The SRA Platform SRA End Point Control
IT departments of small- to medium-sized businesses are increasingly embracing Bring Your Own Device (BYOD) initiatives. With many employees and partners connecting their own devices to the corporate network, it’s more important than for organizations to ensure these endpoints don’t become conduits for harmful malware. While few SSL VPN vendors even offer end point control for smaller organizations, Dell™ SonicWALL™ End Point Control (EPC) for the Secure Remote Access (SRA) Series delivers enterprise-class device identification and interrogation features to small and medium-sized businesses. Dell SonicWALL EPC not only uniquely identifies Windows®, Mac OS® and Linux endpoints to tie them to authorized users, it also checks for essential components such as anti-virus, anti-spyware and personal firewall software before allowing the devices to connect to the network. This greatly reduces the chances of malware entering the network from non-IT-managed devices.
Easy, flexible device profiling.
Dell SonicWALL End Point Control enables verification of the presence or absence of anti-virus, anti-spyware and personal firewall software on the endpoint device from leading vendors such as McAfee®, Kaspersky Lab®, Symantec®, Computer Associates®, Sophos® and many others. It simplifies granular endpoint protection by allowing administrators to set up Windows, Mac OS or Linux device profiles from a comprehensive predefined list.
Robust device identification.
EPC provides enterprise-class verification of endpoint criteria, such as domain membership and OS version, and verifies the presence of a client certificate on the endpoint. The extensive device identification criteria help to tie the authorized user to specific devices as allowed by the IT department or administrator.
Multiple device profile types.
Allow and Deny device profiles include a customizable Deny message. If the endpoint device matches a Deny device profile, the user is presented with an appropriate message and given the chance to resolve the security issue on the endpoint device in order to gain network access. For instance, the user can receive a message with instructions to update the anti-virus and anti-spyware software in order to access the network. Device profiles can be enforced at the Global, User Group or User level.
Upon launching NetExtender, an EPC Dynamic Linked Library (DLL) is dynamically provisioned to the endpoint device, optimizing the client footprint on the device.
Administrators have the ability to tie a Windows DeviceID to a user by checking the device hard drive serial number via EPC interrogation and comparing this against information stored in Active Directory or LDAP.
Granular endpoint policy criteria.
EPC for SRA Series gives IT administrators the flexibility to confirm endpoint status based on:
- Personal firewall
- Custom applications
- Directory name
- Client certificate
- Windows domain membership
- Unique Windows Device ID
- Registry keys and/or Windows patch levels