This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

end point security solution for removable storage

Hi,

We are looking for an end point security solution , whch should puerly looks after the removable storage.

Our client is having around 100 users and is running Trend Micro Office Sacn 10 as the antivirus software.

The client wants to control the use of removable storage in the netwrok , should selectively able to control the removable storage based on the users in the Active Directory, should integrate with 2003/2008 active directory , should work in tandem with Trend Micro Office Scan 10.

If the user connects a removable storage , solution should scan the storage for threats first. User should give access only in the absense of any threats.

Please let us know whether you have got a solution of this type?

:482


This thread was automatically locked due to age.
  • Hello Sandy

    I think that the Device Control should be enhanced to "Block the Programs Execution" from Removable Devices, because, the malware always try execute to infect a machine.

    In the business the 99.99% the users who uses removable devices (or allowed use), mainly USB's, uses to copy/transport documents. Only, the TI people can install applicactions.

    If in Sophos Device Control we can "Block the Programs Execution" this would be one Policy more in our hands to protect our business.

    Today, Device Control have Block/Permit/Read-Only options, this is very good, but, add this new option should be a new step in the Sophos Security model.

    :smileytongue:

    Regards,

    Linck Tello Flores

    :522
  • Hi Linck,

    We are looking at providing a short term solution using an applicaton control identity which would block autorun on removable storage devices.Longer term we'll look to move this configuration into its natural home - device control policy.

    Would this meet your needs?

    Best regards,

    John (Product Manager)

    :528
  • Hello John

    I think that yes, but only 50%. Because the control of the "Programs Execution" from removable devices is part of the security, not only by the malware, also to prevent installation of unauthorized programs. This improves both the Device Control and the Application Control.

    Regards,

    Linck Tello Flores

    :529
  • Hello John

    Do you hae some update about this post?

    Thanks

    Linck

    :667
  • Hi Linck,

    We will look to provide the option to block all executables as the main priority and then block autorun as secondary priority. As a side note there is a category already within Application Control which blocks some of the most common USB program launchers and pocket version of common application see USB Program Launcher on "http://www.sophos.com/security/analyses/controlled-applications/" - obviously this of limited used for malware on USB keys which should be detected by the on-access scanner.

    Thanks,

    John

    :686