Centrally Enforced Data Protection

Detect: Identify and control the synchronization of data directly to rogue mobile devices from PCs or over-the-air synchronization of email from Microsoft Exchange Server

Manage and Audit: Centralize security policy management from a single console for desktops, Notebook PCs, handhelds, USB flash drives, and CD/DVD media. Audit trail ensures that company data security rules are being enforced across all mobile devices

Encrypt and Enforce: Ensure that sensitive data is securely encrypted, while providing defense in depth; user authentication, controlled port access and application restrictions

Operations and Support: Work within existing IT operations such as patch management and application upgrades; ensure that the Helpdesk can provide immediate resolution to end-user problems including forgotten passwords and data recovery

CREDANT Mobile Guardian Enterprise Edition (CMG) is based on a flexible, single-system architecture for powerful central administration of single and multi-domain environments. The solution combines policy-based encryption and enforcement, automatic device detection, authentication, auditing and reporting capabilities. Multiple levels of access, device and end user control help ensure endpoint data security as well as compliance readiness. Even better, CMG solutions operate in the background without affecting operational performance, administrative productivity or the user experience.

With CMG Enterprise Edition, organizations can address their endpoint data security and compliance needs in an effective, efficient and transparent manner.

Integrated Components for a Comprehensive, Easy-to-Deploy Solution

CMG Enterprise Edition solutions are based on an integrated set of components. This approach helps streamline deployment and enable organizations to develop tightly integrated yet flexible solutions based on their specific needs.

• CMG Enterprise Server integrates with enterprise directories to provide a central, web-based interface for security policy definition and management. The interface also supports real-time mobile device inventory, as well as continuous reporting of mobile device security status for policy compliance.
• CMG Shield resides on mobile devices and external media to enforce mobile security policies even if the device is disconnected from the network. It enforces strong authentication, policy-based encryption, and device / end-user controls. The component is available in a StandAlone for Windows® version that supports devices in disconnected or non-domain environments.
• CMG Policy Proxy resides on the corporate network or DMZ to provide secure distribution of policies and policy updates from the CMG Enterprise Server to the CMG Shield. It also collects device inventory and reports back to the CMG Server for auditing and reporting.
• CMG Local Gatekeeper resides on desktops and notebooks to automatically detect, protect and control locally synchronized mobile devices. It provides secure, distributed communications between CMG Shield and CMG Enterprise Server for transparent delivery and management of policy and software updates.
• CMG OTA Sync Control (optional) enhances Microsoft Exchange Server ActiveSync to control which handhelds can sync email, contacts, and so forth. The component is compatible with Microsoft Security Feature Pack (MSFP).

CMG Enterprise Edition Benefits

CMG Enterprise Edition is part of the CMG family of products, the only centrally managed, data-centric solution for protecting endpoint data wherever it resides. With CMG Enterprise Edition, organizations realize the following key benefits:

• Policy-based, centralized management for improved security, compliance and ease of use
• Non-disruptive security that does not impair operational efficiency or impact the user experience
• Proven technology, expertise and experience from the industry leader in endpoint data protection
• Quick deployment of data protection for laptops, desktops, handhelds and external media across diverse platforms
• Automatic audit trails that offer proof of end-to-end data security
• Protection of data from unwarranted access, thus reducing risk of internal breaches

Ask for more information about CREDANT products and how they provide organizations with proven-effective solutions for endpoint data protection.

Key Features with CMG Enterprise Edition Include:

• Multi-level access, device and end user control
  • Flexible PIN and password parameters
  • Multi-factor authentication
    • Smart Card
    • Biometrics
    • Support for RSA SecurID for Microsoft® Windows
  • Self-service and help-desk assisted password recovery, even when a device is disconnected from the network
  • Automatic deletion of data on a lost or stolen device, even if device is disconnected from the network
  • Advanced application control on Windows Mobile® Pocket PCs, with the ability to disable SMS on Windows Mobile Pocket PCs and Smartphones
  • Communication port controls (Bluetooth, IR, and so forth) for PDAs
  • Optional Over-the-Air (OTA) Sync Control that enforces which handhelds can sync to Exchange ActiveSync®
  • Integration with Cisco Network Admission Control (NAC)
  • Access granted to multiple users to securely share information on the same desktop or laptop
  • Ability for individual users to access data permissible only to them and not to local administrators
  • Encryption of local Security Account Manager (SAM) database and domain password hash
  • Automatic key escrow for simple, immediate data recovery


• Support for industry standard encryption algorithms
  • FIPS 140-2 validated
    • AES 128
    • AES 256
    • 3DES
  • Blowfish
  • Lite


• Broad-based compatibility
  • Compatible with automated patch management systems
  • Compatible with existing disk recovery, maintenance and forensic tools


• Extensive support for devices, operating systems and external media
  • Notebooks, tablet PCs and desktops running:
    • Microsoft® Windows Vista® Ultimate, Enterprise, Business and Home Premium
    • Microsoft Windows XP Professional, Home, Media Center and Tablet PC
  • PDAs, pocket PCs and smartphones running:
    • Windows Mobile™ 6.0 Professional and Standard
    • Windows Mobile 5.0 Pocket PC and Smartphone
    • Windows Mobile 2003 Pocket PC and Smartphone
    • Palm OS® 5.x
    • RIM® Java OS 4.0 BlackBerry™ devices
    • Symbian OS 9 devices
  • External media accessing data from:
    • Microsoft Windows Vista Ultimate, Enterprise, Business, and Home Premium
    • Microsoft Windows XP Professional, Home, Media Center and Tablet PC
  • Enterprise server platforms
    • Windows Server 2003 Standard and Enterprise
    • Windows Server 2003 R2 Standard and Enterprise
  • LDAP support
    • Microsoft Active Directory®
    • Sun® ONE Directory Server
    • Novell® eDirectory™
  • Supported databases
    • MS SQL Server 2000, 2005
    • MS SQL Server 2005 Express Edition

Screenshots

CMG Enterprise Edition is based on a flexible, single-system architecture for powerful central administration of single and multi-domain environments.