 |
||||||||||||||||||||
|
| PGP NetShare |  |
|
Secure files on desktops and shared between colleagues within and beyond the enterprise PGP NetShare protects data on desktops and enables teams to securely share documents on file servers by automatically and transparently encrypting the files for fine-grained group access. This approach ensures that only authorised users can read or modify files, fulfilling partner and regulatory requirements for information partitioning and security.
   |
 |
|  |
File servers have emerged as an industry-standard tool for enabling users to collaborate and share large files. Unfortunately, unprotected files pose a critical risk to an enterprise’s most sensitive data: customer information, financial data, trade secrets, and other proprietary information. Exposure of this data can result in financial loss, legal ramifications, and brand damage.
PGP NetShare extends file server access controls to include strong end-to-end encryption, allowing content owners or security administrators to specify access rights for specific groups or individuals. Administrators can centrally define policies to protect data by application or location. With PGP NetShare, organizations can defend their intellectual property, customer and partner data, and corporate brand equity.
Persistent File Encryption on Desktops and Network Servers
With PGP NetShare, authorized users can save and share encrypted files, with no change required to applications or user behavior. Content such as documents, spreadsheets, presentations, video, and audio is automatically encrypted when saved by a NetShare-protected application or to a PGP NetShare–protected folder. The content remains encrypted when created on or transferred to desktops.
PGP Encryption Platform–Enabled
PGP NetShare is a PGP Encryption Platform–enabled application. The PGP Encryption Platform provides a strategic enterprise encryption framework for shared user management, policy, and provisioning, automated across multiple, integrated encryption applications. As a PGP Encryption Platform–enabled application, PGP NetShare can be used with PGP Universal™ Server to manage existing policies, users, keys, and configurations, expediting deployment and policy enforcement. PGP NetShare can also be used in combination with other PGP encryption applications to provide multiple layers of security.
Easy, Automatic Operation
Once PGP NetShare is deployed, its operation is completely transparent—users simply continue to work as usual. The software automatically encrypts and decrypts documents on-the-fly, ensuring that users never forget to secure data.
Remote application delivery support – Protect data in Citrix and Microsoft Terminal Server sessions.
Encryption that follows the file – Ensures files stay encrypted locally, over the network, on the server, and in backups.
Role separation – Enforces different permission levels for content users, owners, and administrators, restricting each to the minimum required to perform tasks.
Remote application delivery support – Protect data in Citrix and Microsoft Terminal Server sessions.
Encryption that follows the file – Ensures files stay encrypted locally, over the network, on the server, and in backups.
Role separation – Enforces different permission levels for content users, owners, and administrators, restricting each to the minimum required to perform tasks.
Enforced Security Policies
Security policy configured in PGP Universal Server ensures that documents are secured automatically, without changes in user behaviour.
Protect data by application policy – Enforce encryption for desktop applications, securing documents wherever stored or used.
Client controls – Enable the organization to better meet security requirements by locking down which features are enabled, visible to the user, and enforced.
Centrally defined folder protection – Defines policy to protect files stored in specific directories, enforcing security without impacting user behaviour.
Data protection logging – Tracks the protection applied by PGP NetShare within the organization, to assist in satisfying management and auditor requirements.
Protect data by application policy – Enforce encryption for desktop applications, securing documents wherever stored or used.
Client controls – Enable the organization to better meet security requirements by locking down which features are enabled, visible to the user, and enforced.
Centrally defined folder protection – Defines policy to protect files stored in specific directories, enforcing security without impacting user behaviour.
Data protection logging – Tracks the protection applied by PGP NetShare within the organization, to assist in satisfying management and auditor requirements.
Accelerated Deployment
Used together, PGP NetShare and PGP Universal Server establish, enforce, and update file encryption policy in real time. This combination reduces the time and effort required to deploy encryption.
Automated enrollment – Leverages existing infrastructure to deploy encryption without infrastructure changes.
Rapid deployment process – Speeds deployment by automating the installation and configuration process.
Secures documents on desktops, exchanged over the network, or on backup media.
Automated enrollment – Leverages existing infrastructure to deploy encryption without infrastructure changes.
Rapid deployment process – Speeds deployment by automating the installation and configuration process.
Secures documents on desktops, exchanged over the network, or on backup media.
Reduced Operation Costs
With PGP NetShare, no special training is required for end users. This approach accelerates deployment time, reduces training costs, and avoids any increase in help desk calls.
Flexible, scalable security – Allows PGP NetShare to scale to include thousands of users without degrading system, server, or network performance.
Administration role delegation – Centrally controls which users can change permissions on protected folders.
Flexible, scalable security – Allows PGP NetShare to scale to include thousands of users without degrading system, server, or network performance.
Administration role delegation – Centrally controls which users can change permissions on protected folders.
PGP Universal Server Management
PGP NetShare can be centrally deployed and managed when used with PGP Universal Server (optional), enabling organizations to easily set and enforce data security polices throughout the enterprise.
Centrally enforced security policy – Automatically enforces protection of sensitive data using security policies driven by an existing corporate directory.
Extensible protection – Allows management of PGP® Desktop Email or any other PGP Encryption Platform–enabled application.
Centrally enforced security policy – Automatically enforces protection of sensitive data using security policies driven by an existing corporate directory.
Extensible protection – Allows management of PGP® Desktop Email or any other PGP Encryption Platform–enabled application.
Supported Desktop Systems
-
Microsoft Windows Vista (all 32-bit and 64-bit versions, including Service Pack 1)
-
Microsoft Windows XP Professional 32-bit (Service Pack 1, 2 and 3)
-
Microsoft Windows XP Professional 64-bit (Service Pack 1 and 2)
-
Microsoft Windows XP Tablet PC Edition 2005 (requires attached keyboard)
-
Microsoft Windows 2003 Server (Service Pack 1 and 2)*
-
Microsoft Windows 2000 Professional (Service Pack 4)
* Full disk encryption functionality is not supported on Windows 2000 Server or 2003 Server.
Authentication Options
-
OpenPGP RFC 4880 keys
-
X.509 certificates
Supported Storage Systems
-
Windows file shares (SMB, CIFS)
-
Samba, NAS and SAN volumes
-
Locally attached hard drives (internal and external)
-
USB flash drives
Symmetric Key Algorithms–PGP NetShare
- 256-bit AES key in EME mode
Centralized Management Requirements
*PGP Universal Server requires a dedicated server.
Two-Factor Authentication
PGP® NetShare recognizes and works with the following:
-
DoD Common Access Cards (CACs) with the ActivCard Gold 2.0 profile
-
Athena Smart Card Solutions smart cards, including the ASEKey USB token
-
AET SafeSign smart cards, including ASEKey 1.0
-
Axalto (formerly Schlumberger) smart cards, including the Cryptoflex 32K
-
SafeNet smart cards, including iKey 2032
-
Aladdin smart cards, including eToken PRO USB 16K, 32K, and 64K
-
GemPlus smart cards, including SafesITe and GemXpresso Pro, using GemSafe Libraries 4.2.0-015 (Gold)
PGP NetShare also recognizes and works with smart cards from other vendors if the vendor includes a standards-based PKCS-11 library in its software drivers.
General
What is PGP NetShare and why is it important?
PGP NetShare provides secure, shared file encryption (including application policy-based encryption) without requiring changes to end-user applications, processes, or workflow or to an organization's storage infrastructure. IT backup and archiving applications remain as-is. PGP NetShare enables complete role separation between those authorized to create, change, and view content and systems administration personnel.
When should organizations use PGP NetShare?
Organizations should use PGP NetShare when they want to encrypt local file shares or shared folders on network servers.
Does PGP NetShare protect at the folder or file level?
Both. PGP NetShare allows for protected work area access control in folders and self-contained file protection independent of location.
Does PGP NetShare protect information on removable media?
Yes. With PGP NetShare, protection remains with any files copied to local storage or removable media from a shared, protected folder. PGP NetShare can also be used in conjunction with PGP Universal Server, PGP Whole Disk Encryption, PGP Virtual Disk, and PGP Desktop solutions for added security.
Is PGP NetShare a hardware appliance?
No. PGP NetShare is a client-based software solution.
What impact will PGP NetShare have on servers and networks?
Virtually none. Because PGP NetShare is client-based, it can scale to include thousands of users without degrading system, server, or network performance.
Do people have to change the way they work to use PGP NetShare?
No. With PGP NetShare, users simply create, save, and share files as before without changing their behavior or requiring additional training.
How is PGP NetShare different from PGP Virtual Disk and PGP Whole Disk Encryption?
PGP NetShare protects files in a shared, collaborative environment, usually over a network. PGP Virtual Disk and PGP Whole Disk Encryption protect individual drives or portions of drives on a local system. All three are best-of-breed security solutions designed for different use cases.
Is PGP NetShare part of the PGP Encryption Platform?
Yes. Organizations that deploy PGP NetShare or any PGP encryption application automatically deploy the PGP Encryption Platform. The PGP Encryption Platform provides a strategic enterprise encryption framework for shared user management, policy, and provisioning automated across multiple, integrated encryption applications. As another PGP Encryption Platform–enabled application, PGP NetShare leverages users, keys, and configurations, expediting deployment and policy enforcement. PGP NetShare can be used in combination with other PGP encryption solutions to provide multiple layers of security.
What's new in PGP NetShare 9.9?
Centrally defined data protection–Defines policy to protect files stored in specific directories or based on application, enforcing security without impacting user behavior.*
Remote Application Delivery–Supports data protection in Citrix and Microsoft Terminal Server sessions (Remove Desktop).
* Requires PGP Universal™ Server 2.9
Technical
Can PGP users use existing PGP keys with PGP NetShare?
Yes. PGP users can use existing PGP keys with PGP NetShare.
Can people use existing X.509 certificates with PGP NetShare?
Yes. People can use existing X.509 certificates with PGP NetShare.
Does PGP NetShare support separation of duties?
Yes. IT administrators can manage and back up PGP NetShare–protected files even if they do not have rights to decrypt the data. This functionality restricts file/folder access to authorized users only.
Does PGP NetShare re-encrypt my files when I make a change?
No. PGP NetShare does not need to re-encrypt your files when you make edits to the file, or even when you update PGP NetShare membership by adding or removing authorized users.
PGP NetShare operates at the file block level. This setup means that only updated blocks (or new blocks) need to be written to disk, as required by the application. When PGP NetShare membership changes, only a known-size file header is updated to reflect the change in user access. No other file changes are required.
Does PGP NetShare require a server for access?
No. PGP NetShare is a client process, so users are able to work both with remote and local files. Because PGP NetShare does not require access to a specialized server, users have consistent access whether they are online or offline, enabling consistent productivity.
Further, PGP NetShare does not require that any software be installed on existing file servers. This setup allows PGP NetShare to work with the user's existing CIFS/SMB deployment.
Does PGP NetShare provide a way to access encrypted data if users lose their encryption keys?
Yes. When used in conjunction with PGP Universal Server, PGP NetShare enables organizations to always retain access to encrypted information (according to policy) using patented PGP® Additional Decryption Key (ADK) technology. With the ADK, information is encrypted to an additional corporate key. The ADK may also be split between several people to ensure no individual has unauthorized access.
Which document formats are supported?
PGP NetShare supports all common digital formats: document, spreadsheet, presentation, Web, video, and audio.
Do organizations need to make any changes to their backup systems to use PGP NetShare?
No. PGP NetShare does not impact existing backup systems or processes. With PGP NetShare, files backed up from file servers remain encrypted.
Do organizations need to make any changes to their storage systems to use PGP NetShare?
No. PGP NetShare is storage system–neutral and works without requiring any changes to existing file shares, including Windows servers, network-attached storage (NAS), and storage area networks (SANs).
Which file servers are supported?
PGP NetShare supports the following file servers:
-
Windows file servers
-
Other file servers that share data using CIFS or SMB
Which file systems are supported?
PGP NetShare supports the following file systems:
-
FAT
-
FAT32
-
NTFS
|
Privacy Policy
-
Sitemap
-
Feedback
Copyright PIXEL IT 2009 |
Free Call 1800 674 935 or sales@pixel.com.au |