Hello welcome to another episode of web informant. T.V. I am David Strom your host and reviewer. Today we look at the endpoint security product blink professional from EI digital security. It installs a single agent with four integrated security modules. Let us show you around and start with the vulnerability assessment scan to find out what we need to fix on our test system. We run a scan on a vanilla XP professional OS install without any service packs and you can see here we have numerous things to fix. And we scroll down. Moving on to the host intrusion preventions system module, there are two important parts here. Analyzers that look for aberrant behaviors and signatures that scans for particular patterns. The former we can examine the rules that are by default, set up initially, look at the aim and ICQ rules. Here are examples of signatures such as looking for particular pair to pair services and to enable the rule just click on the box next to it and you can double click on the rule to bring up more details.
There is also a wizard that will step you through creating new rules. Also includes in this module, a series of identity theft rules to prevent fishing attacks. These are particularly useful if you do not have browsers set up properly or using older IE versions. Next is MI virus and anti-spy ware this is not a lot to configure once you set up your overall client. You want to scan your system and view the report and here you can see it found the alexa, it classifies as malware. If we go into the blink home page then the event log, we can see also when it found and remove this from our system.
Next is the firewall module. There are two sets of rules here, system wide rules and application rules. You can block particularly annoying window security loop holes or white list or black list particular applications. Here are rules that exploit the SVC host .EXC file if you want to add a rule right click on the screen and you see the dialogue and you can bring up the wizard. There are some other modules including the ability to block removable storage devices go to home page, options, system protection, and you see that box is checked.
The firewall module is particularly and very granular you can also run it in passive mode to see what is going on with your PC and then come back to craft the particular rule that will block the behavior you are seeing. The system protection section is useful for setting up ways to block particular applications, such as the ability to block anyone from installing or running that things. I just right click on this section to add a new rule and follow the wizard. Links personal agent can only run on a stand alone desktop, but the professional version that is reviewed here can also integrate with EIs rem security management console to provide data and management. Go to system protection tests, options, and settings, then general, and you specify the central policy server in this dialogue.
The management server comes in two versions now either software or hardware appliance and soon will be offered as a web base service. The console is all sorts of powerful tricks and will just touch on them here. The initial dashboard that we are showing gives an instant status of your network. The console can automatically group PCs by particular risk factor or vulnerabilities, so you can compare, let us say branch offices or other collections to find out the source of infections on your network.
What did I like about the product? First of I like the fact that EI mimic the windows control panel interface to make it a familiar and easy to navigate, I also like that a single agent could do so many different task and you do not just spend a lot of time teaching at your habits as some personal firewalls and intrusion prevention products make you do. And unlike some anti virus products blinks protects you from zero date attacks automatically. Another thing is the ability to build particular protection rules on the desktop and test in log them first and then move these rules over to the management consol and put them in force you do a file export in the central policy server. I did not like the individual users came in few earlier reports other than the scan just completed you can view this on the management consol or track trends. I did not like that you can not add new identity theft rules on your own you have to wait for EI to code them in, these are all minor.
In summary, blink is a great way to lock down your machine without having to spend a lot of time customizing firewall rules and other security settings.
Thanks for watching web informant. T.V. this is David Strom feel free to email me at David @strom.com for your feed back.
Transcription by:
Scribe4you Transcription Services