Welcome to CompuSec® 4.20CompuSec®
Overview Release 4.20
|
This
is an overview of the new CompuSec® 4.20 release.
New functions and major improvements have been implemented for our corporate
customers and individual users.
A Linux version is available in the FREE CompuSec®.
All product versions are designed for both corporate and individuals use.
The FREE CompuSec® version is provided free of charge for both personal and commercial use.
No registration is required.
CE-Infosys provides service and support for the FREE CompuSec® version through telephone hotline in Germany, e-mail and a Yahoo user group forum.
Maintenance contracts are available for corporate who require fast guaranteed response time.
Corporate users deploy the GlobalAdmin management station or the GlobalAdmin LITE software to administer large numbers of CompuSec®.
Corporate users may use all versions of CompuSec® in a mixed environment.
The free product is a full version without any limitations. It is NOT a demo or trial version.
Access control with user ID and password.
Password reset code for lost passwords.
Emergency rescue diskette for lost password and lost password reset code.
Security information will be generated during installation and can be stored on the media of your choice.
Hard disk encryption of all sectors (used and unused).
Hibernation mode support (suspend to disk).
The hibernation data are stored in encrypted format on the disk.
Floppy diskette encryption.
Removable Media encryption (i.e. ZIP Drives).
CD/DVD encryption.
This version of the product is sold together with a USB based smart card token or with a smart card reader and a smart card.
2-factor authentication prior to the operating system boot process.
USB bus access before the OS is loaded.
e-Identity® based on 2-factor authentication.
A wide range of password policies are provided for our corporate users.
A challenge-response procedure is used to reset forgotten passwords.
Multiple Boot Device support.
Public-Key based access control before the system boots.
Access is granted based on validity of the certificate.
Central management of user - computer relation based on PKI.
Allows any number of user groups and flexible computer pools.
Remote
control for user assignment
(Add and remove users from a remote machine).
Many-to-many relationship between users and machines.
CompuSec® manages the identity of the user for applications.
CompuSec® provides sector based hard disk encryption.
This includes encryption of the operating system.
The keys are safely stored in your e-Identity® token either as USB token or in the smart card.
The hard disk encryption supports virtual disk, a great new feature for our corporate users.
Hibernation mode support (suspend to disk) stores encrypted hibernation data on the disk.
Fast AES Algorithm with 128 or 256 bit key length.
Up to 8 hard disks can be encrypted.
The initial encryption of the hard disk can be performed in the background while the user continues his/her normal work.
CompuSec® comes with a full media, sector based encryption for removable devices like external hard disk, USB thumb drive and including floppy diskettes.
A Removable Media Encryption (RME) icon at the task bar allows users to switch between plain and encrypted operation.
Formatting of the removable device creates an encrypted device.
An encrypted device is seen with unknown partition type if the user does not own the media key.
Encryption for CD / DVD uses CDCrypt feature to support external CD burner that is connected using USB or IDE.
With central administration, an encryption policy may be define whether a user may or may not switch the mode (encrypted/plain) when using such devices. As such, an organization can easily enforce a policy to use only encrypted Diskettes, Removable Media Devices and CD-RW / CD-R / DVD to minimise the threat of data theft. Such encryption is unobtrusive and does not change the way the user works with these devices.
This great product is now a part of CompuSec® for our corporate users. SafeLan keys are managed using a GlobalAdmin station. Private end users can try SafeLan without buying an Admin station.
Allows encrypted folders on the NTFS file server or on your local NTFS partitions.
SafeLan keeps file contents private wherever your files are, on the local drive, on the file server or on the backup made from the file server.
Your
SafeLan keys are safely stored on your e-Identity®. Up to 8
sample keys are provided with every
e-Identity for the standalone version.
[ClosedTalk] is a component of the FREE CompuSec® security suite used for encrypted voice communication between 2 CompuSec users.
DataCrypt is included in CompuSec® that enables users to encrypt individual files.
IPCrypt Client is built into CompuSec®.
VPN client supports Corporate users traveling worldwide using any kind of connection.
Secure VPN client services are available at http://www.guardmydata.com/.
VPN security supports wireless LAN applications.
Automatic logon to Windows 2000 and Windows XP.
Credentials stored inside the e-Identity®.
CompuSec® uses e-Identity® as certificate store for X509.V3 certificates.
e-Identity® stores Logon certificates for Microsoft Domain Server Logon.
e-Identity® stores certificates for E-Mail encryption and E-Mail signature.
e-Identity® stores network certificates.
e-Identity® can be used in four different modes:
| |
User Mode |
An e-Identity® managed by the GlobalAdmin using the PKI for a user. |
| |
Expert Mode |
An e-Identity® managed by the GlobalAdmin using the PKI for a user that is installing the system on a one-time basis. |
| |
Installer Mode |
An e-Identity® managed by the GlobalAdmin using the PKI for an installer used to install multiple systems. |
| |
Direct Access Mode |
An e-Identity® managed by the GlobalAdmin for direct access from one user to one computer. |
An unattended automatic installation mode is available for large organizations. Please contact your dealer or CE-Infosys.
The philosophy of CE-Infosys is to provide the customers with the best possible solution that is made as easy as possible. Guided by this philosophy, we provide a vast number of functions in our Free CompuSec® Security Suite so that users can choose their preferred functionality during installation. The minimum requirement is to install the central management station and custom-specific enhancements.
GlobalAdmin is the solution for central management of large numbers of CompuSec® installations.
Any number of users per computer can be assigned. At the same time, each user can be assigned to any number of computers.
The assignment of users to computers is performed at the GlobalAdmin station without physical access to the users smart card or the computer.
GlobalAdmin is a complete Certification Authority and may be used to implement a complete Public Key Infrastructure.
GlobalAdmin LITE manages CompuSec® for organizations using up to 200 licenses.
Software version without the Hardware Security Module.
Supports all CompuSec® Products.
CompuSec® customers may use the CE-Infosys PKI, which is part of the GlobalAdmin products and supports e-Identity®. The use of e-Identity® is not limited to CompuSec® security functions. Other user applications can easily be secured using e-Identity®.
Further enhancements of the product will be announced at http://www.ce-infosys.com
CompuSec® comes with its own boot sector virus protection. Before installing CompuSec®, any existing boot sector virus protection must be deactivated. CompuSec® will save the existing boot sector and replace it with the CompuSec® boot sector. After installation, CompuSec® protects the boot sector with its integrated protection mechanisms. A normal BIOS based boot sector protection may be activated again.
A single user installation creates a file with all the keys required for a later security activity. This file is named SecurityInfo.dat. It is recommended to copy this file onto a reliable external media and store it at a safe place.
The security file, SecurityInfo.dat, is required to uninstall the product, or when the password and the password-reset code are forgotten.
The security file, SecurityInfo.dat, is unique to a computer. It can only be used for the machine where it was initially created.
The
initial password after the installation of CompuSec® is “start123”.
The user ID must be 1 to 16 characters long. Characters can be alphanumeric.
The password must be 6 to 16 characters long. Characters can be alphanumeric.
The first time Windows is started, a MANUAL logon is required. CompuSec®
learns the password for future automatic logon.
A CompuSec® managed by a GlobalAdmin station does not generate such a file. All the required data are stored in the GlobalAdmin database.
More information on CE-Infosys at www.ce-infosys.com