The name of the base system (platform): | Zecurion DLP |
Developers: | Zecurion (before SecurIT) |
Last Release Date: | 2016/08/02 |
Technology: | Firewall, cybersecurity - Information loss preventions |
Content |
Zlock is the software for differentiation of access rights of users to external and internal devices of the computer and to local and network printers. Zlock treats family IPC/ DLP- systems and allows to archive the printed documents and files written on USB-, CD - DVD carriers and other devices.
2016: Zecurion Reports
On August 2, 2016 the Zecurion company announced release of the analytical module Zecurion Reports.
The module has ergonomic design, supports the interactive questionnaire of the employee with the evident chart of communications, provides monitoring of incidents by means of which the security officer can quickly browse summary information on violations, their dynamics and user groups of special attention. The base from 20 preset reports was replenished, they will help to reduce the volume of manual work by preparation of analytical reports.
The Zecurion Reports 2.0 interface became laconic due to increase in controls and failure from excessive detailing. In particular, key indicators of security of data are reduced in three interactive charts. To get acquainted with parts, it is enough to click on the diagram then the table part corresponding to the selected area opens. The graphics mode is also used for detection of patterns in work of employees.
In the section of the chart of communications the scheme displaying communications of the employee is implemented. The chart is also interactive — at guidance of the cursor the detailed list of incidents emerges. In the chart it is possible to browse violations depending on the level of criticality and all correspondence of the user performed on different communication channels and using different services. For convenience all messages of the selected user are grouped in interlocutors and sorted by departure time. The interactive questionnaire of the user was replenished with the mass of additional options which allow to see the overall information picture about actions of the employee and detailed data by selected the politician, a period, data transmission channel, type of violations or a circle of contacts.
In this version the number of the preset reports was replenished. As a part of Zecurion Reports more than 20 reports which provide 99% of daily tasks of the security officer. There is a possibility of creation of tabular reports and diagrams. For this purpose in the module the designer of reports who "prompts" to the security officer what parameters of data are suitable for creation of this or that report acts.
Reviewing the concept of Zecurion Reports, we placed emphasis on convenience of using of quite complex system. The new interface is constructed around the administrator's purposes therefore all necessary options always near at hand and are available to implementation of the necessary transaction on one screen. All this will allow to reduce significantly time of employees for input and information search. The same treats also reports which take the important place in work of the specialist in information security. First, the employee can select metrics for removal of data or use the preset reports which are most adapted for these or those tasks. Secondly, the business management can create reports under different needs, for example, for the presentation. These and other improvements of Zecurion Reports release the mass of labor resources of administrators which can always find more worthy application. |
2015: Zecurion Zlock Mac controls Mac OS
On August 19, 2015 the Zecurion company announced release of Zecurion Zlock Mac — specially created control system of devices of the user for the Mac OS platform.
The company announced also end in June, 2015 of the closed beta system testing among IT and cybersecurity specialists (more than 100 people). According to the results of testing developers of Zecurion company considered wishes of participants, eliminated errors, improved functionality of the program.
Zecurion Zlock Mac, 2015
With a release of the version of Zlock Mac the possibility of control of different USB devices and blocking of leakages of confidential data from workstations running the Mac OS X operating system of versions of Mountain Lion, Mavericks and Yosemite appeared.
As well as Windows version, Zecurion Zlock for Mac supports creation of flexible security policies for different types of USB devices, different groups or certain users: possibly not only to prohibit or permit use of USB drives, but to set partial access — only on reading. Management of politicians at the same time for Mac- and Windows platforms happens via the single console of management of DLP solutions of Zecurion that facilitates work of the employee of security.
"A great number of our customers use products of Apple in work that leads to increase of risks to lose important corporate information from Mac workstations. Considering wishes of customers and the increasing demand for the system of data protection from leaks for Mac OS, we developed the special version of Zlock which, we are sure, will have great success among clients — Roman Vasilyev, the technical director of Zecurion said. — Besides, there is a wish to thank separately our customers and partners who took part in beta system testing. Thanks to joint efforts we not only eliminated errors, but also improved a product".
2014
Zecurion Zlock 6.0
On August 5, 2014 the Zecurion company announced release of a DLP system for endpoints of Zecurion Zlock network (Device Control) 6.0 with support of digital fingerprints, a support vector machine and other latest technologies of data analysis.
Key difference from the previous version - support of new developments of Zecurion in the field of the analysis of the intercepted data. In Zecurion Zlock 6.0 it is possible to use digital fingerprints of DocuPrints, a support vector machine of SVM, the analysis of graphic files using the OCR module and ImagePrints technology for determination of the documents containing certain images, for example, printing of the organization.
All settings are stored on the server of configurations, uniform for all products, and in them use of the general base of prints of confidential documents is possible.
For control of remote workers in the updated Zecurion Zlock there is a possibility of access lock in the Internet when finding the computer out of corporate network. At activation of such blocking access to a World Wide Web will be possible only via the VPN server set in the Zlock settings. Network traffic at the same time is redirected via a secure channel to corporate network and can be exposed to the analysis using Zecurion Zgate.
In this version of Zlock the feature for control of a clipboard is added: everything that users copy in it, remains in archive and can be browsed by the security officer at any time. Zecurion Zlock 6.0 supports expanded control of the smartphones and tablets working under OS Android and Windows Phone, the remote devices connected to the computer on a RDP session, for example, when using "thin clients".
"We developed the new version of Zecurion Zlock proceeding from numerous wishes of customers as now many pass to a format of remote work. For this reason the new functionality is aimed at providing safe data processing by employees out of office" — Roman Vasilyev, the technical director of Zecurion noted.
Beta testing of Zlock for Mac OS
In December, 2014 the Zecurion company announced the beginning of beta testing of Zecurion Zlock Mac — essentially new version of a system for control of endpoints of the network developed especially for the Mac OS platform.
For the last few years the share of products of Apple in the corporate sector promptly increased. With respect thereto also risks of data loss from Mac workstations grew that led to emergence of additional requirements to data protection. Considering the increasing demand for the system of data protection from leaks from users of Macintosh, Zecurion developed the special version of the solution Zecurion Zlock (Device Control) demanded among the companies. With an exit of Zlock Mac the possibility of control of use of different USB devices and blocking of leakages of confidential data from workstations running the Mac OS X operating system of versions of Mountain Lion, Mavericks and Yosemite will appear.
As well as Windows version Zecurion Zlock for Mac allows to create flexible security policies for different types of USB devices, different groups or certain users. At the same time it is possible not only to prohibit or permit use of USB drives, but also to set partial access — only on reading. Management of politicians at the same time for Mac-and Windows platforms happens via the single console of management of DLP solutions of Zecurion that considerably simplifies work of the security officer.
2013: Zecurion Zlock 5.0
Zecurion Zlock 5.0 for the first time among DLP systems includes functionality on protection of confidential files on USB devices using enciphering — kriptoperimetr.
Kriptoperimetr — a unique feature for DLP systems — is fundamental difference of Zlock from the solutions for protection of endpoints of network against leaks existing in the market. Kriptoperimetr allows to neutralize a broad spectrum of threats: employees can freely copy confidential documents on USB sticks and work with them on the authorized computers, and at loss, theft or use of the carrier by the third parties the ciphered files will be reliably protected from unauthorized access.
Enciphering happens in Zecurion Zlock 5.0 at the level of files, i.e. one USB device may contain at the same time as protected, and normal files. Kriptoperimetr works in the mode, "transparent" for users, and can cipher confidential documents depending on the content, type or other parameters. Opening of the ciphered documents is possible on the computers resolved by politicians Zlock, for example, only on stationary PCs of a certain department.
For data protection in Zecurion Zlock reliable encryption algorithms with key length from 256 bits are used. Encryption keys are on a centralized basis stored on the server and automatically loaded on client computers, and settings of a system allow to peregenerirovat encryption keys at any time or automatically with the set frequency.
One more important innovation of Zecurion Zlock 5.0 is a possibility of preserving in archive of screenshots of desktops of employees. This function will allow security services to know better what occurs on computers of users more effectively to prevent leaks. Also in the new version there was an opportunity to log attempts of removal of the agent, and the list of possible settings on the server of configurations extended.
"The quantity and quality of innovations in the fifth version of Zecurion Zlock allows to speak about reaching the new level of functionality — Alexey Rayevsky, the CEO of Zecurion says. – In our solution possibilities of the agent for the content analysis and data encryption are combined. Earlier the similar functionality could be implemented only using two different products that is much more difficult, more expensive and it is fraught with the conflicts at operation. Now administrators will be able to focus on accomplishment of tasks of prevention of leaks instead of solving technical issues".
2012
Zecurion Zlock 4.0
Key difference of a product from the previous versions — a possibility of the content analysis of the files written on USB devices and printed. Now control of use of drives and printers will be possible not only on characteristics of devices, but also on types of the transferred files and their contents.
Certificate of the Ministry of Defence and FSTEC
On June 8, 2012 a DLP system for protection against information leaks via the peripheral devices Zecurion Zlock passed tests in the system of certification of the Ministry of Defence of the Russian Federation on the 2nd level of control of NDV.
Certification tests were carried out in testing laboratory NPO Eshelon on which account certification more than 300 different products, means and information security systems. Zecurion Zlock successfully passed tests. The certificate confirms that the product conforms to requirements of the regulating document "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of absence control of not declared opportunities" on the 2nd level of control, on compliance of the real and declared in documentation functionality.
The Zlock system of development of Zecurion company is intended for protection against leaks of confidential information on endpoints of network. Zecurion Zlock allows to control use of the devices connected to ports USB, LPT, COM, IrDA, IEEE 1394, the slot of PCMCIA, internal devices — including the built-in network interface cards, modems, Bluetooth, Wi-Fi, CD/DVD disk drives and also local and network printers. Zecurion Zlock differentiates access to drives and printers, analyzes contents of the files printed and written on devices and blocks actions of users in case of identification of violations of security policy.
Zecurion Zlock is closely integrated with other products Zecurion — a DLP system for control of network channels Zecurion Zgate, a system for data retrieval of Zecurion Zdiscovery and an encryption system of servers and the magnetic tapes Zecurion Zserver. Together they make the end-to-end system providing the most effective protection against leaks of confidential information.
In November, 2012 the Zecurion company announced obtaining the FSTEC certificate for the Zecurion Zlock DLP system. The certificate confirms high quality of a DLP system which can be used for data protection in automated systems to class 1G and in ISPDN up to 1 class inclusive.
FSTEC certificate No. 2753 specifies that Zlock is the software tool of data protection from unauthorized transfer (output) from the protected segment of an information system, protection against unauthorized access to information conforms to requirements of the regulating document ". Part 1. Information security software. Classification by the level of absence control of not declared opportunities" (State Technical Commission of Russia, 1999) — on the 4th level of control and specifications and also can be used during creation of automated systems to a class of security 1G inclusive and for data protection in personal data information systems up to 1 class inclusive.
2011: Zecurion Zlock 3.0
The main innovation of version 3.0 — the server component of Zlock Enterprise Management Server intended for the centralized storage and distribution the politician and the Zlock settings. Synchronization with Zlock Enterprise Management Server happens to the frequency set by the administrator and includes check flowing the politician and settings of agents and their updating in case of need. Synchronization happens via a secure channel and can extend both to all network, and to certain domains, groups or computers.
In Zlock 3.0 by analogy with other products of the company the feature for use of own authentication system was added. If in the previous versions for access isolation to functions of the management console only users were used Microsoft Windows, then in Zlock 3.0 for this purpose accounts of SECURIT can be used. The authentication system, independent of Microsoft Windows, is useful when use of domain or local users of Windows is impossible or it is undesirable.
2010: Zlock 2.5
Main Features Zlock allows to differentiate access taking into account the following parameters:
- The user or a user group on which the policy of access will act.
- Group, type of devices or the specific device (serial number, device type, the code of the producer, the driver and so forth) to which the policy of access will be applied.
- Finding of the computer in network or beyond its limits.
- Continuous or disposable access.
- Full access, prohibition or access only to reading.
- Date and time of access.
- Archiving of printing or record.
Controlled devices
- any USB devices are flash-drives, digital cameras and audioplayers, pocket computers, etc.;
- local and network printers;
- internal devices are controllers Wi-fi, Bluetooth, IrDA, network interface cards and modems, FDD-, CD - and DVD disk drives, hard drives;
- LPT, COM and IEEE 1394 ports;
- any devices having a symbolical name.
Specific Features
- access isolation of users and user groups to any devices and input/output ports;
- creation of "white" lists of devices (only devices from the list are resolved, all others — are prohibited);
- preventive shadow copying (archiving) of all written data and the printed documents;
- journalizing of all actions of users with devices and with files/documents;
- the centralized storage and audit of data of shadow copying and journalizing with support of technologies XML MS SQL, Oracle Database and so forth;
- remote control, deployment and audit using own Zconsole console which also allows to manage Zgate, Zserver Suite and other solutions of the class IPC;
- remote control and deployment through group politicians of the domain;
- support of work in the working groups;
- providing temporary access to any device for users and computers by phone, when there is no possibility of remote connection;
- permanent monitoring of agents at workstations;
- protection of agents against shutdown by normal users and control of their integrity;
- creation of graphic and text reports with a possibility of setup.
See Also
Technologies of privileged information loss prevention: