Real-Time Protection Against Improper Access and Data Loss
To learn more, click on the Capabilities tab.
Block and Alert on Abnormal Activity in Real-Time
SecureSphere File Firewall provides file protection by blocking or alerting on access activity that deviates from corporate policy. Policy-based blocking goes beyond native permissions and offers security staff a way to guard against mistakes introduced in directory and file level permissions. The SecureSphere flexible policy framework enables administrators to create policies that consider a variety of criteria, such as file meta-data (e.g., file name, location, type, etc.), permissions and user access activity, and then take action when undesirable behaviors are observed. For example, a policy can be configured to automatically block or alert when “Support” users attempt to access files classified as “Financial Data”. This type of classification-based blocking is not possible with native file permissions. SecureSphere alerts support a broad range of actions including sending an email to interested parties, assigning a follow-up task to an administrator, or executing an operating system command.
Quickly and Efficiently Investigate Incidents and Document Compliance
SecureSphere provides interactive, on-screen audit analytics for visualizing file data access activity, Active Directory changes, and user rights with just a few clicks. Security staff can use these analytics to investigate and respond to incidents, identify suspicious behavior, and document problems. SecureSphere analytics and reporting help quantify security risks and document compliance with regulations such as SOX, PCI, and data privacy laws. SecureSphere report templates and scheduling further increase efficiency and automation.
Manage User Permissions to Sensitive File Data
SecureSphere identifies existing user access rights and facilitates a complete file rights audit to ensure sensitive file data is accessible only by those with a business need-to-know. This streamlines file permissions audits by aggregating, consolidating and reporting on user access rights to file data across all file servers and NAS devices. SecureSphere accelerates file security reviews by:
- Identifying users with access to sensitive, high-risk file data
- Highlighting users with excessive access rights
- Discovering dormant users and un-used access rights
- Providing rights review workflow capabilities
- Tracking and alerting on Active Directory changes in real-time
Audit Without Impacting Critical Systems
SecureSphere FFW performs continuous auditing of all file operations in real-time, providing organizations with a complete audit trail that shows the ‘Who, What, When, Where, and How’ of each file data access. Because SecureSphere audits network communications transparently, without requiring modifications to clients or file servers, it records all file access activity without impacting business operations. SecureSphere captures the name of the user, file accessed, parent directory, access operation (e.g., open, read, write, delete, etc.), access time, etc., for every file accessed. For maximum security, the audit trail is maintained in an external, secured, and hardened repository which can be accessed exclusively through read-only views via a role based access mechanism. In addition, users can audit all changes made to users and groups within Microsoft Active Directory with SecureSphere Directory Services Monitoring.
Identify Owners of Files and Folders
SecureSphere FFW helps security teams identify data owners by providing visibility into the users of files and folders. The primary file and folder users are either the data owners or, as the largest data consumers, are able to immediately identify an owner. Because owners best understand the business relevance of data, owner identification is critical for creating file protection policies and meeting compliance requirements.
Deploy with Confidence
SecureSphere offers multiple deployment options, with drop-in simplicity through physical and virtual appliances, lightweight SecureSphere agents or a hybrid mix. Centrally managed, SecureSphere meets the needs of any environment – from small organizations with a single file server to large enterprises with geographically distributed data centers.
File Firewall Specifications
|File Systems Supported|
|Directory Services Supported|
|User Rights Management|
|File System Activity Audit|
|Tamper-Proof Audit Trail|
|Events and Reporting|