News

  • Home > News

        Security software for networked, XP Embedded based devices

        Doug | Date: May 17, 2004 | Comments: 1


        Sygate Technologies announced security software that it claims is the first "endpoint security solution" for devices running Microsoft's Windows XP Embedded software platform. Sygate says its Security Agent software provides intrusion detection and prevention, personal firewall, host integrity, and centralized management functions, and that it is well suited to network-connected applications such as...

        point-of-sale terminals, public kiosks, and automated teller machines (ATMs).

        Security Agent for Windows XP Embedded is a componentized version of Sygate's standard Security Agent, which is currently deployed in large enterprises -- including Diebold and Prudential -- to protect endpoints such as desktops, laptops, and servers.

        According to Sygate's announcement, the XP Embedded security agent package includes the following functions:
        • Application-centric firewall -- Incorporates an application-centric firewall that "stealths" host systems, provides stateful firewalling, applies rule-based security policy, and controls application usage.

        • Application-Based Intrusion Prevention Engine -- Applies patterns of known attacks to all incoming and outgoing traffic as a second layer of defense. This approach to intrusion prevention uses application layer information and deep packet inspection to more effectively identify and block known attacks.

        • Adaptive Policies -- Dynamically adapts security policies based on the device, the hostility of the network environment, and the access method.

        • Host Integrity Checking -- Checks the security status of the embedded device including: the status of executables, files, registry values, versions, patches, and operating system configurations.

        • Universal Enforcement -- Ensures that embedded devices are 100 percent compliant with security policies before permitting network access. Enforcement can be accomplished in several different ways: Endpoint Enforcement, Gateway Enforcer, and enforcement in conjunction with third-party products such as VPNs or wireless access points.

        • Automated Remediation -- The software can automatically initiate a remediation action on a non-compliant device such as to download and install a software patch or update, execute command-line instructions, turn applications or OS features on or off, thereby returning the device to security policy compliance.

        • Centralized Management -- Enables administrators to define, provision, and enforce security policies across all connected systems and devices.


        Related stories: