The Cisco Seccurity Agent (CSA) is one of the most powerful software available in the market which gives total control over what user should do in the corporate environment.
The security administrators in the company can enforce many policies as per their requirement.It requires SQL server in the back end as database.The inbuilt Anti virus (ClamAV) which comes with it is not much powerful but you can integrate it with McAfee Anti virus.
The agent kit comes built in through which you can install client end software.It is customizable.By default there comes two agent kits Server agent kit and Desktop agent kit.
After installation of the client it automatically goes to the specific group (Server/Desktop) which you have choosed.
The Policies contains Rule Modules and Rule modules in turn contain rules.You can create your policies with your own customizable Rule Modules.Also you can create your own rule modules with rules.
You can define white list and blacklist of applications.
There are many policies but out of them I like the below ones
1.The user can view the files from the pen drive but cannot copy or save file on it.
2.The user cannot download and install new application from the Internet, network shares as well as Pen drive.
3.The applications cannot write the data in Temp folders (which is mainly used by Viruses,Worms,Trojans)
4.The applications cannot write the entries in Registry.
5.The DLP (Data Loss Prevention) policy can be implemented.
The Data Loss Prevention is a new technology which enforces policies to prevent theft of sensitive or confidential data from the organizations internal network or from storage devices.You can define the policy such as the file contains word like "Company Confidential" more then five times then the document is termed as sensitive and it cannot move out from the internal network.
I have tested this with yahoomail, zapakmail and other few sites but it does not work with Gmail as gmail uses some other type of script.
You can define the poll interval for client to communicate with Management Server.The DLP policy also finds out the Credit card nos. if they are stored on the machines.
Generally DLP comes with 3 options
1.DLP for data center- for the data at rest
2.DLP for Endpoint- for the data in use
3.DLP for network- for the data in move
CSA can be used as DLP endpoint and DLP network very well but i have not verified the DLP data center option.
Above all it is the best security product available in the market from Cisco.
Other categories
Cisco Jokes Photos Tutorials Voip Goa
view entry
| 0 trackbacks
| permalink
Calendar
