FileSure Defend is:

  • Highly flexible and customizable. It requires a (local) centralized computer, ideally a server. Rules, alerts, reports, publishing, etc. are all configured here.
  • Centrally managed. Workstations are managed from the central computer.
  • Best suited for companies running Active Directory ™ and having staff with IT knowledge.
  • Licensed perpetually or by subscription.
    • Perpetual license priced at $2,600 per server and $135 per workstation.
    • There is a 20 percent maintenance charge required during the first year for support, fixes, and new versions.
    • Maintenance is optional after the first year.
    • Subscription licensing is priced monthly at $112 per server and $6 per workstation.

FileSure Defend vs. FileSure Cloud

Summary:

FileSure Defend and FileSure Cloud run the same engine and both enforce their rules the same way. But FileSure Defend uses a local server and local console. It is robust, flexible, and customizable. We recommend a tech savvy staff to manage it. Conversely, FileSure Cloud is configured to fit the general needs of most small businesses. It utilizes a cloud server and a web based console. It can be easily deploy and used by non-technical staff.

Methodology:

FileSure is a rules-based system. You can create very broad rules that cover a general range of conditions. You can also create narrow rules that target very specific conditions. And the rules can utilize "includes" and "excludes" allowing for broad coverage with very specific exceptions. The rules are based on criteria such as file operation (read, write, create, delete, rename, as well as security settings); file location (network drive, local drive, USB, CD/DVD, and driveless(VSS)); file type, file name, folder name, user name, group name, program name, machine name, time of day, day of week, and file signature.

Additionally, FileSure Defend includes a comprehensive user interface for defining your auditing and protection policies. Those policies are automatically pushed out to your protected servers and workstations from a single master location. When necessary, you can even create local policies that take precedence over the master policy. The audit data is always encrypted and compressed. You have the option to maintain audit data locally on each protected machine, or it can be collected in a single central location. And audit data can also be written to the security event log or forwarded via syslog.

FileSure Protects data by allowing you to:

  • Control access to files and folders without ever touching an Access Control List (ACL).
  • Manage file access not just by user, but also by function. For example, FileSure makes it easy to allow only people in the Finance group to access financial data.
  • Prevent files from being copied or moved to: USB drives, external drives, webmail attachments, CD/DVDs, secure FTP, "save as" and more-on both servers and workstations.
  • Detect and investigate bulk file moves. This is especially important when the destination is removable media such as USB or CD/DVD drives.
  • Prevent bulk reads or writes when the threshold you set is exceeded. And of course alerts can be issued concurrently.
  • Detect and investigate web-mail attachments or USB device usage.
  • Control the use of administrative shares. This allows administrators access to do what they need, and denies access to what they do not need.
  • Stop accidental (or intentional) block deletes beyond a specific threshold.
  • Block cut/paste of sensitive information. FileSure can automatically clear the clipboard when users change from one application to another. This prevents users from pasting information from a PDF document into a browser based email.

Audit File Access & User Activity

  • No need to deal with native-Windows tools. FileSure "sees" all file access activity, but only records what you have deemed important.
  • Includes reads, writes, creates, deletes, renames, security setting changes and denies on Windows file servers, NAS, and Windows workstations.
  • Choose from criteria such as user name, domain group membership, time of day, program accessing the file, usage behavior, thresholds, and much, much more.
  • Track file/folder access by name/location or by type of file. You have the flexibility to track everything or very specific things.
  • Watch the watchers - Track privileged user access activity and block privileged users as desired.
  • Track what files and folders get (accidentally) deleted or renamed. When users call asking where their files/data went you can easily determine what happened.
  • FileSure uses advanced processing prioritization. It is optimized for real-time processing and uses such a tiny fraction of CPU that users won't even know it is there. Non-real time item processing is delayed until system capacity permits it.
  • Avoids "audit storms" by collapsing duplicate events and filtering out noise.
  • Tracks user session state changes, remote controls, and logon/logoff activity.

Improve Security "Defense in Depth"

  • Protect from malware zero-day attacks that are able to exploit signature based systems via an approved application list (white-list); If not on the list, it can't be read from the drive in the first place so there is no way it can run.
  • Block web-site changes. Lock down your web site content and source code. This prevents hackers from defacing your site or landing malicious payloads. You can even limit your developers to rolling out new functionality only during specified time frames.
  • Ensure file integrity. Monitor all file changes. Protect your known executables and configurations from being maliciously changed or replaced.
  • Prevent “swithchblade” attacks simply by blocking "read" access of any executable files on USB drives.

Comply with regulations and security policies

  • Meet requirements for HIPAA, NERC-CIP, PCI DSS, FISMA, FERPA, 21-CFR-11, SOX, and more.
  • FileSure makes it easy to ensure file integrity as required by many regulations.
  • Know what privileged users are accessing and doing with your data.
  • Know when configurations change.
  • Know when applications are installed or changed.
  • Protect from malware and wrong-doers. Prevent accidental violations.
  • See what data users are accessing (hospital and patient records; financial, HR, and customer data; proprietary designs; intellectual property; government and military data) and know what they are doing with it.
  • Easily satisfy on-demand auditor requests. Extensive report templates provide out of the box ability to create custom reports. Extend analysis by exporting report data to Excel, Access, or others applications for searching and filtering.
  • Meet file integrity monitoring requirements.
  • FileSure integrity - Comprehensive self-logging of any FileSure rule changes in the Event Log, Syslog and Data store
  • FileSure integrity –
    • On the protected machines, FileSure can be invisible and it can be locked so it cannot be shut down.
    • FileSure availability is assured via a logged heartbeat.
    • Access to FileSure can be tightly controlled by allowing specific administrators to read "Filesure.exe."
    • Comprehensive console security limits access to FileSure configuration and settings.
  • FileSure logs are file-based allowing you to meet log archiving requirements via existing backups. Ability to search through archived log data simply by placing the log files back in the FileSure directory.

Comprehensive views, reporting, alerting, data export, and user-specific interfaces

  • Leverage over 50 report templates as-is. Build customized reports and queries in minutes.
  • Schedule reports and have them emailed and/or saved in a folder in the format you desire (PDF,XLS,CSV, XML, HTML).
  • Leverage multiple filtering criteria to view and isolate precisely what you need.
  • Receive alerts by email when certain events or accesses occur or when thresholds are crossed.
  • Export audited data to Microsoft Access and leverage our web console to allow non-privileged users, such as auditors and management, to run their own queries to get what they need.
  • IT privileged user thick client - Powerful interface for comprehensive policy/rules management, configuration, viewing, reporting, alerting, etc.
  • Non-privileged user lightweight interface - Web client for non-privileged users to view and query published data without allowing them access to FileSure.
  • Uncover trends. See usage trends by user and then filter by time, file type, the program accessing the files, and much, much more. The result? You may discover unusual activity you wouldn't have otherwise seen.

Secure DataStore. No database engine required.

  • No database to buy or maintain and no need for a database administrator. Just install and go.
  • Ensure data integrity - We use SQL-Lite which is a file-based data store so it is safe, simple to back up, and allows audit information to be pulled much faster than database retrieval.
  • All data “at rest” is encrypted and compressed.

Ensure consistency across organization

  • Intelligent and distributed rules management. You can define parent and children nodes and have the children obtain their rules from a specific parent. This makes it easy to have different rule sets for each department or division of the company. You also can create local "child" rules in addition to the rules being managed at the parent.

Windows event log support

  • FileSure can watch and collect specific event IDs from the Windows event log and write them to the FileSure DataStore. You can also leverage the FileSure viewing, trend analysis, reporting, and alerting on these events just as you would for any FileSure logged activity.
  • FileSure will always write to its own DataStore , but it can also optionally write to the Windows security event log and/or syslog. Writing to these other logs allows a Security Incident and Event Management solution (SIEM) to automatically collect what FileSure logs.
Category Minimum Requirement
Memory 512 MB
Hard Disk 1 GB
Operating System One of the following operating systems and service packs (32 and 64 bit):
  • Windows Server 2003 and later
  • Windows 7 and later
Supporting Software Microsoft .NET Framework 2.0 or later