In-Depth Demo -- DeviceLock 7.1 Endpoint DLP Suite software for data leak prevention

View a detailed software demo of DeviceLock 7.1 endpoint DLP Data Leak Prevention Software. DeviceLock software enforces data privacy policies by monitoring for unauthorized handling of confidential data by end-users. The software prevents unauthorized network connections and data transfers; stops data from leaking out when employees are using cloud-based applications like email, Twitter, Facebook, Google+, Skype and more; and blocks the ability for anyone to copy confidential data from workstations or laptops on to small portable devices like smart-phones, tablets or USB sticks.

---

Closed Caption:

hello the the demonstration update
device lock configuration
or most popular settings for the USB
port and a removable
media also doctors other settings better
cue pop-up messages or the and users
and other features product using the
device lock Enterprise Manager console
the settings can also be done in a Group
Policy
management console using Active
Directory group policy
to manage and quite an alternative
console
the device lock Group Policy MMC snap-in
in device lock Enterprise Manager that
could be used in any environment
typically used when evaluating the
software because they could be done
any environment whether it's el DEP of
workable
IP connected computers or
enacted wreck first thing will do is
use our computers dropdown you which
computers are in our network
selector here and the first thing we
will do after we partyin stop service on
endpoints were gonna go ahead don't that
service that which allows you to create
template up missions will create a new
one
will call it passed on make that are act
at all appears well go ahead
editor template
up the same you would see whether or not
you're in a Group Policy Management
are of the object or within the Group
Policy Management Console
or with any ice la art going next and
everything
you can see all the different options
for now we'll start the very top do some
housekeeping items including
are pop-up messages what the end-user
see
okay especially USB firework block
each act that any
whatever reform agenda what
allows you to but in even instructions
for how to use
the separate wireless controller in the
control panel
if you want them to be able to request
access to a temporary device
go ahead and turn on a few other
pop-up messages or Content Aware blocked
Beach access and content-aware blocked
right
access on every corner all
or something from or clock is blocked or
wanna
aid long content verification must be
performed
prices on archive or another large file
where content inspection takes longer
than sects we also need to make the
at the endpoint all aware of it
by luck enterprise servers purpose of
the device lock enterprise servers
is or collecting audit shadow data from
the endpoints
administrative component yet
is a collection aged might have many of
these instances
within your environment especially
larger ones or ones that are
geographically dispersed or cross
areas spare now we'll put in
one for the demonstration or go ahead
and make sure we're cracking
administrative policy change
startup events will also use a device
lock certificate
certificates are used or many different
functions within
device locked the most popular being the
temporary whitelist mission earlier
this is where the endpoint policy need
to be aware but
published so we will search for one
re-created
will let the public's to get and
also would ball the public and the
private said
can avail you can also mandate use a
group policy
and override local policy you would
normally use
Enterprise Manager console if those are
turn ons a lil
skip those for now you can also make
sure that you have multiple device lock
enterprise servers
that the fast service first parameter is
great
so that you can other first device lock
enterprise server that response to the
ping request from a 10-point
will service that particular and device
lock also recognize
all service controls so that the
collection %uh audit Saturday to
can be a higher priority than regular
traffic all
regular priority priority along with
regular traffic
or lower priority so it will if there
are
bed with issues at the moment spikes and
with
then the device lock Enterprise Server
collection
will occur behind those priority i dont
you already have in quality of service
control you have the option
showing the tray icon of device lock you
also have the ability to do
on an inspection on our guys but that is
a special setting so you can turn a lot
built
today device lock also has the ability
to understand it
changes online or offline and online
equal to the regular profile policy he
later
and then offline corresponds to the
offline policy
so the different sensing mechanisms are
the following:
wired connectivity which means that it
the
%uh shooting is wired purses on wire
that would mean on Wired would be the
choice for offline
most white a most environments are now
using wifi legitimately inside their
networks
that would necessarily be the case for
all customers
domain connectivity is another way of
spending sold
the machine is using cash credentialed
assume that it's offline
animate not a domain environment then
you can also use server connectivity
and the surprises with respect to our
device locked enterprise server
connectivity
so they cannot reach the enterprise
server that defined in the policy
already the one-third by the policy but
I will assume that the machine is off
lot
it to the device lock administrators
this is a local hampering
up prevention tall
we right clicking on property the normal
loaded enable default security but that
does allow local
tennis trainers to do things like
going to the registry or go into the
logs or
even going to task manager and if they
understand which services are tasked to
stop failed
it would be able to do so services Apple
somewhat protected the buttons or
stop-start
and restart think that nature are a
great out
but a sappy Windows administrator would
be able to turn off device lock
unless this particular features turned
off so we
go ahead at
again at domain admins for instance or
another
built in groups or even other individual
users
or group and then you can assign them
particular level
access within the console all access to
that described
black then change access the ability to
change anything
in the also except for this control
and read-only would be better sin Q
groups like
the helpdesk or forensic auditors only
need to review with the policy is
or look at the reporting or look at what
the policy settings
rather than being able to change
the only way to want this is in place
and also locks down all
the component so device lock on the
endpoint
so the program is no longer in
add/remove programs
logs are no longer available the
registry around the product is locked
out
the tasks are no longer stoppable by a
local admin
and the service is further protected as
well as all the files surrounded
bus the only way to get around this what
just place is to be all up the following
a local administrator a device lock
administrator
and access to a console locally
otherwise there's no
possible way to Tampa with device locked
well with the second-place
the only reason you would not want to
have the setting in place ever wanted no
one at the local administrator
up there schemes typically laptops
then you wouldn't have to worry about
that if you trust your normal
domain admins local admin not turn off
product
the other reason %uh the caveat using
this that if you want to legitimately
remove the product or upgrade the
product in place
you would need to enable people security
can to enable that to occur
otherwise is protecting itself for
mobile
so we'll gladly that the pot carry
do a few more housekeeping items on the
auditing and shouting
Auckland find what the local stores
directory would be
when items shadow locally
and that oil occurs first all events and
shadows files
occur locally first before they're
collected by the Enterprise Server it
one is configured
you also have the ability to enforce
order command on those
endpoint and how much data they can
actually night before that
be cleared up by it Enterprise Server
you can make sure it's getting your link
files
which sometimes occur temporary files
are the file Abair
by I'd generate got
make sure that outlaw type selected
lot device lock Enterprise Server to
collect
so we're going to you in this case check
event and the bus
lockbox you also have the ability to pay
just log settings for the device locked
logged on the endpoint
and you also have the ability you turned
on
the transfer ability or shadow did
Pricer
move on to the FAQ lager 7 this is
fairly easy to device lock
it has the ability to you up gate or
scramble any
information might be generated from a
keyboard through a ps/2 keyboard
keylogger and so anything that the
keylogger my collected be
absolute garbage not be people in any
way shape or form
certainly would not by the user the
local pop up
let them physically inspect their
machine see if there is a hardware
device plugged in
well what the lobby of that
so that that lock picked up by the
enterprise servers well
we have two other settings %uh to
further secure the
the computer you can you you sent it to
my lockstep
there is a keylogger place then you can
automatically block Becky Bohrer
turn that on %uh and in extreme cases
where you're worried about external %uh
keyloggers holding in USB hubs which are
normally
passed through device a now the bad guys
and operate and hold doctors devices
while they're gathering
and you can also turn out this
particular setting military
any external USB at the keylogger in
this case obviously you would want to
know exactly
had a hard workout because this would
block any external USB
up legitimately use
well beyond to encryption a device
locked is not proactively
crypt any data this particular feature
is one of the two ways
the device lock force used encryption
and the first waste your bite lifting
cream cricket hardware devices
things like iraqis are blocked masters X
or lock it drives
other tips certified drive that a
not have the encryption rebuild from the
hardware by enforcing
you serve those to the exclusion of all
other media
up to the white looking capabilities
device lock you would be able to enforce
use up in person the second way is to
our
features here we had a great the very
are
product England 7 offer to go up very
popular
open source product culture craft and
several other commercial products like E
and drives great say what this allows
you to do
for removable media is make sure that
a generic partition has mitigated access
or no access
and that any encrypted partition sense
tremonti
technology you'll be able to grant
expanded
up permissions branches you might give
Buchner her
partitions on April media read-only
or no access unless they're did wanna be
technologies
and then be able to give right access or
even just need access where
desire and again this isn't forces you
something Christian
because any other chair partition that
would be plugged in I'll
would be mitigated by the right you you
provide in our global control
lol go ahead and go down into the actual
permissions that we're going to do
for USB removal device lock has a very
layered security product
and in such that has up controlled
several different layers including the
device
class later device or layer
the device type player and when you get
into we will turn into
whitelisting it allows you to use secure
all the model number and also at unique
device
number so far all we're going to which
america's specific
we're gonna go to security settings
where several wendell device classes are
less
first they're going to do is make sure
that all single auction USB
HIV or human interface device
up by keyboard cetera are allowed to be
used and are exempt from the policy
the fact that we have a keylogger
settings turned on gives you the cop
to be able do this and East secure
across
and so I double clicked on this control
twice you noticed that
now busy also we have disable the access
control
for this class of device and by
disabling
the access control we have essentially
allowed it be used outside any other
policies you might have
or the USB port or similar device
we're going to get down here storage
devices and do the opposite
or going to enable the access control
for USB storage device this me
USB storage which inherently block
unless you have special commissions
and court for the device hi or your
whitelist
and we'll go ahead to that now
sonic devices permissions various
heart layers and also divide Heights
will go ahead and get directly to USB or
and it's very important to understand
what our product
that absence from the list people no
access so
not configured that different than being
configured and having
I let so in that case now set people but
provide administrators everyone
system in our example we're going to be
very entertaining about our politics
star went
shut everything down so we're going to
remove administrators
or launch ramble everyone and everyone
at the local context but it does mean
everyone two main authenticated accounts
local accounts
system tortilla Sarah so we're gonna
remove that
and will lead system in place which is
important for
driver support that ass all permissions
and ever going to at domain at
and I'm not a member of domain admins
for this purpose
and domain admins will have of control
as well
noticed there are no other users or
groups on the left
of you can add a group that has special
generic access to
USB port you need to or you can
whitelist
specific device models or ID's to the
white
capability and assign those uses a group
which is the preferred
secure way see in this particular case
I'm going to leave
only this and the control you'll also
notice you have
day of the week and our today controls
so if you want to block all access even
for trusted individuals
or group from state two in the morning
to five in the morning when only maybe
janitorial staff is in the building or
on weekends when
there's no other access then certainly
do that as well
case someone leaves their active session
openly screensaver
after act and someone can get
in on the console and and move data
that they were comin up
so we can figure the USB port organ did
the same thing
a removable and removable covers a wide
swath that the contest
devices your typical USB thumb drives
.org.es e-cards or other argument their
data
media card you might find cameras are
follows
will come under removable same at the
all
I'll make a series up devices chapters
drive at all Center removable media
so we're going to do the same thing here
and we're going to you
the all his the normal settings that one
is provide
going to delete administrators lead
everyone
each system in place and we're going to
have to make that
okay and here's where you see the where
r chairpersons
crafted partition and comes from
engineer obviously rehearsed engineer
partition
whereas in cricket only refers to want
to be covered in our action
%uh demonstration here where only those
supported technologies
not a have any jurisdiction over just
generically encrypt it
partitions or anything that might be in
the white list unless
figure just but have wanna the
particular vendors that we had a great
where
on that on that device to enforce the
tap holes
summer to leave this open for the main
event systems or get a very lockdown
policy
keep in mind all we're doing years
creating template haven't applied
yet Sorghum Mill from permissions now
to auditing shadowing notice it's very
similar
you must configure what what what of
shadow it's very granular
as well practiced holes so USB port
we're gonna of allowed an audit denied
essentially
success record in billion records ok
let's that
all get to keep very wide open or people
just think
everyone and it all region right all
times a day
aidid etiquette detail
file information we actually do the same
thing at the to buy
type player so we're going to do that
here would remove the law
and you'll notice that there's beyond
just auditing which is your typical
event viewer type of records you now
have the ability to on
storage media turn on right shadowing
the difference between auditing and
shadowing falling
auditing provide the capability I'll a
regular event
syslog type that says up of a copied
SSN DOB tax from computer-aided
by be on Friday at 5:30
and that actual information but if you
actually wanna know what's inside and
out tax
that you can actually turn on shadowing
which do an exact copy in the background
that file
that will be available for the device
lock Enterprise Server to black
and we're starting to call those
evidentially files that these people
they're becoming
okay now we have a pretty locked down
policy we have our audit thing in place
so I'm going to go ahead and close my
template
and I have not signed anything yet now I
have my that service settings check
I have the machine I'm going to push it
to you and again if you are using Group
Policy
the policy figured Policy Object from
the GPS the Microsoft would apply to all
computers within the container
are you out that killing act using this
particular
console more surgical and you can choose
exactly
which machine q1 should so we're going
to be pushing
this template we created
to this particular match by checking all
innings can
that was successful all that
we can verify what permissions we the
there by many
report permission auditing it same
endpoint
so we'll do that now
now he the permissions hear everything
else is wide open except for
removable always them and the main admin
same USB port with you that are
significant in place
we the our other items are
shadowing at that place and that's all
we can figure
so are all that looks good
and we'll go ahead in mind that what
we'll do it now
energy use a USB Drive to this
particular machine
and keep in mind I am logged in as
a local administrator not a domain at
and nations G two different pairs you
see the one from Windows Explorer
because we do
mount the drive a given a drive letter
we checked the availability
up permissions for that particular
logged on user sessions
access and that was denied so what is
world message you also have to cut a
message that we
defined earlier where you to notify the
user
perhaps why was blocked or alternate is
you
the device they tried to use or
again it believed to use the temporary
whitelist capabilities
which in hot ap lit inside control panel
they can request use update temporary
device that would still have to be
approved
by a device lock mister so we didn't
block
that might be too harsh apology for this
particular individual user
so what we'll do now is will go back
and modifiers that somewhat and our
template
and this time we'll yeah my particular
account
read-only British so we do that or
layers
play going at my individual account of
course
this is better or not group membership
so your data is group and Active
Directory tools
and that group would have access
accordingly but
this particular light are this
particular user account now
will will take right format away so as
reader Jack
in wild-type an admin says ok patrol
will apply will do the same thing every
move the ball
case to take right format away okay
so-called our template
will in a pile settings
and again if you're using per policy
that will be applied automatically
ellsworth
set all in Rohnert Park to verify
and with no doubt we'll see
now the colors change explicitly given
read-only access
this particular user over removable
and USB or that we expect them yet
and then what we don't use
are USB Drive now that we have some
access
signed or cow okay
this time the drive opens in the at
Lt do access the drive now
I'm do I have the ability to you all up
certainly steelhead open this particular
file
okay I can open thanks I try to delete
that file
are you sure yes I want to delete it
well sorry I can't because I'll have
read-only access or I try to add a file
okay sorry access is denied
same thing would happen if I try to
rename a file or I try to create a
folder
I have read only access and that of the
collection of my spreadsheet director
or my powerpoint spreadsheet all my
documents which is fine but here's
problem
I have an executable here perhaps that
day
malware or certainly probably a he
software that the administrator
now what stalling on your machine or to
be a rootkit
cornea any other number issues be
presented by installing stopping
local each that they could have easily
picked up of Street a proper home
of at issues so I run that you'll see
that you have access to run excusable
so maybe we're not done in our all
K
been called that will go we address our
policy
so bring it into work
Content Aware rules where we have the
ability to do
wild-type controls that actually in the
core module
the only on aware all available the or
module
that predated our aunt of Ali
so go down hot where all right click
and manage unlicensed
or all network lock on at law and device
locked you will
all various on lot capabilities
including the ability to use while
protection which started
or module you also have the ability to
filter
content by keyword: less by regular
expression patterns
I document properties and you can also
combine
rules together Bible in operators like
and or between
not cetera into a complex rule and this
combined with contextual
goals from the device locker that
workbook sidelight have a very
Wrangler and contingent policy you
control very discreet
in that case we're going to go ahead and
scroll down to
a very popular rule called
execute a false and so we can do that
group
and even though he only a certain number
files in here while height this isn't
really the point this
allow you take any
file that's considered inexcusable noted
DLL
not only excusable on mother mcintosh
file I'd you are well it doesn't matter
what
file name all file type is
we look into the binary and file summary
names now where da txt
this is an OK document not tax we're
still going to see that it can execute
so you can now you wanted to expand the
have while
that led okay this particular template
add to it or removed from it
eat is too restrictive and great your
own template
be able to sign for now we're going to
let you
default one ever in at user group going
to apply this to
and at all David M now we're going to at
the permission and actually in their
plight to permissions or contingent for
shadowing
so you want shadow any excusable
someone tries to access a run you could
do that as well
in this case we're going to eat applied
only to permissions
and for now a use only for it will all I
was go ahead and then I every bit as
actor
any possible to do it local are to
execute a long ago bleed
okay that really have a place
other template
you will scant sign
after all ok let's get the report
time and we will plugin our USB
drive again
because I have a contact prolong it is
and what's going on
the aircraft and up we also see
okay it in the drive in it found several
cuticles
keep in mind that the level is not
listed in that group but stop by the
those lol is inexcusable while find all
the different want that
not yeah missus does so he you ignore
this
permission for this yr message and you
try to directly access it well
sorry not going to let I'll give you
another
watch you're not allowed be yet idea or
same thing with this particular execute
of I
so now you have a very lockdown but
reasonable policy people at read-only
access there we will
media not be able to run executable
sorry
about our okay
let's say you want to get more in-depth
what content rules
with certainly that and I'm gonna open
up some access I do have permission to
copy
file but then I'll turn on some
content-based roles
and the scenario will have here is a
social security numbers so in that case
we will go down
you US the number after and if we do
that group
you'll see that this is the regular
expression
basically looked like a perl script
filter and give you the parameters each
up each spot and they reach position up
the number
and so eat and against that you would
the and also that the letters
and as soon as you hit the one that
would actually
be criteria it'll turn green the clout
you're creating your own
I'll pattern the validate you know based
on what exactly wanna see a test
different edges the browner's as well
sovereigns by change the delimiter
plus then it doesn't apply anymore
so that is a regular
fostered an hour but here's an issue
condition all
1 well in in certain environments a not
allowing any social security numbers to
pass through
special someone HR or dealing with your
benefits
or things of that nature I would be a
restriction on them that would prevent
them from doing their job so certainly
certain people should be able to deal
with certain numbers social security
numbers
as long as that audited and shouted
house
and as monitor so in order to
now prevent that problem only have any
instance have a social security number
a plot Anstead what we do is we
duplicate that particular
happen and we condition in america so
now I will call it
three-plus same thing with the
description
will leave our pattern alone
as we left atter validation that's fine
and now all
a greater than equal to three so this
allows you to have
any document would have to social
security numbers in it
maybe that's a mortgage application
someone's doing work or that have
there so sturdy number in a spouse
number that document you really want to
block that
or just funny monitor that watch court
let it go through
certainly anything over three mean that
could be
some type of identity theft or problem
I'll
with a leakage or social security
numbers
and so we have
re up just stay numbers are gonna at
that to the rule for David M
again all 52 prevention in this case
removable ever gonna deny any scenario
where
anything over three three or more so
sturdy numbers will be allowed
okay
I didn't open up some fresh but I have
blocked earlier
so that I can actually up on at write
permission
David M I will do it here
at the or
level as well and and here level as well
now I have right
capability here but I'm restricted now
by contest rules
okay we're going to apply our
I'll out
all ironic but or
the all the new changes be made
and we see that I out Billy
you or Mac wrapped in red better a and
read
and I have my on where roles yes
or old lol play 3 also sturdy numbers
all in place
I that looks good
that might this and we'll
just are devised
in Austell are little ruled
place for excusable prevention so we
still have
and for that we launch that it will try
to block it
now should have write access that
russian-built
delete now certainly can
now I can also add files back to Dallas
kinda at
file point you disorder bring up another
session
my computer am
drill down to our apt on at the I wanna
try
okay
now I have it eat text file chairman a
copy
and then 8 from my
station or my removable media okay and
that worked
a problem look to you within that
on there okay
the sample a mortgage application we're
about to different social security
numbers
and that met our criteria okay okay
here's one was trying to copy and a
looks like it's going to be there to
watch
okay I do not have permission to read 73
but that packs contact your system
administrator a
much clear these will go and now to go
back and look at that
country that act the could have been an
eternity that issue
yeah three or more social security
number here
that that that pattern criteria block so
again
America the condition hi to the user or
group it
very granular you have a combination
content and contextual controls
their second
I've talked about all device law and
copyright law
but I haven't gone and network box will
go there
involved with network lock under the
product called
area so get will go into permissions
here
and you'll see we have several rock
protocol to manage ft
ESL he and all the sobers
them 3 we'll be adding more laters well
including
papillion SMB others we also have
several
application later i dont we can manage
that are abstracted away from the car
all things like AOL messenger other
instant messengers like
Windows gap we also abstract social
networks
as web sites different then raw eighty
easy to treat those differently or is it
that you only wanted
three people in your PR or marketing
department to be able to post
Twitter or to Facebook on behalf of the
company from a management chain
and you can do that to be squeezed the
ball other people being able to do that
from the workstations
I can but we show how that looks
but I walk biggest all I wanna show you
the
current list
that we provide so again you're popular
US state Facebook Google+ myspace
Twitter and several ones from Europe as
well at work optimally
adding to this list very similar to
social networks we all do the same thing
with webmail
abstract certain popular free or webmail
based products away from
he control so I know and here
and show the weekend
conditionally block I'll the various
lol male Google Mail hotmail now
Microsoft
yeah a little better in some other your
in based
I don't you can also it horse however
sela handle
you can also be very specific about
sender and recipient
emails using wild cards in the domain
or entire string see be very specific
about who can do what
with webmail service and again we're
adding to these all the time
but the actual demonstration I'll go
ahead
something very simple network lock
unblock my access to or instant
messengers
on this terrible everyone from here
again absence from the lead equals no
actor
so I'll be warned everyone has third and
removed from the list
a black it tonight act everyone yes
All Blacks used change yes same thing
with yahoo messenger
so gonna
blocked all access to those particular
it aimed at a bar tab
we're going to sign those permissions
okay
wanna look at our apartment but
he under protocol now all unread
Windows Messenger Yahoo Messenger law I
all right now to try to launch those
applications
eat until live there live messenger
now the application will try to launch
but it won't be able to connect
we also turn on the pop-up messages so
we'll see that as well
so there's one
messenger attempting to act and at least
air up a message sorry do not have
permission to access Windows Messenger
contactors at we also get the
application-specific
failure that we could not lock you into
just
ever tried
think Yahoo
get same result out
things are much more grand more than
just blocking certainly allow
based on user group you can do other
additional controls
certainly can also manage content across
the
passengers and email platforms cetera
with on
law okay
so it doesn't quite a bit here
and work I we've been auditing
all I'm so gonna use our device locked
management on salt which is
for managing the back and device lock
enterprise
service architecture and the sequel back
and
where all the events are stored and then
also the repository where the shadow
while are so we will launch that arts or
that purpose
it will get to see are shouted
so again we look at our enterprise
server
look at the audit log viewer and that
you
every bit as what we've been doing here
I actually
sort by here we go
so now sorted by date I'm we see
everything I think I might have
culture place here I did not okay act
so now we have all of the items we've
been working on
that failures on very I don't
playing US or about do it better
earlier that s he only all by she name
the date
I'm and the source the you can %uh
action that was tried was attempted we
have
the act you refreshed
and then
we scroll over we will see the only
qualified username
attended lol see the timestamp
well now we want it
we can sort by indeed items immediate
column so
looked axe very much like a spreadsheet
well see the actual
file the air an actual devices being
used
the idea the idea device represent
the model number and this number here
represent device id:
or the so serial number come later
you we can all start information by in
the
data in alt and I have prepared
filter here Pepa excusable also there's
other
%eh while maybe that was a malware filed
in my environment collected all the
audit Saturday I wanna find out where it
originated
and where kim n or search all
biatch it was its well art at all
everything left have anything related to
pee PA
comes in here so this whole files here
and I could go back in
I had multiple users rebuild to be
identified
timestamp I'll when that first came in
here
thank shuttle love your show the actual
files and in this case awesome
englanders chat we were doing
you did
we also see our con at law success and
failure
earlier testing so we go here we get
double click on it
open-air file itself here
get it could be a power while the safer
way to look at it better right
let and use our you were and you could
look at that
several are formats if you have another
windows-based forensic
filed your YouTube plugged in device
lock your registry setting
beginners are
while fail we are not capture that as
well see what was in that
while at whitetail okay
device but had to build it also monitor
particularly in points or whatever what
you care
at all
at the ability to run some canned
reports against collect the data
up on here allowed denied access request
her channel
so we can create any or that an
could control the time I'm frame as well
as what computers what users with Tyler
Beltran pledges to everybody that
generate new report
and injured paper reports have various
graphical capabilities
tomorrow I start summer bar chart Mar
reports
and it all
again based on only that it is been
collected but kreitzer
at while generating now and can also
configure the
reports to be automatically e-mailed
took particular distribution list or
at users yet know your
email me that on so back to hear purport
this ramp
on that will make
bigger here let you
some capability in saying okay %uh
allowed that actor
allow being green the night being read
and based on which channel
removable USB port Windows Messenger
Yahoo Messenger
better me and that allowed tonight
auditing is better
are not
very good visuals to kinda dated but
like
lacks in the
be in
email EF archaea or
and shot a longer summer reported run
there
we also have at extra module that
it a modest cost on up alright it I'll
to buy on and security server or Search
Server
and we have the ability to look you all
the collected data yep at all
indexed that include not only the
offense
that are indexed all the data within
them but also the collective shadow
file so they're look Inc you at all the
content from
click to chat up files are also
able to be looked at so they want
look everything at sense star
at the wild card searches are getting
all text tell your record
anything to do with that string text
that
you keep various on failed in person
decibel
does allow you to check against your
content rules of research ship
at a lot of document said Susie and
confidential that we're going
out successfully before you change the
content rule
up next time you run that report you
should see failures
for those that combination that we put
in place
and then used to see the next time you
run the report a decline
up even E attempts to move those while
with that criteria because the end users
have now learned that they are not
allowed to send that
out and did not happen horseman tall
device lock
content lock network lock that will
prevent
okay
last time I wanna show is how to
whitelist the device
I will go back into our
that aims apps
on these are profile
and now will go back into devices and
I'll go ahead and
myself out these permissions David M
no longer be here generically or in
remote
all and instead we're going to do
do a USB device but let the
particular by right click and manage and
that shows and devices that are you then
put into the butler
database through a particular a
plug-and-play device
and RDX to rename one David USB Drive so
I'm going to go ahead and sign this
onto David and that
drive a lot in here EMP ID which would
be
model number here's an example of the
device model only out
those two numbers and then this number
is
the serial number or the device eighty
so that the device we care about
members down here and katonah make it a
wide open to buy
won't be subject to any other rules want
just like when device
ever install for this particular
nomination
user and unique device in a minute
unchecked control
last hi by and check in control as hi I
think way all
device type lehrer restrictions things
like the
content rules I want or read-only et
cetera
I want those reinstituted go ahead
turned to a lot
I back on and then I have to have that
particular user or group member in
removable
in this case and and then I can for
social
netscape make it wide open for evident
you this particular
s and are going to
sign those permissions
ok all I
on Flickr device back in
and as you can see
in actor by have
alright act algata me that while on
purpose
but now play a plot device
and put in a device
exactly like it same makin and model but
not that same unique device
I'm I get my
its blog I'm
attack you sign a particular device to
the
lose the ball others to an end user as
long as there are
indicated user I'll then they can use
that to buy
that and Exchange session a group policy
are okay
all that includes the the demonstration
if you have any questions please feel
free to email us
at US dot sales at device locked not
up thank you