Protects Sensitive Workstation Resources

eTrust Content Inspection - Desktop edition protects the sensitive resources on your workstation from untrusted applications and mobile code. It protects the workstation' s sensitive resources against any and all Active Content, including Java, ActiveX, JavaScript, VBScript and so forth. It offers security from objects arriving encrypted by the SSL protocol, and provision is made for the isolated execution of E-mail attachments.

eTrust Content Inspection Desktop Edition is the workstation security solution, which complements the Gateway solution. While the eTrust Content Inspection Gateway inspects all applets arriving at the organizational gateway for potentially harmful code, the Desktop Edition observes the behavior of applications and data at the workstation level and prevents activities that create security breaches.

For the individual or small business, eTrust Content Inspection - Desktop edition offers a comprehensive stand-alone security solution. For enterprises, eTrust Content Inspection - Desktop edition complements the eTrust Content Inspection gateway solution, together forming a Secure Executables Platform which can protect your organization from potentially harmful Active Content at every level.

Architecture

As illustrated below, when eTrust Content Inspection Desktop Edition is installed on a workstation, all applications and resources on the workstation are analyzed. Applications are assigned a security status which determines their access rights. Data items are assigned a protection status, which determines whether they are considered sensitive data that requires special protection. 

Components

eTrust Content Inspection Desktop Edition consists of a Personal Security Zone and 6 main components, most of which are directories or virtual areas protecting system resources with common security and protection requirements.

The Personal Security Zone (PSZ) The Personal Security Zone is a virtual area created by eTrust Content Inspection Desktop Edition on a workstation. Sensitive data and critical resources, including files, directories, logical drives, and applications may be assigned to this zone for selective access. Protected Folders and Files When workstation resources are analyzed, resources that contain sensitive data are assigned to the Protected Folders and Files directory. Trusted Application Directory eTrust Content Inspection assigns all trusted applications to this directory and these applications are the only applications allowed access to the PSZ, the Protected Folders and Files and to access Protected Network sites. Isolated Applications Directory An application that is not known to the user and thus cannot be trusted, is "placed in isolation" for security purposes. Such a status is appropriate for the opening or execution of such unknown applications as an email attachment. Protected Network Directory The Protected Network Directory contains items that have been defined as Trusted Network Resources such as trusted ports through which trusted applications can access resources. Audit Records Directory All security events and any unauthorized application attempting to access the PSZ is logged, along with the action attempted, the resource requested and the time. E-mail Readers Directory Due to their inherent nature, all applications recognized as e-mail reading applications such as Outlook Express are classified in the E-mail Readers Directory.

eTrust Content Inspection Desktop Features

Access Control- of Java, ActiveX, JavaScript, VBScript and other potentially harmful code from accessing sensitive resources and data on the local workstation.  E-mail Security - options include automatic isolation of every e-mail attachment  in the browser-associated cache or temporary folder, in which it can run and execute, and the Run option, which enables all e-mail attachments to run and execute anywhere on the workstation, except in the Protected Files and Folders directory. Network Resource Security - enables the user to control all aspects of network security for both the workstation and the trusted sites to ensure comprehensive security and protection against potentially hostile incoming and outgoing files and applications.  Database Management- user can edit applications and folders in database, and can backup and restore the entire database at any time.