NetOp Process Control - Features

See the full list of features for NetOp Process Control software. Improve internet security using NetOp Process Control security management software.

NetOp Process Control

NDISMiniportDriver and TDI Driver based process control and firewall: All filter algorithms are implemented at the driver level (as an NDIS Driver). The process control and firewall are therefore always on, providing maximum protection to the user even if the process control application itself is not running. This ensures that all network traffic is blocked, thus eliminating any risk of a security vacuum during system start-up.

Process Control: Using Process Control, you manage the processes running on your system by defining rules that apply for any application. This gives you the ability to deny the application to run at all, to allow communication, to only allow communication of a trusted network or to prevent any communication.

Profile system with automatic Network detection rules:This automatically switches the way your Process Control is configured when you are working on a different network - even if two or more networks are using the same IP address range. Profiles can be configures for 1 or a range of IP-addresses, for 1 or a range of MAC-addresses, and for 1 or more Domains etc.

Secure Component Checking and protection against Process Hijacking: By verifying the calculated checksum, the process control checks the integrity of the application that is trying to communicate. If this has been modified, you are told. By tracing an application's parent process, the computer process control knows if another application is trying to spawn an already trusted application and thus denies access to the network, even for the trusted application.

Deny unknown processes from executing: NetOp Process Control software protects the system against unknown threats by configuring the firewall to prevent unknown processes from executing and communicating.

Bidirectional blocking of ports and protocols: Only opens the required ports and protocols in either the inbound or outbound direction, or both, to tighten process control and firewall security.

Bidirectional control of trusted networks: Ensures that applications only communicate on trusted networks and not to the outside world.

Bidirectional control of banned networks: Prevents communication with specific networks.

Stealth ports: Hides the computer's presence to prevent attacks and port-scans, enhancing computer process control and firewall security. Anyone using tools like Nmap to fingerprint a system to exploit known vulnerabilities to specific operating systems, will not reveal the computer.

Advanced event logging and real time packet view: Live statistics with Traffic Matrix give you a complete graphic overview of the activity on your network in real-time. Resizable console traffic gives a full-screen view of traffic to enhance your ability to make better real-time security policy adjustments. The Traffic Matrix provides easy access to more details for the connections - either a connection between 2 IP nodes or the IP node itself.

Easy management of Trusted/Banned Nets from the Traffic Matrix: If some computers seen in the Traffic Matrix are judged as being important or not approved to the work situation NetOp Process Control provides easy management from the Traffic Matrix to include the computers in either Banned Nets or Trusted Nets.

Encrypted communication: Encrypted communication to the NetOp Policy Server and local system databases provide security against malicious code trying to attack the Process Control software configuration.

Maintenance password: Password protection enables the user or administrator to lock components of the Process Control software to prevent unwanted configuration of the product. If desired, when used with the NetOp Policy Server, the user cannot manually disconnect from the server without the correct password.

Wireless compatibility: Full support for the latest communication technologies.

Low system overhead: Ensures that the computer can be protected without the user experiencing performance degradation.

MSI Installation: Installation of the NetOp Process Control is accomplished with the Microsoft Windows Installer and can run either interactively or in silent mode for mass deployment. Engagement of the Process Control software can be postponed until the next planned reboot to ensure all users an uninterrupted working day.

Ports security: As an added security measure against port scanning, the NetOp Process Control closes off ports until connection to the specific port is requested.

Latest used processes: The NetOp Process Control brings you an easy overview of the last 10 active processes and brings information about the process file and the rule related to it.

NetOp Policy Server

NetOp Policy Server Console: The main user interface allows the administrator to perform security management and maintenance from a Master Server to control security policy assignments to individual NetOp Process Controls. The console can be launched from any supported platform.

Master Server: This module maintains the master configuration and interacts with individual NetOp Process Controls through one or more Replica Servers. The initial installation places both a Master and Replica on the same computer.

Replica Servers: These are arranged in a cluster to allow for redundancy, load distribution, and to interact with NetOp Process Controls and record these interactions. Replica Servers regularly interact with their Master Server to receive security policy updates and return their NetOp Process Control interaction recordings for storage on the Master Server. Each Replica Server can service several thousand Process Controls.

Manage Servers: Approve, delete, or move Replica Servers and monitor their status in real-time.

Manage Administrators: Every Master Server has one administrator. The NetOp Process Control software lets you define and manage multiple assistant administrators, allowing you to distribute the workload to local administrators.

Security Policy Management: The NetOp Policy Server Console controls the configuration of Programs, Ports, Protocols, Trusted Nets and Banned Nets. The console also controls the Profiles and Profile Rules for each Security Policy. New programs that users have tried to launch can be approved or denied for a certain Security Policy. This can be effective at the NetOp Process Controls within seconds. The security profile system allows amongst other settings a range of IP-addresses, a range of MAC-addresses and multiple Domains.

Synchronisation between NPC and NPS: NetOp Policy Server (NPS) Console will show a total list of processes from all the connected NetOp Process Control (NPC) clients. Creating a NPS whitelist of processes will contain all relevant processes no matter if they are present on all NPC clients or not. When NPC synchronises with NPS the NPC client will get the total NPS whitelist, so if new programs are installed later NPC client is then already aware of what is allowed and what is not.

Centralized administration: Define the security policies and assign these to Microsoft Active Directory security groups or by using Organisational Unit for easy security management. The NetOp Policy Server can also maintain separate groups for computers that are not members of a Microsoft Active Directory.

Easy overview of all connected users: Whether a NetOp Process Control is connected by Active Directory, Policy Account or as Anonymous all are listed in the Global Online list. Use this list for getting a complete and quick overview of all connected users and how they are connected.

Stop all Internet access: In a virus outbreak or other harmful situation, the NetOp Policy Server administrator can block all network access for the entire company or for an individual security group until the situation has been resolved.

Advanced statistics and logging: The NetOp Policy Server records requests for confirmed programs and unconfirmed programs, logons, and synchronizations. These data can be displayed graphically to monitor server load and performance or as list views.

Client stealth mode controlled by central management: The NPC tray icon can be controlled from the NPS Script. From here the NPC client tray icon can be set in stealth mode, so the user is not aware that NPC is running on their PC.