Centrally Enforced Data Protection

Detect: Identify and control the synchronization of data directly to rogue mobile devices from PCs or over-the-air synchronization of email from Microsoft Exchange Server

Manage and Audit: Centralize security policy management from a single console for desktops, Notebook PCs, handhelds, USB flash drives, and CD/DVD media. Audit trail ensures that company data security rules are being enforced across all mobile devices

Encrypt and Enforce: Ensure that sensitive data is securely encrypted, while providing defense in depth; user authentication, controlled port access and application restrictions

Operations and Support: Work within existing IT operations such as patch management and application upgrades; ensure that the Helpdesk can provide immediate resolution to end-user problems including forgotten passwords and data recovery

CREDANT Mobile Guardian Enterprise Edition (CMG) is based on a flexible, single-system architecture for powerful central administration of single and multi-domain environments. The solution combines policy-based encryption and enforcement, automatic device detection, authentication, auditing and reporting capabilities. Multiple levels of access, device and end user control help ensure endpoint data security as well as compliance readiness. Even better, CMG solutions operate in the background without affecting operational performance, administrative productivity or the user experience.

With CMG Enterprise Edition, organizations can address their endpoint data security and compliance needs in an effective, efficient and transparent manner.

Integrated Components for a Comprehensive, Easy-to-Deploy Data Protection

CMG Enterprise Edition data security solutions are based on an integrated set of components. This approach helps streamline deployment and enable organizations to develop flexible, tightly integrated solutions for data protection based on their specific needs.

• CMG Enterprise Server integrates with enterprise directories to provide a central, web-based interface for security policy definition and management. The interface also supports real-time mobile device inventory, as well as continuous reporting of mobile device security status for policy compliance. At-a-glance encryption status reports are backed by charts showing end-point “check-in” and encryption trends.
• CMG Shield resides on mobile devices and external media to enforce mobile security policies even if the device is disconnected from the network. It enforces strong authentication, policy-based encryption, and device / end-user controls. Enhanced features include greater encryption transparency and increased flexibility for administrators implementing corporate security policies. CMG Shield is available in a StandAlone Edition for Windows® version that supports devices in disconnected or non-domain environments and in an External Media Edition for Windows version when encryption of a local drive is not needed.
• CMG Policy Proxy resides on the corporate network or DMZ to provide secure distribution of policies and policy updates from the CMG Enterprise Server to the CMG Shield. It also collects device inventory and reports back to the CMG Server for auditing and reporting.
• CMG Local Gatekeeper resides on desktops and notebooks to automatically detect, protect and control locally synchronized mobile devices. It provides secure, distributed communications between CMG Shield and CMG Enterprise Server for transparent delivery and management of policy and software updates.
• CMG OTA Sync Control (optional) enhances Microsoft Exchange Server ActiveSync to control which handhelds (includes iPhone, Symbian, Palm OS and Windows Mobile devices) can sync email, contacts, and so forth.

CMG Enterprise Edition Benefits

CMG Enterprise Edition is part of the CREDANT family of data protection products, the only centrally managed, data-centric solution for protecting endpoint data wherever it resides. With CMG Enterprise Edition, organizations realize the following key benefits:

• Policy-based, centralized management for improved data security, compliance and ease of use
• Non-disruptive security that works with existing operational processes and does not impact the user experience
• Proven technology, expertise and experience from the industry leader in endpoint data protection
• Quick deployment of data protection for laptops, desktops, handhelds and external media across diverse platforms
• Automatic audit trails that offer proof of end-to-end data security
• Protection of data from unwarranted access, reducing risk of internal breaches
• Support for today's diverse laptop and desktop environments, including both 32-bit and 64-bit Windows XP Professional and Vista, as well as Mac OS X

Ask for more information about CREDANT products and how they provide organizations with proven-effective solutions for endpoint data protection.

Key Features with CMG Enterprise Edition Include:

• Multi-level access, device and end-user control
  • Flexible PIN and password parameters for handhelds and removable media
  • Integration with native authentication environments including multi-factor authentication
    • Smart Cards
    • Biometrics
    • RSA SecurID for Microsoft® Windows
  • Self-service and help-desk assisted password recovery, even when a device is disconnected from the network
  • Enhanced administrative control and options for Windows laptops and desktops
    • Ability to allow encryption only when the screen is locked 
    • Increased performance and transparency of encryption
    • Simplified decryption and uninstall process for multi-user computers
  • Advanced application control on Symbian Smartphones and Windows Mobile® Pocket PCs, with the ability to create application Whitelists and Blacklists
  • CMG Console Shield deployment status charts
    • Charts showing current device protection status
    • Segmented bar charts showing device protection status history
    • Segmented charts showing the number of devices that have checked-in per a day over the past 90 days
  • Automatic cleanup of inactive devices for even better CMG Console reporting
  • Communication port controls (Bluetooth, IR, and so forth) for PDAs
  • Optional Over-the-Air (OTA) Sync Control that enforces which handhelds (includes iPhone, Symbian, Palm OS and Windows Mobile devices) can sync to Exchange ActiveSync®
  • Integration with Cisco Network Admission Control (NAC)
  • Maintain data privacy while allowing multiple users to securely share information on the same desktop or laptop
  • Allow local administrators to maintain the system while blocking access to critical end-user data
  • Flexible policy provides total end-user transparency or enable various end-user controls to help make your users part of the security solution
  • Encryption of local Security Account Manager (SAM) database and domain password hash, paging file and other important Windows and program files
  • Automatic key escrow for simple, immediate data recovery
  • Device- and user-based policies provide ultimate flexibility to secure any environment


• Support for industry standard encryption algorithms
  • FIPS 140-2 and Common Criteria validated
    • AES 128
    • AES 256
    • 3DES
  • Blowfish


• Broad operational compatibility
  • Compatible with automated patch management systems
  • Compatible with existing disk recovery, backup and forensic tools
  • No special system maintenance tools or procedures needed


• Extensive support for devices, operating systems and external media
  • Notebooks, tablet PCs and desktops running:
    • Microsoft® Windows Vista® 32-bit and 64-bit Ultimate, Enterprise, Business and Home Premium
    • Microsoft Windows XP Professional 32-bit and 64-bit Media Center and Tablet PC
    • Mac OS X v10.4 Tiger and v10.5 Leopard for Intel-powered systems
  • Pocket PCs and Smartphones running:
    • Windows Mobile™ 6.1 Professional (Pocket PC) and Standard (Smartphone)
    • Windows Mobile 6.0 Professional (Pocket PC) and Standard (Smartphone)
    • Windows Mobile 5.0 Pocket PC and Smartphone
    • Palm OS® 5.x
    • Symbian 9.x S60 3rd Edition
    • OTA Sync Control support for iPhone
  • External media accessing data from:
    • Microsoft Windows Vista 32-bit and 64-bit Ultimate, Enterprise, Business, and Home Premium
    • Microsoft Windows XP Professional, Home, Media Center and Tablet PC
  • Enterprise server platforms
    • Windows Server 2003 Standard and Enterprise
    • Windows Server 2003 R2 Standard and Enterprise
  • LDAP support
    • Microsoft Active Directory®
    • Sun® ONE Directory Server
    • Novell® eDirectory™
  • Supported databases
    • MS SQL Server 2000, 2005
    • MS SQL Server 2005 Express Edition

• Foreign language support and OS internationalization
  • Install the CMG Enterprise Server on localized systems
    • French
    • Italian
    • German
    • Spanish
  • Install the Windows Shield on Asia-Pacific (APAC) localized systems
    • Full double byte character support, including inventory and reporting 
    • Support for “Worldwide English” Windows OS
    • Supports systems running Multilingual User Interface (MUI) language packs
  • European localization for Windows, Handheld and External Media Shields
    • French, Italian, German and Spanish support
    • All user interfaces automatically localized, based on the host computer's language configuration
    • Full localization of help files 

Screenshots

CMG Enterprise Edition is based on a flexible, single-system architecture for powerful central administration of single and multi-domain environments.