[SafeGuard® Easy]

The Ultimate PC security solution – whether in the office or on the move

Data is one of the most valuable assets that companies and organizations have. These assets are in even more danger since “mobile computing“ has become a reality: sensitive information is stored on notebooks and removable media – without any firewall protection. Mobile devices and media, along with the sensitive and valuable information that is stored on them, are constantly exposed to loss or theft. A company’s management team is responsible for taking all appropriate steps to protect a company’s or organization’s data.

SafeGuard® Easy provides this protection: No unauthorized user may access the device and read data or use the device as a tool to enter the company network. If a device gets into unauthorized hands the data is securely protected even if the hard disk is removed. Complete encryption of the entire hard disk and a user authentication procedure that runs before the operating system boots provide secure protection.

Whether a single laptop or 10,000 PCs are to be protected, SafeGuard® Easy allows easy implementation and enforcement of the IT security policy. SafeGuard® Easy is truly user-proof. It operates transparently in the background, so end users don’t have to undergo training or alter their work behaviours. For security officers, IT managers, and system administrators, SafeGuard® Easy offers transparent security, easy security policy implementation, and simple deployment.

In a world where laptops and desktop PCs are lost every day and hackers attack corporate secrets every hour, SafeGuard® Easy is a business necessity.

Key Features/Functionality

Security

  • Pre-boot authentication using password or eToken, optionally applicable on up to eight OS partitions
    • Organization specific password rules
    • Optional eToken authentication
  • Comprehensive encryption capabilities
    • Full or partial hard disk encryption, independent of file system (e.g. NTFS, FAT)
    • External media encryption (e.g. diskettes, ZIP and JAZ disks, USB memory sticks)
  • Sophisticated and efficient encryption algorithms
    • AES (256 and 128 bit), IDEA (128 bit) and others
  • Secure key management: Enciphering key dynamically generated from the password entered – not stored on disk
  • Secure hibernation
    • Encryption of “Suspend to Disk” mode (hibernation image)
    • Authentication after resume
  • Use of TPM chip for encryption key generation and authentication procedure (e.g. IBM ESS support)
  • Integrated Boot Manager to support multiple operating systems and/or secured/unsecured partitions on the same dev

System administration

  • Windows Installer (MSI) based installation
  • Optional central administration console
    • Queuing and distribution of configuration files to clients
    • Central collection of client settings
  • Remote management console for remote client management
  • Scripting interface for automating administrative tasks
  • Pre-boot event logging
  • Secure Wake on LAN

Ease of use

  • Single Sign On to the operating system
  • Automated encryption without user intervention
  • Efficient algorithms – negligible performance impact
  • Secure and powerful challenge/response procedure to reset forgotten passwords without the need for on-line connection

System Requirements

Hardware

  • PC with Intel Pentium or similar
  • Minimum 25MB free hard disk space

Operating System

  • Microsoft Windows XP / 2000
  • Microsoft Windows 2003 Server Standard Edition

 Network

  • All Microsoft-supported networks

Certifications

  • Common Criteria EAL3
  • FIPS 140-2 cryptographic library in evaluation
  • Aladdin eToken enabled

Complementary SafeGuard® products

  • SafeGuard® Advanced Security modules as add-ons to support other smartcards, central auditing, Multi-Desktop, SSO, PnP management, Application Specific Access Rights etc.
  • SafeGuard® LAN Crypt for workgroup based file/folder encryption.
  • SafeGuard® Easy Web Console for Challenge /Response Helpdesk, with CryptoServer 2000 Hardware Security Module.

Interoperability

  • Compatible with IBM Rescue and Recovery® with Rapid Restore® (RnR) allows RnR to backup and restore data to SGE encrypted harddisks (even a complete restore of the operating system)
  • SafeGuard Easy is compatible with all leading software distribution tools
  • Aladdin eToken PRO for pre-boot authentication
  • Integration of other smartcards via PKCS#11 (additional SafeGuard Advanced Security module required)
  • VOICE.TRUST server for automated biometric challenge/response helpdesk

Interfaces

  • Scripting API to automate repetitive administration tasks

Standards/Protocols

  • PKCS#11, AES (256 and 128 bit), Rijndael (256 bit), IDEA (128 bit), DES (56 bit), Blowfish-8/16 (256 bit), Stealth-40 (40 bit)

Language Versions

  • English, German, French
Copyright © 2005 iQwest Technologies. All Rights Reserved.