DeviceLock Resources

DeviceLock Introduction
Whats New in v6.3
Key Features in v6
Watch Product Demo
Reviews & Whitepapers
The Removable Threat
control usb lockdown access They Wish They'd Locked Down
Devicelock Key Features
*Free* PnP Auditing Tool
Product FAQ
Features Datasheet
Interface Screenshots
Download a Trial
Request a Quotation
Latest MailMarshal Version
Current Version :
6.3 Build 15128

Related Products

usb encryption Full Disk Encryption
Encrypted USB Sticks
Ziplip Email Archiving
Hosted Archiving & Compliance

Further Assistance
Request a Call Back
Request a 1 to 1 Live Demo
Register for a Webinar
Quick Enquiry Form
Discussion Forums

DeviceLock FAQ

FAQ

What does DeviceLock Enterprise actually do?
DeviceLock allows you to instantly restrict access to all removable devices - USB memory sticks, iPods, CD Drives, DVD writers, PDA's, Windows Mobile Devices, Tape Drives, Bluetooth, WiFI - in fact ALL removables devices.

In effect you can grant / revoke Windows style permissions to ANY physical device that you can plug into a machine running Windows - devices such as;

  • All USB devices - memory sticks, iPods, camera phones, PSP, music players etc.
  • Bluetooth / Wireless / PDA's
  • CD / DVD Writers / Readers
  • Firewire Port
  • Floppy drives / disks
  • Hard disk
  • Infrared port
  • Parallel port
  • Removable (Mass storage devices like USB Sticks and iPods)
  • Serial port
  • Tape
  • Wifi
How does it do this?
An extremely lightweight (just 450Kb!) kernel level service runs seamlessly on each client PC.

This service interacts with the various device ports available on that machine and then applies the required permissions to them.

This service cannot be bypassed / stopped / removed even if you have local admin privileges! This service is also completely invisible to end users.
How do I deploy DeviceLock?
By using a very simple to use "Admin Console" interface, you can manage machines either on a one-to-one basis, manage multiple machines in a Domain/OU or even manage and deploy via a Group Policy snap-in.

Deployment is a seamless, one-click operation - and can be enforced using Active Directory.

Can I lock down USB Sticks as well as USB ports?
Of course! DeviceLock's ability to discretely manage different families of USB device mean that you can not only allow/ignore USB mice and keyboards (HID devices) but you could also manage a USB printer, or even "White list" a unique USB stick right down to it's serial number! Here's a list of types of USB device that DeviceLock can control:

USB HID (mouse, keyboard etc.)
USB Printers
USB scanners and still image devices
USB Bluetooth adapters
USB Storage devices
USB and FireWire network cards
Can I get an idea of what is already plugged into my network?
Yes! You can either download for free use the DeviceLock PnP Auditor tool (available here) or use the DeviceLock Enterprise Manager to graphically show not only what is plugged into your machines now, but also display other devices that have EVER been plugged in before!
Can I get audit data?
Auditing is as easy to implement as locking down devices. One popular way of rolling out an audit policy is to simply audit "writes" to a device that have granted access to. Rather than fill your NT event Log with irrelevant information, you apply the level of granular control to your auditing as with your access policy.
I have an IT department with 4 administrators that will need to have their USB stick to work regardless of where they are in the network. Can their own USB sticks bypass the security policy?
Yes. Their own sticks either "by device model" or "by unique device" can be added to the "USB White list" which will indeed bypass any restrictions in place on an end-users desktop.
How can I stop people disabling the service to bypass it's settings?
By default the DeviceLock service cannot be disabled even if you have local admin privileges. However, you can even more specific with your rights by assigning a user or group of users accounts that will be the only accounts that can manage the service.
Our marketing assistant works on presentations at home and occasionally has to bring them in on her iPod for board room meetings. However, I don't want to allow her iPod constant access to the network. Is there any workaround?
There is! Using the "DeviceLock Temporary Whitelist" tool from an end-users Control Panel anyone can plug a device into their machine which will generate a request code. The local helpdesk can then simply run the "Temporary White List Administration Tool."

Options such as how long the device will granted access for can be chosen, then an "Unlock Code" is generated. All the end user has to do is enter that code to be able to use their device immediately for the required period of time!
What about laptops? Will their device still be locked when they are out on the road?
Yes! The DeviceLock policy that is installed is completely independent of the server once applied, therefore no network access is required to maintain the policy. Furthermore, the "DeviceLock Temporary Whitelist" tool can also be run without network access. The codes generated are handled by private and public keys which will have already been deployed down to the clients.
What about when a laptop comes back onto the network? How do I make sure that all those machines have the latest set of permissions on them?
The best solution for that kind of scenario and by far the most reliable would be to use Group Policy Object deployment. As soon as a laptop re-connects to the network it will retrieve it's Group Policy settings and will therefore be up to date before the end user even logs on!
How does DeviceLock compare to competitive products?
There have been many independant published reviews and evaluations comparing many device control products - products such as Safend, Devicewall, Securewave and HP Tool.

Overall we believe that technically, feature-wise, and from an overall cost, management and return on investment basis DeviceLock proves time and again to be the best solution.

Contact us for more details.

How can track changes to the domain-wide policy over a long period of time?
Using the "Compare" feature you can take two saved "reports" from the "Report Permissions/Auditing" plug-in and then run a comparison on them. Any differences for any machine are immediately highlighted. Changes to both permissions and auditing settings are highlighted; This feature will be especially useful for clients with internal auditing requirements.
How is Devicelock licenced, and how do I get a permanent key.
Devicelock is licenced on the number of PC's you wish to control. So a 25 user licence would let you manage 25 devices.

When you purchase Devicelock we will send you a licence key file normally within 24 hours. You simply copy this file into the Devicelock installation folder. Activation is instant.

It is important to note that the number of devices you are allowed to control is hard coded into the product - so if you have bought a 50 user licence you can only manage 50 devices. If you try and manage more than 51 devices the software will not allow you to.

My question isn't listed - how do I find out more information?
Give us a call on +44(0)8456 443 911 or use our Enquiry Form.

Email Compliance Software


| Copyright Softek © 1994 - 2008 |