DriveLock gives you control what can be copied to or from removable media.

DriveLock filters your in/outbound ports on to be copied confidential information. DriveLock can allow or block the copying of files according to your rules. File types are identified based on content, not just by file extension. You can choose from the many file types that DriveLock can identify, or you can create additional file definitions and even extend the rule processing by creating your own custom DLLs.

DriveLock controls the use of all devices. It gives you intelligent control of mobile devices, including digital cameras, MP3 players, cell phones, BlackBerry devices and many others. And that means that you can decide who can use which devices in your network. You can define general rules that apply to all devices of the same type and create detailed whitelist and blacklist rules for specific devices or models. DriveLock Standard enforces these rules throughout your network to help you prevent network instability and the loss of important data.

• Dynamically locks removable devices (USB memory sticks, floppy disks, CD-ROM, etc.)

• Locks most types of devices (Bluetooth, Palm, Windows Mobile, Smartphones, card readers, imaging devices, network adapters, modems, sound, video and game controllers, cameras, printers and more)

• Locks most types of ports, including USB controllers, 1394/Firewire controllers, PCMCIA controllers, infrared controllers, serial (COM) and parallel (LPT) ports

• Configurable whitelists to allow access to devices (device type or device model)

• Specific storage devices can be controlled based on their serial numbers

• Separate access lists can be defined for every single device or group of devices

• Access can be granted to any user or group

• Fully integrated with Active Directory and Group Policy

• Also supports most other network operating systems, including Novell NetWare and Linux

• Policy enforcement dynamically adjusts permissions when another user logs on

• Assign drive letters to removable drives to avoid conflicts with network drives

• File filter to allow or deny coping of specific file types

• Auditing of files that are read from or written to removable drives

• Shadowing of files keeps a full record of the content of files that are copied to or from removable drives

• Separate configuration of Read and Write access for removable drives

• Drive access rules can be based on drive size or encryption status

If you do not control your computer ports, you give the possibility of unauthorized peripheral devices being connected to your computer ports with all associated risks. As well as data transfer from the network to a peripheral device with risk of information theft or leakage, as well as in opposite direction with virus contamination or unwanted private photos in your network. DriveLock Standard gives you complete control over who is authorized to connect which device to your available USB or wireless computer ports.

• Blocks most port types (USB controllers, PCMCIA controllers controllers 1394/Firewire infrared controllers, serial (COM) and parallel (LPT) ports)

• Configurable whitelists to authorize access to peripherals (type or model)

• Separate access lists can be defined for each peripheral device or a group of peripherals

• Access can be given to users and user groups

• Full integration with Active Directory and Group Policy

• Supports other network operating systems (Novell NetWare, Linux)

• Dynamic policy is enforced when another user logs into the network
  

DriveLock logs operations with peripheral devices, for example data transfer, read and write operations to and from removable storage media. Reports can be generated from log events.

• Event suppression for double events.

• Cached events are stored in a file.

• Advanced features including log configuration changes (including change details), use of management console, a temporary release of DriveLock agent, agent using remote control, encryption events, or launch an application blocking, network configuration changes.

• Additional analysis capabilities of these events are possible by using the Security Reporting Center.
  

DriveLock Full Disk Encryption eliminates the risk of data loss by theft of laptops on which data is not encrypted. DriveLock Full Disk Encryption protects transparently all data on your hard drives without requiring users to change the way they work.
The Rapid Recovery mechanism enables fast and targeted recovery of critical data from a damaged disk. This ensures business continuity by allowing users to continue working on current projects with a minimum of downtime.
DriveLock Full Disk Encryption Edition secures all partitions using FIPS 140-2 certified encryption, including the system partition. Access is controlled using Pre-Boot Authentication. Encryption happens entirely in the background and doesn’t disrupt the use of the computer. Single sign-on lets users log on using their regular Windows credentials and without multiple authentication prompts. Emergency logon and recovery tools ensure that you’re in control, even when the unforeseen happens. Administration is intuitive and simple. All settings are configured using central policies that are controlled by the DriveLock management console. Encryption is monitored by DriveLock Security Reporting Center.
DriveLock has an easy Rapid Recovery mechanism in case of damaged disk or forgotten password.
DriveLock Full Disk encryption has AD/ADAM direct management. AD can be used for management of Windows users. Fully integrated with Windows User Management. Synchronisation with external database is not required. Fast and easy deployment.

• Encrypt entire hard drives, including system partition

• FIPS140-2 encryption

• Pre-boot authentication with single sign-on

• Mature tools to decrypt damaged drives

• One-time logon options for users who forgot a password

• Support for token and smartcard logon

• Central administration and monitoring of encryption status

• DriveLock Full Disk Encryption uses DriveLock Management Console
  

With DriveLock Application Control you can control who can run which application. You can also make programs available only when a computer is connected to a specific network. The high flexibility and ease of configuration of the DriveLock Application Control combine to make it an invaluable tool for making your network more secure. Flexible whitelist and blacklist rules allow for unparalleled granular control. It enforces comprehensive policies for application usage.
With DriveLock Application Control you can also block the execution of applications running on a computer or in a Terminal Services session.
DriveLock Application Control protects your network against zero-day exploits and Trojan Horse programs by allowing only authorized programs to be used. With the auditing mode you can monitor application use and get a complete picture of who is running which programs in your network.

DriveLock Application Control has a continually updated online database of millions of applications which makes configuration of the DriveLock Application Control extremely easy. The same ease of use applies to updating the DriveLock Application Control in your internal network. The Application Scan feature makes an administrator’s job even easier. You can scan a computer that is configured according to company standards and then apply the same configuration to all other computers in the network.

More features:

• Comprehensive control over who can start which programs

• Flexible combination of whitelists and blacklists

• Auditing of all application usage 

• Easy administration of allowed applications using application hash databases

• Online hash database with millions of application hash values
  

Accidental disclosure of sensitive data due to lost or stolen storage devices can be very costly. DriveLock 2GO Edition can give you peace of mind by automatically and transparently encrypting data that’s copied to removable drives. It encrypts data on any mobile device, like USB-stick, CD, DVD, smart phones, PDA.
There are times when employees have a legitimate need to copy data to mobile devices. However, laptop computers, flash drives, CDs, DVDs, smart phones and PDAs are frequently lost. With the comprehensive encryption features of DriveLock 2GO Edition you can be confident that such a loss won’t result in the disclosure of confidential data. From encryption to burning encrypted CDs. DriveLock has the tool to keep your data confidential, no matter what device they're stored on.
If you need to work on your data at home or share files with someone else, the Mobile Encryption Application lets you access your encrypted information even on computers where DriveLock is not installed, and without the need for local administrative rights.
Password recovery for encrypted removable media and container files is easy and flexible. If a user forgets a password, a challenge-response mechanism lets the helpdesk create a pass code that restores access to the user. This works whether user is online or offline and doesn’t require transmitting any administrative credentials.

• Encrypt data with state-of-the-art encryption (up to 256-bit encryption strength)

• Choice of industry-standard encryption algorithms (AES, 3DES, Blowfish, etc.)

• Encrypt data on mobile devices or hard disks

• Automatic and transparent encryption of data copied to mobile devices

• Wizard for burning encrypted CDs and DVDs

• Ability to decrypt data on computers without requiring installation of DriveLock

• Safe recovery of containers with lost password (online and offline)

When you need to ensure that only encrypted data is stored on these devices, DriveLock 2GO Edition can enforce encryption and monitor data transfers for compliance reporting. 

DriveLock 2GO Edition offers a very affordable option for all used drives (disks) to delete these completely and securely before they are sold or traded. Removes all trace of confidential data on all drives.

Unencrypted confidential data should for safety reasons not to be removed by "standard" features, but special secure deletion software like this. Supports secure deletion algorithms of BSI, U.S. Department of Defense and others. Suitable for hard disks and removable disks of client computers.

DriveLock immediately recognizes when the computer is connected to a different network and applies the settings you configured for this network.

With DriveLock each drive, device or application whitelist rule can be set to apply to one or more network profiles, which correspond to specific networks. You can use network profiles to prevent connections to unapproved networks. You can also ensure whether devices or applications can be used while a computer is connected to your corporate network or while outside the office. To prevent network intrusions you can automatically disable wireless connections while a computer is connected to your company LAN.

DriveLock is able to create a shadow copy of files that are copied to and from removable storage media including memory sticks.

With DriveLock it is possible to use a limitation of the first x KB file. Exclusion is possible for a list of file extensions.