Sophos SafeGuard Enterprise - Management Center
Central management of data security policies and protection

Overview:

Set up and manage your Sophos SafeGuard Enterprise security policies and data protection so they're always up to date. With our Management Center, you get central administration. You'll comply with information protection regulations, prevent data breaches and save time.

• Lets you manage mobile data encryption and data loss prevention (DLP) policies from a single console
• Encrypts and manages desktops, laptops and removable media
• Makes regulatory compliance simpler, with consistent policy enforcement in mixed IT environments ÌÌ Offers the ability to set up flexible data security policies for small groups, organizational units and devices; plus, our Active Directory integration makes policy setup easy, along with finding users and devices
• Keeps your security high — and your help desk costs low — with self-help options for users to recover forgotten passwords
• Provides detailed audit logs and reports so you can document compliance with internal policies and external regulations
• Distributes your security policies across platforms automatically

Features

Stay protected and save time

With our centralized control, it's much simpler to manage your security policies and data protection across your entire organization. You can manage full-disk encryption, removable-media encryption and DLP from one console

• We provide a central management console so you can manage encryption across all your computers and platforms from one place.
• We offer a fast initial encryption option that encrypts only the parts of your hard drive in use. This significantly reduces the time needed to encrypt and lets your users get to work faster.
• We use the multicore processors in your computers to encrypt and decrypt your data quickly. And, our encryption speeds are now up to 30% faster.
• We simplify installation for you with a server installation wizard for SafeGuard and Microsoft server components.

Maintain control with role-based administration

We provide role-based administration, so your organization can keep the proper checks and balances in place:

• Provides predefined and custom security officer roles
• Requires dual-officer authorization for critical actions
• Supports optional two-factor authentication using tokens, biometrics or smartcards
• Allows selection of security officers from Microsoft Active Directory
• Lets you group security officers hierarchically, which allows groupbased policy inheritance and assignments
• Allows you to delegate administrative rights
• Lets you use a single console to manage multiple, separate SafeGuard sessions and installations

Let users collaborate securely with key management

Our key management makes it easy for your users to securely share data across PCs, removable media and email attachments:

• Centralizes key management from a single console
• Securely stores, exchanges and recovers keys in mixed device and operating system environments
• Provides automatic key assignments for work groups, so members can share and access encrypted files

Reduce help desk calls with password recovery

Use our password recovery and help desk options to save time and keep your users productive:

• Includes a local self-help option, so users can recover forgotten passwords without contacting the help desk to do a password reset
• Provides a challenge/response recovery wizard for the administrator to do a password reset
• Includes a web-based help desk option for outsourced environments
• Offers an API for custom help desk integration

Get real-time status, logs and security reports

We also help you stay up to date on security status and document your compliance with data protection regulations. You'll stay protected and have what you need for compliance audits:

• Logs and centrally stores client activities and status, administrator actions and security events
• Allows you to define which logs you want to record, and where you want to store them
• Lets administrators filter, view, export and print log reports
• Lets you see encryption status in external consoles, such as LANDesk or network access control solutions, via our SGN State tool

Specifications:

Operating systems

• Microsoft Windows 7 (32 and 64 bit)
• Microsoft Windows Vista (32 and 64 bit; SP 1/2)
• Microsoft Windows XP (32 bit; SP 2, SP 3)
• Microsoft Windows Server 2008 and 2008 R2 (32 and 64 bit)
• Microsoft Windows Server 2003 (32 bit)

Certifications

• Uses FIPS 140-2 validated SafeGuard Cryptographic Engine
• Common Criteria EAL-3+
• Aladdin eToken enabled

Standards and protocols

• Symmetrical encryption: AES 128/256 bit
• Asymmetrical encryption: RSA
• Hash functions: SHA-256, SHA-512
• Password hashing: PKCS #5v2
• Smartcard/token: PKCS #11, PKCS #15, Microsoft CSP, PC/SC, Kerberos
• PKI: PKCS #7, PKCS #12, LDAP, X.509 certificates
• Data transfer: SOAP, XML, SSL

Languages supported

English, French, German, Japanese

Note: Not all functionality/language support is available on all platforms.

Supported databases

• Microsoft SQL Server 2005, 2008, Express
• Encrypted communication between database and management centers

Documentation:

Download the Sophos SafeGuard Management Center Data Sheet (PDF).