Greynet Enterprise Manager (GEM) GEM™ enables organizations to manage security policies and aggregate reporting for IM, P2P and spyware traffic across distributed enterprise environments. By integrating with RTGuardian and other components of FaceTime Enterprise Edition, GEM delivers the first network-based anti-spyware solution to targeted remediation and repair of infected endpoints without deploying client software. GEM comprises two components: GEM Management Console provides a unified view of all reports generated by multiple RTGuardians across the enterprise. Centralized device management provides health, status and firmware version reports.
Reports actions taken on spyware infections down to the machine and user level, not just IP addresses
Discovers and cross-references IM and P2P installations with policies to enforce appropriate usage
Intelligently interprets traffic and activity on the network, providing additional insight into network performance
Collects additional data from RTGuardian installations:
Real-time IM, P2P, HTTP, other TCP, and UDP traffic monitoring
IM network activities, unauthorized port usage, attempted policy breaches, and other non-typical behavior
Gateway enforcement actions including blocking network access, file transfer, protocol type and client connection
Prevention, usage, policy and events reports with a dashboard summary
GEM Endpoint Remediation uses information from the aggregated RTGuardian gateway reports to trigger targeted remediation of spyware-infected endpoints. The clientless architecture ensures efficient cleaning and inoculation of endpoints to prevent future infections from known spyware.
No client software deployment - endpoint scanning is enabled through on-demand remote scanning agent
Uses existing anti-spyware policies to determine remediation across groups of clients
Global and custom policies can be used to enable, disable, or schedule scanning, cleaning, and inoculation
All endpoints are scanned by default - any infections found are automatically cleaned on discovery
Endpoints are protected from future infections by inoculation with known spyware signatures
Administrators can specify either or both of two mechanisms for inoculating endpoints:
Set kill flags on Active X to prevent drive-by infections through Internet Explorer
Enforce Software Restriction Policies (SRP) to prevent existing spyware infections from executing
Together, the GEM components:
Aggregate reports from multiple RTGuardian appliances to provide visibility into IM and P2P usage as well as endpoint spyware infections
Deliver user and host level visibility through Active Directory integration
Identify endpoints with phone-home spyware infections detected by RTGuardian
Apply appropriate anti-spyware policies to scan, clean, and inoculate infected endpoints without the need for local agents
Prevent spyware from downloading or executing on the client using patent-pending endpoint inoculation
Using GEM in conjunction with RTGuardian, organizations will benefit from:
Greater productivity through reduced inbound threats
Lower risk of confidential information leakage through outbound threats
Compliance with regulatory and corporate policies and requirements
Lower cost of deployment and management through leverage of existing IT and security infrastructure
Investment protection through extensible framework for emerging applications and protocols
