates settings accordingly meaning that you can keep your computer protected at the office e g DHCP and at home e g manual IP address too without ha
108. umber 7 SSN Country Specific Format for Driving License All 7 Korea Country Specific Format for Health Insurance Number V All Korea Country Specific Format for Passport W All V Korea Country Specific Format for Phone Number V All Korea J International Country Specific Format for SSN W All W United States United Kingdom Romania France Korea Republic of China Taiwan Austria Canada Spain Germany Switzerland The Custom Content Filter displays a list of Content Aware dictionaries By selecting one or more dictionaries the Content Aware Protection agent will detect any occurrence of one more or all terms contained in the Dictionary list 40 My Endpoint Protector User Manual File Type Filter Predefined Content Filter Custom Content Filter URL Whitelists Domain Whitelists Policy Action will apply to selected Custom Content for ALL File Types regardless of the selected File Type Filter Case Sensitive Whole Words Only _ All VW Confidential Dictionary To add delete and edit Dictionaries Go to Custom Content Dictionaries By checking the Case Sensitive option the agent can differentiate the uppercase and lowercase letters when inspecting the content If the Whole Words Only option is marked terms from the inspected content are detected only if they are an identical match with the ones that appear in the dictionary e g age is in the Dictionary variations like aged
109. ving to make any modifications 14 5 Client Removal 14 5 1 Client Removal on Windows OS The My Endpoint Protector Client can be uninstalled by accessing Control Panel gt Add Remove Programs gt Uninstall My Endpoint Protector The My Endpoint Protector Client cannot be uninstalled without specifying the password set by the administrator s in the Reporting and Administration Tool if Set To use this password protect feature please consult the Client Uninstall Protection paragraph The password sent by the My Endpoint Protector Server is hashed and stored inside the registry If it is deleted the uninstall process will instantly stop Tampering with the registry value of the hash will lead to an irremovable client 76 My Endpoint Protector User Manual 14 5 2 Client removal on MAC OS X To uninstall the My Endpoint Protector client for Mac OS X you need to run the remove epp command script file that was provided to you in the installation package You can do this by double clicking the file in the Finder You will be prompted for your user password with the following text Enter your password to perform administrative tasks You need to provide your user password and then hit the Return key please note that the password will not be echoed The password is the password that you choose when you created your user account on the MAC computer Important If your MAC user account does not have adm
110. xport Computer History and Delete The Manage Rights and Manage Settings are links to their respective modules which will be explained in their own chapter For a better organization and manageability a computer can be assigned as belonging to a Group several computers within the same office a group of computers which will have same access rights or settings 5 6 1 Computer Self Registration The client computers have a registration mechanism This self registration mechanism is running once after the My Endpoint Protector Client software is installed on a client computer During the installation of the My Endpoint Protector Client you will be asked to enter your unique ID for client installation This will bind the client software to your My Endpoint Protector account and the client will then communicate to the server its existence in the system The server will store the information regarding the client computer in the system database and it will assign a license to the client computer Note The self registration mechanism acts whenever a change in the computer licensing module is made and also each time the application client is reinstalled The owner of the computer is not saved in the process of the self registration 5 7 Computer Rights This module will allow administrators to specify what device types and also what specific device s can be accessible from a single or all computers 21 My Endpoint Protector Use
111. yright 2004 2014 CoSoSys Ltd All rights reserved Last login 1 hour ago from your current IP Grouping computers and client users will help the administrator to manage the rights or settings for these entities in an efficient way This can be done from the Group Rights and Group Settings tabs When creating a new group there is the possibility to add multiple users computers simultaneously by using the checkboxes and the option Check all matched items 27 My Endpoint Protector User Manual Welcome Network Administrator Logout ke MY ENDPOINT PROTECTOR a Live Help Online Q Advanced Search Dashboard Add a New Group Group i H My Account Test Group Name Device Control Description Se Dashboard Global Rights Effective Rights Global Settings Devices Device Rights Computers Computer Rights Users User Rights Groups Group Rights Custom Classes Content Aware Protection CAP Computers in this Group Computers Test PC i p 1i 1 GSEEEb000004 gE Q Search amp m All Name Domain G 1 matched found from a total of 10 computers G Check all matched items g Mobile Device Management iss Offline Temporary Password aa Reports and Analysis Users in this Group fag Alerts Users T a Test User p Downloads a r swn F m F F EEE T A Z Test User X Q Search amp E All Name
Download Pdf Manuals
Related Search