BOSTON, March 19, 2007 -- FullArmor, the leader in enterprise policy management, today announced FullArmor Endpoint Policy Manager™ (FullArmor EPM), which automates the delivery, enforcement, and auditing of critical security policies on mobile, disconnected and unmanaged endpoint devices, including guest machines with temporary access to the network. As a pre-admission solution for Network Access Protection (NAP) and Network Access Control (NAC), FullArmor EPM assesses, and intelligently applies the proper security policies and settings to remote desktops, laptops, mobile devices, and point-of-sale terminals. FullArmor will demonstrate FullArmor EPM at Microsoft Management Summit Booth 501 from March 26-30 in San Diego, California.

"Securing remote, mobile, and unmanaged devices that need access to protected network resources represents a large and growing risk for today's decentralized organizations," said Chris Liebert, Senior Analyst for the Yankee Group. "IT departments need help enforcing consistent security policies on client machines regardless of whether they are connected or disconnected from the network."

Continuously Enforce Policy Everywhere

With the explosive growth of road warriors, tele-workers, temporary workers, and mobile users, it is virtually impossible for organizations to ensure that endpoint devices are secure and compliant. FullArmor EPM enforces consistent policy settings on endpoints whether they are connected or disconnected from an enterprise's Active Directory. This capability enables organizations to use their existing Group Policy infrastructure to intelligently enforce endpoint policy settings as devices drift in and out of the network. To prevent security policy "decay", FullArmor EPM automatically corrects out-of-compliance settings when they are inadvertently changed. In addition, FullArmor EPM limits quarantine and remediation events in NAP and NAC environments by keeping endpoint configurations locked-down.

Role and State Based Policy

To maintain security across a wide range of usage scenarios, FullArmor EPM intelligently applies specific policy settings to devices and users based on their role and/or state. For example:

• An authorized guest machine logging onto the network could only receive device policy settings, not user settings
• An authorized user authenticating to the network from an unmanaged device (home computer, Internet kiosk, etc.) could be subject to stricter policy settings
• An authorized user connecting to the network via a Windows Mobile device could receive user policies, but not device policy

Comprehensive Audit Trail Demonstrates Compliance

For organizations that are governed by regulatory and industry mandates such as GLBA, HIPAA, FISMA, or PCI, FullArmor EPM maintains a comprehensive audit trail of applied security settings to automate compliance reporting. Unlike native Group Policy reports which only query one machine at a time and report on expected (not actual) policy settings, FullArmor EPM provides robust reporting and audit capabilities. FullArmor EPM pulls and compares data from the following three sources to conclusively report on security policy compliance:

• Expected policy supplied by the device
• Expected policy supplied by the directory  
• Actual policy settings supplied by the device registry

To simplify compliance audits, generate reliable reports, and accelerate remediation, FullArmor EPM enables security and audit professionals to:

• Search and correlate status of policy settings across all machines
• Verify that appropriate policy settings were applied to machines, inside and outside Active Directory
• Map and pinpoint exceptions between regulatory policy requirements and in-force security settings 

"The growing number of mobile workers, tele-workers, and guest workers is creating an army of unmanaged devices with access to protected internal networks, which represents a huge security gap for organizations," said Matt Dircks, president of FullArmor. "Endpoint Policy Manager closes this gap by allowing IT departments to regain control over the security settings on these devices using their existing investments in Active Directory and Group Policy." 

Dashboard View of Policy

For at-a-glance views of policy enforcement status on specific devices, groups of devices, and enterprise-wide, FullArmor EPM provides a security dashboard with convenient drill-down capabilities.  The EPM dashboard identifies compliance problems and inconsistencies between expected policy status and actual policy settings for each endpoint/machine. To enable different types of users - security, operations, and audit professionals - to create views that match their unique requirements, the dashboard is fully customizable. For example, security and operations professionals can quickly generate remediation to-do lists, while auditors can easily pinpoint and address compliance issues.        

Software Appliance Simplifies Deployment

FullArmor EPM is delivered as a self-contained software appliance that includes all of the infrastructure necessary for deployment.  This eliminates the cost and complexity associated with the installation and configuration of underlying software components, and provides customers with flexible deployment options as business needs change.

Pricing and Availability

Endpoint Policy Manager is available immediately from FullArmor and its business partners worldwide. Pricing starts at $20 per user or managed endpoint.

About FullArmor

FullArmor Corporation develops software that helps organizations manage their IT environment more securely and effectively while leveraging investments in Group Policy and Active Directory. The company is a Microsoft Gold Certified Partner. More than 5 million users and 1,500 organizations worldwide rely on technology developed by FullArmor. For more information visit us on the web at www.fullarmor.comor call 800.653.1783.