Zone Labs Updates Security Enforcer For Guest Access - InformationWeek
03:07 PM

Zone Labs Updates Security Enforcer For Guest Access

The update includes checks for spyware, worms, Trojan horses, key loggers, and other malicious code lurking on guest systems.

Zone Labs on Monday rolled out an update to its Integrity Clientless Security solution that blocks non-IT controlled PCs--such as those owned by partners and used by mobile workers--from accessing a company network without having proper security provisions in place.

Clientless Security 2.0 includes checks for spyware, worms, Trojan horses, key loggers, and other malicious code lurking on guest systems, then automatically disables the processes such malware runs before allowing a user to log on to a Web-based application such as Outlook Web Access or an SSL-secured VPN connection, said Frederick Felman, Zone Labs' VP of marketing.

"Clientless Security disables the malicious code, but it doesn't delete it," Felman said. "Some of the users on those PCs may not have administrative rights, so they aren't able to remove, say, spyware. Instead, we disable those forms of malware without requiring any user interaction."

Clientless Security differs from other security policy-enforcement products in that it's aimed at PC assets not owned and managed by businesses. "Partners' PCs, which are often used to access corporate CRM or ERP software, are checked to make sure a firewall is present and anti-virus [protection] is there before access is granted," Felman said.

The product is able to handle all the major anti-virus solutions, including those from Symantec, Trend Micro, and Computer Associates, and will not only verify the presence of such defenses, but also check that the anti-virus definitions are up to date.

All checks against policies are done before a user is allowed to log on to the network, said Felman, and done without installing any software on the client. Instead, ActiveX controls are loaded onto the system at the beginning of each Web or VPN session, then unloaded at the end. The control can be optionally cached by the administrator to the client for a performance boost the next time the system logs on.

Systems that don't meet the required policies, which administrators set at a central software console, can be completely blocked from logging on, or other administrator-defined options can come into play, such as allowing a log on but with notification to both the user and the IT staff that the system isn't up to par. Users can also be automatically redirected to other enterprise assets, such as a patch-providing server or the company's anti-virus definition files, to bring their systems into compliance before log on is permitted, Felman said.

On the firewall side, Clientless Security will check that a firewall is present on the outside system, and if one is absent, the user can be asked to install one, or the administrator can set policies so that one is automatically installed prior to logon.

Other verifications new to version 2.0, said Felman, include status checks of the client's overall security, and warnings if the system has not been patched against currently-known vulnerabilities.

Clientless Security works on guest PCs running Windows 98 and later using Internet Explorer 5.0 or later to access an enterprise Web site or application, or the network through a VPN tunnel. The software runs on Integrity Clientless Security offers Windows, Linux, and Unix servers, as well as Microsoft Internet Information Server and Apache Web servers.

Prices start at $20 per user.

Check Point Software completed its acquisition of Zone Labs late last month as it laid out $114 million in cash and issued an additional 5.3 million shares to pay for the private security firm.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll