ZENworks Endpoint Security Management

Features

Enjoy a truly unified solution

ZENworks® Endpoint Security Management centralizes the management of all your devices into a single, unified web-based ZENworks console. Perform all your security, patch, and configuration management tasks from one spot—eliminating the extra time and hassle of dealing with multiple, disconnected tools.
In addition, ZENworks Endpoint Security Management is extremely easy to install. You can have it up and running for all your endpoints in days rather than weeks.

Full integration with ZENworks 2017

With ZENworks® Endpoint Security Management, you will enjoy unprecedented support for additional server and database platforms, deployment of the ZENworks Endpoint Security Management agent, and location awareness for all ZEN solutions. In addition, you can take advantage of ZENworks Endpoint Security Management's support for multiple policies, including the following 10 policy types:

  • Application control
  • Communication hardware
  • Data encryption
  • Firewall
  • Location assignment
  • Security settings
  • Storage device control
  • USB connectivity
  • VPN enforcement
  • Wi-Fi
New security and control capabilities

ZENworks Endpoint Security Management comes complete with stronger, more robust capabilities that ensure even greater control and tighter security. From mobile devices, to Wi-Fi, storage, virtual networks, and secure applications controls—ZENworks has all-new, enhanced solutions to protect your critical information like never before.

Firewall security and other new features

ZENworks Endpoint Security Management includes a new feature that will disable endpoint modems when hard-wired into the network. In addition, you will enjoy increased encryption capabilities, with user-defined secondary decryption passwords, multiple safe harbor definitions per policy, sub-folder support for safe harbor locations, and a new copy standalone decryption tool to RSD by policy.
New firewall security benefits and features include the ability to disable the Windows firewall and update registration in Windows Security Center and input ranges for IP (CIDR, from/to, etc.). Another new feature allows you now to white list RSD by description in the preferred device list.

Advanced port security

Safe and secure in any and every wireless environment. Along with wireless connectivity, ZENworks® Endpoint Security Management also controls connectivity to Windows 2000, Windows XP, and Windows Vista PCs via LAN and modem.
It can block Bluetooth, Infrared, 1394 (FireWire), and serial and parallel ports connections, preventing unintended or rogue access through any of these connection points. In addition, each hardware type can be enabled or disabled, either globally or by location.

USB and removable media security

The amount of data that can be quickly copied to removable storage devices is increasing every day. While these devices can significantly boost productivity, they can also poke dangerously large holes in data security and control policies. Threats caused by these devices include:

  • Malicious users copying large amounts of data with no audit trail
  • Well-intentioned users misplacing or throwing away devices containing sensitive information
  • Viruses or other malicious code being introduced to the network via contaminated devices
  • Violations of HIPAA, SOX, GLBA, or other regulations due to sensitive data being copied and transported unencrypted
Lock down your wireless network security

Corporations have taken steps to ensure the security and privacy of their own internal Wi-Fi networks, yet this protection often stops at the enterprise perimeter. Every day your employees sit in the airport, at the hotel, or a coffee shop checking their email or downloading customer records or other sensitive data.
The question is not whether your company needs wireless security: It's really about how you get the wireless genie back into the bottle before you experience a serious compromise.
Unprotected Wi-Fi networks pose multiple threats to business. Without wireless security controls, users can inadvertently compromise both local and corporate data, from a Wi-Fi hotspot or even from the office. Hackers can easily find an opening in an unprotected system on an access point or hotspot and run scripted, peer-to-peer attacks. They can gain access to confidential data such as customer lists, project plans, and even username-password combinations.

Complete application control

Keep everyone compliant with corporate application policies by securing endpoints with a tool that lets you control the applications people can and cannot use. We can help you make sure only approved applications run on corporate IT assets by creating blacklists or by enforcing certain applications to run prior to network connection.

Antivirus and spyware integrity

With ZENworks® Endpoint Security Management, you can take immediate action if endpoints fall out of compliance. Place them into safe, customizable quarantine states to effectively prevent the spread of viruses or other contamination to the network.
Remediation actions can also be initiated, and once compliance is confirmed, endpoints are taken out of quarantine. Security policy settings are automatically enforced before, during, and after quarantine.

Actually securing your security client

ZENworks Endpoint Security Management protects each endpoint by ensuring that the security client cannot be altered, hacked, or uninstalled. Protect corporate data with tools that truly secure the endpoints from insiders and outsiders.

Put end-user devices behind a potent firewall

ZENworks Endpoint Security Management includes a new feature that will disable endpoint modems when hard-wired into the network. In addition, you will enjoy increased encryption capabilities, with user-defined secondary decryption passwords, multiple safe harbor definitions per policy, sub-folder support for safe harbor locations, and a new copy standalone decryption tool to RSD by policy.
New firewall security benefits and features include the ability to disable the Windows firewall and update registration in Windows Security Center and input ranges for IP (CIDR, from/to, etc.). Another new feature allows you now to white list RSD by description in the preferred device list.

Protect against bugs in USB storage devices

The amount of data that can be quickly copied to removable storage devices is increasing every day. While these devices can significantly boost productivity, they can also poke dangerously large holes in data security and control policies. Threats caused by these devices include:

  • Malicious users copying large amounts of data with no audit trail
  • Well-intentioned users misplacing or throwing away devices containing sensitive information
  • Viruses or other malicious code being introduced to the network via contaminated devices
  • Violations of HIPAA, SOX, GLBA, or other regulations due to sensitive data being copied and transported unencrypted
Create data encryption when you need it the most

With Micro Focus, you can create, distribute, enforce, and audit encryption policies on all your endpoints.
ZENworks® Endpoint Security Management encryption policies include:

  • Policy-based safe harbor encryption that encrypts all the data stored in administrator—or user-defined "safe harbor" folders on fixed discs.
  • Removable storage device encryption that encrypts any data copied to a removable storage device, as well as the entire contents of that device, the moment it's plugged into a PC.
Common criteria certification

Common Criteria Enforce ESS (ZENworks Endpoint Security Management) is officially listed on the National Information Assurance Partnership (NIAP) Common Criteria website at http://www.niap-ccevs.org/cc-scheme/vpl/ and is the first location-aware endpoint security product to receive EAL4+ status.
About Common Criteria: Utilized in the public and private sectors, the Common Criteria (also known by the designation ISO international standard 15408) is recognized in several countries, and in the United States federal government, as the unbiased, official third-party evaluation for IT security procedures.

Security client

ZENworks Endpoint Security Management utilizes an installed client application to enforce complete security on the endpoint itself. This ZENworks Security Client protects client data by determining in real time the network location of every Windows 2000, Windows XP and Windows Vista endpoint. Based on that location, the ZENworks Security Client:

  • Implements policy-based filtering of all incoming and outgoing traffic, creating a personal firewall
  • Implements policy-based control over hardware use (such as that of wireless access points, removable media and network adapters)
  • Collects reporting data
  • Launches nominated applications in policy-defined situations (for example, if policy dictates that in a certain location a VPN program must be used to access the network, the ZENworks Security Client launches)
Security reports

ZENworks Endpoint Security Management includes the latest version of the BusinessObjects Enterprise engine and adds support for SUSE® Linux Enterprise Server. In addition, the new version gives new reporting universe objects for endpoint security policies and allows you to build custom reports for information about any endpoint security management policy.
You'll also enjoy several new canned reports related to endpoint security policies and new reporting universe objects for power management. You have the freedom to build custom power reports related to “green” capabilities of your machines and the power policies of the machine.

With the [Micro Focus] solution, we are able to automate what we are actually doing. We don't define our processes by the tools we use, but by the way we want to do business.

Tyson Faircloth—PROGRAM MANAGER
CACI
release-rel-2019-3-1-hotfix-1763 | Thu Mar 7 10:22:35 PST 2019
1763
release/rel-2019-3-1-hotfix-1763
Thu Mar 7 10:22:35 PST 2019