Integrated Security for More Complete Endpoint Control
Network security has become critical for organizations of all sizes, given their legal and ethical obligations to protect information from intentional or accidental breaches of confidentiality, availability or integrity. Given these mandates, the reality remains that threats of exposure have increased dramatically Due to technology trends such as the consumerization of technology, BYOD, and the rise of the Internet of Things (IoT). In the past, security solutions typically relied heavily on creating an environment protected along the perimeter with firewalls and other network intrusion systems. However, today’s organization must also look within to security efforts that include effective management and control of internal network endpoints, including desktops, laptops, servers and other connected devices.
Adding complexity, the distinct separation of security tasks and systems management tasks in today’s IT organization have also blurred. This is not only because of the need to integrate perimeter security with endpoint security in order to be more effective, but because the two areas have frequently become the responsibility of a single team of individuals slated with holistic IT management, of which security is but one component. “Security” has grown to include such classic systems management tasks as configuration management and patch management, making an integrated systems management and security approach ultimately not only a more encompassing solution, but an essential one; indeed, no small task.
The Dell KACE K1000 Management Appliance is an easy-to-use, cost effective appliance-based complement to traditional software security packages that helps make an integrated, collaborative approach to security and systems management a reality. The K1000 enhances endpoint security by providing a comprehensive view of all the devices accessing your network, while also identifying and remediating vulnerabilities across end nodes. By managing and enforcing compliance with company policies across desktops, laptops and servers, the K1000 also helps reduce the risk of malware, spyware and viruses compromising endpoints. In those instances when problems cannot automatically be fixed or an endpoint becomes compromised, the appliance can allow systems to be quarantined to help prevent them from infecting the rest of the network. The K1000 can also enable users to more easily plan, execute and report on the often complex task of patch management. Through these capabilities the K1000 helps improve security and reduces the chances of downtime and lost or stolen data.
- Comprehensive IT inventory through agent and agentless technology allows you to track and assess all devices connecting to your network for clear, accurate and real-time visibility into all assets.
- Patch management helps provide comprehensive and reliable patching that is easy-to-use and affordable. It maintains one of the largest patch repositories available, with patches for Windows and Mac operating systems, as well as a wide range of application patches from vendors including Microsoft, Apple, Adobe, Symantec and Mozilla. Simple administrator patch scheduling capabilities helps allows patch application with minimal user interruption.
- With the security audit and enforcement capabilities of the appliance are a number of pre-built policy settings for improving security. These include enforcing IE security and anti-virus settings, disallowing the running of specified executables and quarantine capabilities. The K1000 also includes an easy-to-use wizard-based scripting capability that allows creation of custom security policies without needing to learn a scripting language.
- The security audit and enforcement capabilities of the appliance include both OVAL-based vulnerability scanning, and SCAP scanning and reporting for FDCC compliance. SCAP and OVAL scans are integrated with the entire range of K1000 functionality including computer inventory, patching, remote administration and software distribution. The K1000 helps provide the ability to scan individual nodes, groups of nodes or even all nodes on a network.
- Software blacklisting further enhances proactive security standards by preventing the execution of undesirable programs known to contain security threats or vulnerabilities, as well as those that are deemed inappropriate by your organization.
- PC lockdown involves controlling endpoint systems to varying degrees, from removing local administrative rights to restricting internet browsing abilities. The K1000 provides an optimal PC lockdown solution by allowing IT teams to assign flexible user privileges so that security and end-user productivity can be maintained. The self-service software portal enables organizations to publish approved software titles, license keys, files and scripts that users can access to install applications or configure their systems whether or not they have local admin rights. An integrated service desk seamlessly merges with the system management console so that administrators can view employee requests regarding user privileges and address them from a single location.
- The K1000 provides comprehensive, straightforward reporting across the spectrum of its capabilities. This helps to address compliance issues and provides regular systems management insights into operational status to ensure minimum system downtime and maximum security.