Product showcase: USB-Lock-RP

USB ports in any organization’s network need to be controlled because connected devices such as USB drives and smartphones can be used to transfer malware to computers or extract data assets.

USB-Lock-RP is security software for enterprises designed to:

• Prevent unauthorized use of removable media
• Authorize devices (white list)
• Monitor and report device activity and security status

USB-Lock-RP allows security system administrators to manage USB access from a central administrative console. The program works on-premises and licensing cost is for perpetual licensing.

Since 2004, Advanced Systems International has been the developer, licensor and provider of support for the software.

Preventing unauthorized use of removable media

The solution blocks unauthorized devices as they are connected to computers in the network in real-time.

It prevents the incoming and outgoing of data, and blocks desktop access while the unauthorized USB connection is taking place. Lockdown windows at the client-side are full screen, they can extend to multiple monitors, and are personalized to show the licensed organization’s logo. Blocking at the client-side continues until the device is removed from the computer or the device is authorized from the control at server-side.

Clients immediately report blocked or allowed device connections to the control (server-side) were they are automatically logged and reports can be generated.

Authorizing devices (whitelisting)

USB-Lock-RP allows the whitelisting of specific devices by using its unique hardware identifier. Users can also whitelist the device product ID when broader model authorization is required.

The program offers many ways to authorize devices locally: By drag & drop, specific device insertion, entering the device ID manually and even provides an automatic authorization mode. This greatly simplifies administration.

Authorized device IDs can be elevated to be approved to be used in specific groups of computers with ease. One administrative console can be used to manage security in up to 5K computers.

USB monitoring

Monitoring can be turned ON or OFF to specific computers or groups of computers.

When USB monitoring is ON, records of data/files transferred from computers to authorized USB portable storage (thumb/flash/pen drives) are secured and sent to the control.

The administrative console can be set to send these records to a SMTP (TLS/SSL) email account, converted to common events format for relay to a SIEM app, or be securely stored to generate reports when required.

Requirements

• Network TCP/IP (LAN, WLAN or WAN)
• Windows Operating Systems from NT 10 to NT 5.1 (Physical or Virtual Machine)
• Other Dependencies: None

Characteristics

• Doesn’t require internet access, also works on air-gapped networks and remote locations
• Protects even if the client endpoint is disconnected from the network
• Protects at the system level, even if client users are running under an administrative account
• Starts protecting even if no user is logged into the system
• Designed to control USB port access without interfering with non-storage USB peripherals (mouse, keyboards, webcams, printers), but capable of detecting and protect against keystroke injection and malicious payload attacks by devices such as BadUSBs (USB Rubber Ducky) that impersonate HID keyboards or mouses

Strong security

USB-Lock-RP records are stored using an AES 256 variable key, variable initiation vector, Cipher-Block-Chain Mode encrypted and HEX masked.

Easy deployment

USB Lock client can be mass deployed as Group Policy Object in Active Directory environments, the USB Lock client is presented as a standalone Windows Installer MSI that is configurable using the command line, ensuring effective initial client deployment and updates. After initial deployment, updates can be done from the control without requiring client redeployment.

For more information or download a demo you may visit the USB-Lock-RP website.