X-FORT (EN)

X-FORT

Enterprise Electronic Data Surveillance System

Provides a comprehensive endpoint security solution includes DLP, DRM, and ITAM. It prevents confidential information from breaching or losing, and provides the management tools of applications, computer assets, and remote control.

X-FORT Function List

 

Category

Module

Function

Description

D

L

P

Local Security

Storage Device Control

  • Flexible control mode: Disable, read-only, plaintext, encryption
  • Support external HDD, USB drive, SD card, MP3, etc.
  • External storage device registration method: Hardware, software, serial number
  • MTP (smart phone) control
  • HDD protection:
    • MBR and BitLocker disk protection: Prevent users escape control by using CD-ROM boot, USB drive boot, or HDD cascade
    • BitLocker auto unlock disk after login Windows, support both GPT / MBR format

Adv. Storage Device Control

  • Copy file to external storage device with supervisor approval
  • Limit size of daily copy or single file to an external storage device

CD/DVD Control

  • Disable disc recorder (CD / DVD / HD DVD / Blu-ray) and disable burning applications
  • X-BURN
    • Burned into ciphertext or plaintext with comprehensive record & alert
    • Burn CD/DVD with supervisor approval

Printing Control

  • Configure printing policy for each local or network printer
  • Watermark protection
  • Backup the printed content or file
  • Allow temporary printing or cancel watermark with supervisor approval

Operation Log

  • System file activity & operation record: Record system file deletion and rename event (includes
    command mode operation)
  • User activity & operation record: (1) Software execution and operation (2) Web browsing (3) OS login & logout (4) File operations includes create, copy, move, rename and delete

Adv.

Operation Log

  • Microsoft Office file access control and log (open, save, save as)
  • Clipboard log (copy, copy paste)
  • Record CMD and PowerShell input and output text

Other Control

  • Port and tools protection: IrDA transceiver, Bluetooth, file transfer software, PrtScr key, remote control, GHOST, VMWare, Virtual Box, Hyper-V, P2P software, SHARE tools, registry editor, sound card, ˘etc.
  • Disable the built-in or USB wireless network card
  • General device control: Disable devices in Windows Device Manager
  • Control Windows virtual devices, e.g., mobile phones, digital cameras, MP3 phones

X-DISK

  • Private encryption virtual drives: Store important files, and record user's behavior on X-DISK

Network Security

Folder Sharing Control

  • Network folder sharing control: Disable, access record, backup files transfer
  • Email notification while network traffic and the number of file deletion exceed the threshold

Connection Control

  • Enable or disable communication ports, e.g., FTP, HTTP
  • Allow to use communication port with supervisor approval
  • Application access control & network access control

Transfer Control

  • IM control: Disable IM software, disable file transfer, disable screen snapshot, disable desktop sharing and record chat message, support Line, Skype, Skype for Business, WhatsAPP, Tencent QQ, WeChat, AliWangWang.
  • FTP: Disable FTP or record & backup FTP transfer
  • Wireless access: (1) Disable 3G / 3.5G & dial-up software (2) Disable WiFi service

Web Browsing Control

  • Web access control:
    • Record user browsing behavior, search term and tag visited destination country
    • Allow user to browse website during specific period (e.g., browse Facebook after hours)
    • HTTPS control: Support user defined blacklist and whitelist, and record blocked website browsing.
    • Advanced web access control: (Support IE with specified URL)
  • Disable open file, save as, printing, keyboard, copy, paste, drag & drop functions
  • Disable the keyboard, drag and drop, send the screen, view source file
    • WebPost control: Disable or record file uploads (e.g., webmail, web storage)
    • Network traffic monitoring: Daily upload and download traffic alerts
    • Allow web access with supervisor approval

Cloud Control

  • Control sync software and URL of cloud drive
  • Control web based cloud service (support IE, Chrome, Firefox)
  • Control application using HTTPS connection (TLS / SSL)
  • Control Microsoft Office save as to cloud drive

Web Content Log

  • Record content of web page (support IE, Firefox)
  • Support HTTPS/HTTP

Webmail Log

  • Retrieve webmail text content of Hotmail, Yahoo! Mail, and Gmail

E-mail Control

  • Allow specified SMTP mail server
  • Record and backup e-mail content
  • Support Notes (Windows 32 bit) and Outlook

Outlook
Attachment Encryption

  • Auto encrypt the attachments while sending e-mail
  • Send the decryption password with supervisor approval
  • Prohibit email sending with specified domain name or keywords, and record blocked activity

Secure Virtual
Tunnel

  • Only allow client with X-FORT agent to access protected servers
  • Only dedicated users, devices, or software can connect to protected servers
  • The communication uses TLS encryption to prevent MITM

I

T

A

M

Software Security

Basic

Software Security

Software Execution Control

  • Record prohibited and unmanaged software operation
  • Allow to execute specified software during specific period
  • Allow software execution with supervisor approval

Folder Access Control

  • Isolate files in safe zone to prevent malicious access, e.g., ransomware
  • Only specified software allow access safe zone

Adv. Software Security

Advanced Software
Control

  • Disable the function of specified software: open file, save as, printing, keyboard, copy, paste, and drag & drop
  • Gradient style screen watermark: Avoid color absorption by background

IT Assets Mgmt

Software Assets

  • Software asset management
  • Hotfix management
  • Enforce remotely uninstall software
  • Registry management
  • Software license management and allocation
  • Software suite and alias management

Hardware Assets

  • Hardware asset management
  • Hard drive utilization information & alert
  • Procurement management of computer hardware and generic equipment
  • Lifecycle management of assets

Remote

Mgmt

Remote Function

  • Remote wake-up, logout, reboot and shutdown the client
  • File deployment: Support for immediate or scheduled delivery, file transfer, transmission bandwidth management, and seeding delivery
  • Message broadcast
  • Remote view and control computer
  • Online help desk and service satisfaction survey
  • Remote scan and find the files with specific keywords
  • X-Monitor
    • Support multi gridview on one screen
    • Supervisor can Live monitor the computer screen

Screen Capture

  • Capture screenshots at predefined time intervals
  • Capture screenshots while execute specific software
  • Adjustable image quality and interval time
  • Screen capture with specific operation, e.g., switch windows, copy to clipboard, Microsoft Office operation

D

R

M

Document Management

Secure Virtual Storage

  • Enforce saving files to SVS drive while using the specified applications (e.g., Word, AutoCAD)
  • Encrypt SVS based on the policy assigned by document administrator
  • Secure backup folder from unauthorized access
  • Support source code protection with IDE (integrated development environment)

Document Encryption Center

  • Document Encryption Center can automatically encrypt the document by different policy
  • Different share folder has different policy

S

Y

S

T

E

M

M

G

M

T

Basic
System Mgmt

Console

  • Multi-language support: English / Japanese / Traditional Chinese / Simplified Chinese
  • Role-based management: Administrators, group managers, auditors, and others
  • Compliant with password complexity, password length requirements, and password change enforcement

Client

  • Self-protection: Prevent agent destroyed by malicious user or software
  • Support Windows safe mode and AD user profile roaming
  • Security incidents alert and notification

Server

  • Support database backup and restore
  • Optimized server and client data exchange bandwidth
  • File encryption with PKI (1024 bit) & AES (256 bit), support HSM key management
  • Single server supports more than 1,000 Clients
  • Support Microsoft Azure, private cloud, public cloud, and hybrid cloud

Advanced
System
Mgmt

Adv. Mode

  • Multi-server support active-active load balance, assign client to specified server based on network segments
  • Store backup files on relay server
  • Exchange encrypted files between trusted servers

EDR

Incident Response

  • Multi-server support active-active load balance, assign client to specified server based on network segments
  • Store backup files on relay server
  • Exchange encrypted files between trusted servers