SecureWave touts unified GUI in Sanctuary upgrade

Sanctuary 4.0 also designed to simplify encryption policy admin.

SecureWave this week is scheduled to release a new version of its Sanctuary software suite, which is designed to control user access to laptop applications and storage devices.

In the 4.0 release, both of the Sanctuary programs, Application Control and Device Control, can be managed from a common GUI. In the past, they had to be managed separately.

Now network administrators have a single console that let's them integrate data from both. With the integrated console, and some new and expanded reports, administrators can relate a user's activities with a specific application to specific CD-ROM, USB drive or other portable memory devices.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

SecureWave this week is scheduled to release a new version of its Sanctuary software suite, which is designed to control user access to laptop applications and storage devices.

In the 4.0 release, both of the Sanctuary programs, Application Control and Device Control, can be managed from a common GUI. In the past, they had to be managed separately.

Now network administrators have a single console that let's them integrate data from both. With the integrated console, and some new and expanded reports, administrators can relate a user's activities with a specific application to specific CD-ROM, USB drive or other portable memory devices.

Changes include simpler administration of centralized encryption policies, more efficient data exchanges between the Sanctuary client and server programs, and the ability to audit any changes made to a client by someone with administration privileges.

Both Sanctuary applications essentially create whitelists of authorized applications and devices on an enterprise PC. If they aren't on the list, the client code will block the user's access to them. The software can also keep a record of a user's activities.

SecureWave competes with several companies that also offer software to extend enterprise control over PCs and their peripherals, especially laptops that may be used outside a company office. So-called endpoint-security vendors include Safend and SmartLine, and Credant Technologies.

Customers typically buy either Sanctuary Device Control or Application Control to start with. The second program can be added by paying the additional license and activating a license key: No additional software installation is needed.

Click to see: SecureWave

The console GUI has been redesigned to make it easier to navigate the various screens. Reporting has been improved so that administrators can see how a specific storage device associates with different applications, according to Dennis Szerszen, vice president of marketing for the Durham, N.C., outfit. Finally, the Sanctuary program used to view and work with file types has been redesigned to mimic Windows Explorer.

SecureWave plans to add features that expose more details about what users do with data, and eventually allow administrators more detailed control over data access, according to Szerszen.

Enforcing encryption policies is simpler in the new release. In the past, a USB or other device first had to be plugged into a specific PC; only then could that PC's SecureWave client enforce a rule that data saved to that drive had to be encrypted. Version 4.0 eliminates that step: When a user plugs in certain brands of devices, such as a Lexar USB drive, it can use unique identifier information on the drive to know that it can be encrypted and enforce whatever encryption policy has been decided upon.

Sanctuary 4.0 now also automatically compresses both log entries, which are used for keeping track of activities, and the initial download of the Sanctuary whitelists to the clients. Changes to Sanctuary policies can now be replicated to client devices without having to download the entire policy file. Both of these enhancements are designed to minimize bandwidth demand, according to Szerszen.