Zone Labs Inc. last week announced the first major upgrade to its Integrity client protection software, adding centralized management and deployment tools.
Integrity 2.0 gives administrators more granular control over the rules and policies in place on each desktop, making the product more like a traditional network firewall.
Integrity 2.0 comprises a central management console and Integrity Desktop, which is a client-side firewall that sits on an end users computer.
Among security enhancements in Integrity 2.0 is a function that enables administrators to control which ports are open on each client firewall and which protocols are allowed through.
There is also a new component control feature that ensures that only applications with certain components—such as .dlls—are allowed to access the Internet. This can prevent malicious code from using authorized applications to take unapproved actions, Zone Labs officials said.
Integrity 2.0 lets administrators deploy and update Integrity Desktop clients remotely, and policies can be assigned by IP address, user name, group assignment, entry point to the network or any combination of these factors.
"End point security is a big concern, especially for users who are on PCs that are using a [virtual private network]," said Fred Felman, vice president at Zone Labs, based in San Francisco. "People are facing the same issues behind the [corporate] firewall as they are in front of it."
Another new feature in Integrity 2.0 is the ability to perform a reference scan. Using this feature, an administrator can take a kind of fingerprint of one Integrity Desktop, which records the policies and controls in place on a machine. The administrator can then use the fingerprint as a template for the deployment of other end point firewalls in a company.
Integrity 2.0 includes support for Microsoft Corp.s Active Directory and LDAP. It is due by the end of this month or early next month. Pricing will start at $65 per seat.
Integrity 2.0 also includes a function called application reference checking, which grants or denies Internet access to new applications. The access decision is based on a central list of approved applications, which the administrator can either get from Zone Labs or create.
New Features in Integrity 2.0
- Central management of desktop firewalls
- Port and protocol control by application
- Component control to prevent malicious use of authorized applications
- Central deployment and updating of Integrity clients