Centralized Policy based Data Protection and Security Management
VerSec can either extend your existing Microsoft Group Policy framework or make use of its own built-in multi tiered and redundant policy distribution framework.
The VerSec Management Console is a Microsoft Management Console Snap-in and includes extensions that tightly integrate VerSec's GPO settings with Microsoft's Group Policy Management Console (GPMC).
VerSec provides detailed auditing capabilities and is configured on a policy by policy basis allowing great flexibility over where audit events should be sent. Computers that are disconnected from the network will cache audit events until they are reconnected.
Audit destinations include: Altiris, RDBMS, Windows Event Log, Email and text files.
In most situations audit events should be sent to a RDBMS as this allows you to search and view audit events and management reports through the VerSec Management Console. VerSec supports MySQL, SQL Server and Oracle.
All audit events are generated with a cryptographically secure Tamper Hash. The VerSec Management Console verifies this hash each time an event is displayed and will notify the user if the hash does not verify thus indicating that the event log data has been tampered with.
)
VerSec supports both black and white list access control techniques and the technique to use can be configured on a policy section by policy basis.
By default, the black list allows access to all the items listed for the feature configured. You must explicitly select those items that you want to block. Conversely, the white list technique blocks access to all items by default and you must explicitly define those items you wish to allow.
Override Codes allow actions that are blocked by a policy to be temporally overridden thus enabling a high degree of business continuity.
As an example on how override codes may be used, a laptop user who is traveling and not connected to the corporate network may require access to transfer a file that their policy is blocking them from transferring. Without an override code the user would be forced to wait until they have reconnected to the corporate network and received a GPO update before they could transfer the file.
This of course could be disastrous to business productivity.
Policies can therefore be configured so that if required users can be given permission to generate their own override codes and/or codes for others.
In our example a Help desk administrator could generate an override code and read it out over the phone or email it to the user. Alternatively if the user was highly trusted a GPO could be configured to enable them to generate their own override code on the spot.
The generation and subsequent use of override codes is fully audited.
VerSec allows the configuration of Away Policies - alternative policies that are enforced when a computer is not on the corporate network.
As an example of how Away Policies may be used, perhaps you wish to disable all modems, Bluetooth radios and Wi-Fi network cards while a computer is attached to your corporate network to prevent network bridging from occurring and your corporate firewall and internet filters from being by-passed.
Your mobile users, however, still need to be able to access these devices when they are away from the office. Using an Away Policy configured to allow these devices while the normal policy is configured to block them allows you to implement a secure and practical solution.
Another example is that you may want to increase the auditing that occurs when users are disconnected from your corporate network.
)