Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

Promisec

Product Version Certified: Spectator Professional 3.0
Certified for use with: Check Point NG and NGX

Product Description: Spectator Professional is a comprehensive clientless solution that protects the corporate network from security threats that originate from within the organization. Many reputable studies have concluded that 70% to 80% of security breaches occur within the organization bypassing all gateway security products thus rendering perimeter defenses useless. Spectator Professional complements gateway security solutions and enhances their abilities by detecting, repairing and preventing security threats that can bypass the gateway. Rapidly installed on any point in the network Spectator Professional is the only clientless solution that can monitor each and every endpoint and server in the LAN and WAN and give an accurate description of all threats originating within the corporate network such as usage of:

  • Unauthorized applications.
  • Unauthorized attachable or permanent hardware devices.
  • Improper use of organization's computing resources.
  • Unauthorized Laptops / Access Points connected to the network.
  • Existence of surveillance applications.

This includes a view of hardware and software currently deployed on each machine and forensic history of applications or devices that may have once been installed in the past. In addition to detection and protecting each PC it can also control the usage of any peripheral hardware attached to a machine whether it is internal or external, especially mass storage devices which can be used to steal confidential information from the company. Together with VPN-1, Spectator Professional offers customers a solution to hermetically secure their networks from attacks that originate both outside the network and within.
 
Key Features and Benefits
OPSEC Integration
Additional Information 		Clear
 
Company Description: Promisec develops and markets security software solutions that enable organizations to confidently place trust in their most important assets - their employees. The company's always-on internal network security solutions detect and eliminate threats, enable more effective enforcement of security policies, and prevent loss of mission-critical information. Pioneering the development of Clientless Endpoint Security Management, Promisec aims to lead the field of non-invasive endpoint solutions for enterprises

With offices in Boca Raton, Florida, and an R&D center in Israel, Promisec is backed by experienced and prominent private investors. Promisec's seasoned management team brings broad experience from the network security industry. The company's executives have held high-level managerial positions at Check Point, Aladdin and other leading companies with all founders coming from an elite technology unit in the military. Complementing the management are experienced and professional technical teams who together constitute a creative, professional and motivated industry-leading force.
 
Key Features and Benefits
Spectator Professional is the only Clientless Endpoint Security Management that gives the customer an easy to use solution to protect the entire network of endpoints and servers within the corporate LAN and WAN. With its Detection, Repair, Prevention and Monitoring modules that can be set to run continuously or according to a schedule, Spectator Professional maintains endpoint's compliancy with the company's security policy 24*7 and sends an alert whenever a deviation from the policy occurs.

Features: Detects hidden threats that have bypassed gateway security systems at the perimeter and embedded themselves into a company endpoint or server. Spectator Professional also detects any rogue access point or modem of any type that has been added to the network, any peripheral device added to an endpoint or server including a secondary network interface card and any unauthorized process or application.

Repair threats before they become a security breach using remote remediation technology from a centralized management console. If a harmful process is identified or a registry change that could compromise the company, Spectator Professional enables the security administrator to remotely kill that process or reverse the registry change remotely from their own workstation.

Prevent confidential information from being illegally copied onto mass storage devices or transmitted out of the organization by way of an unauthorized modem attached to an endpoint or server. Spectator Professional gives the security administrator the ability to remotely control the usage of any peripheral device on an endpoint or group of endpoints, whether on-board or external, with granularity that allows different rules for each individual or group.

Monitoring for Compliance in real time is part of the demands that are mandated by Regulatory bodies that have been passed by some governments. By constantly inspecting every endpoint and server in the network Spectator Professional ensures that they maintain their compliancy state according to the company or regulatory policy. If for any reason an endpoint becomes non-compliant, Spectator Professional can return it to its compliancy status by using the built in 'Repair' module.

Benefits:

  • Clientless solution that does away with the ongoing expenses and overhead of deploying and managing clients.
  • Provides centrally managed endpoint anomaly detection enforcing the organization's security policy.
  • Safeguards investment in gateway security solutions by preventing any threats that can bypass the gateway.
  • Identifies threats before they become security breaches and gives security administrators remote remediation capabilities to address them.
 
OPSEC Integration
Spectator Professional is integrated with VPN-1 using the SAM and ELA APIs. This enables logs to be sent to FireWall-1, using the ELA API, of any security events occurring on endpoints or servers inside the network.

With the SAM APIs rules can be added on the fly to terminate a specific IP connection should a malicious process be detected. For example if Spectator Professional detects a secondary NIC in an endpoint or if a user is trying to use an unauthorized peer-to-peer application, it sends a request to the Firewall to create a rule that blocks all connectivity to that endpoint until the problem is fixed.
 
Additional Information

Spectator Professional White Paper [PDF]
Spectator Professional Datasheet [PDF]
OPSEC Technical Integration [PDF]