Review: Safend Protector 3.2 guards network endpoints at reasonable cost

At my local library, they have poured glue in the USB ports of their computers to keep people from inserting USB key drives and infecting them. But such extreme measures aren't necessary, thanks to software from Safend Technologies.

The technology has three components that work together to protect your networked PCs. The first is the Safend Protector agent that runs on each PC. It enforces the policies that are created on the Safend Management Console, which runs on a Windows 2003 Server with Microsoft's .Net framework v1.1 installed. A third piece, called the Safend Auditor, can be used to examine computers prior to putting the agent software on them and will produce extensive reports on what devices have ever been used on a particular PC. This is a great way to identify a user's digital tracks and also to identify how vulnerable your endpoints are. This piece is available at an additional charge. (A sample report is shown below.)

A typical Safend Auditor report (Click image to see larger view.)

I tested Safend on a small network with Windows Vista, XP, 2000 Professional and 2003 Server PCs. Safend recommends its management console for Windows 2003 Server, although it can also run on XP machines for testing purposes. Also, the agents need to have the right Windows service packs and patches installed. The Vista support, which has been added in Safend Protector Version 3.2, worked just fine.

One issue with the desktop agent is it uses the Windows Management Interface (WMI) to communicate back to the server console. This may need a port to be opened if it's blocked by a personal firewall.

I tested it with both the Kaspersky and AVG Internet Security Suites, and both detected the Safend agent and asked if I wanted to open up communications. One oddity was that the Safend software wouldn't work on Windows 2000 with AVG installed but not loaded -- I either had to load AVG (and allow WMI connections), or uninstall it to continue. Otherwise, the program worked as advertised and was fairly easy to set up once I got past the WMI issues.

Caveats

The best applications for this software are with networks that have solid Microsoft Active Directory or Novell eDirectory (new for Version 3.2) implementations and that are used to pushing software to their highly managed clients. If you don't have access to the desktop to install the agent, you will find this a frustrating solution.

The software relies on Active Directory Group Policies to distribute policies to endpoints, as well as the ability to associate its security policies with particular Active Directory objects. This makes for a great deal of flexibility in how policies are set up and pushed to particular groups or network clients.