Netwrix Endpoint Protector Reviews

Our primary use case is for data loss prevention. 

The most valuable features are:

• The OS platforms that it is capable of running on.
• The ability to detect source code as well as file types for the policies. 
• The SIM integration. 

These were identified previously as key features in a DLP program and Endpoint Protector had them. They are a business need.

The granularity of the policies that you can create is pretty good. I would give it an eight out of ten. It's very granular, but there are still more possibilities for granularity. There's still work to be done, but it's very granular.

Endpoint Protector offers the ability to lock down a wide variety of USB devices. That is a key feature. It was one of the main features we were looking for.

We plan to use the EasyLock USB-enforced encryption app to automatically encrypt confidential data transferred to USB storage devices. 

I would rate the versatility regarding the exit points an eight out of ten. The exit points are pretty diverse, cover the majority, and are constantly updated, but there are still some application types and categories that we would like to see in there. They are responsive to our feature requests and are quick to add applications to the list and categories to the list of exit points.

The cross-platform management is good. I understand that there are some features that won't exist because of the technical limitations that are presented based on Linux, for instance, versus Windows. There are some things you can't do in Linux that you can do in Windows. EasyLock, for example, is a technical limitation that they have because of the nature of Linux. There's work to be done there but I understand why there are technical limitations.

We use the clipboard granularity feature to monitor copying and pasting to specific exit points in a limited capacity. It wasn't one of the main use cases, so it hasn't affected our DLP implementation too much.

The search for keywords is very important in our security operations because one of the key use cases we had was for the ability to search keyword-based on an internal database of keywords that have been submitted by other project managers within the company that's around intellectual property. The ability to search on keywords was part of that.

We are using Netwrix Endpoint Protector for PC Endpoint protection. It is an endpoint security solution ensuring PC security by blocking USB ports and other physical ports and controlling PC access.

Netwrix Endpoint Protector works on Linux and macOS to block USB ports, control internet access, and manage other peripheral ports. It can block and monitor these ports, generate logs of file transfers, and provides exceptional access options. These features are very valuable for us.

I use it to restrict access to USB drives and monitor user activities on laptops to capture log data.

Data security is of paramount importance in today's digital landscape. By selectively sharing certain resources, we can proactively prevent users from unknowingly leaking sensitive data. Through this approach, we gain valuable insights by capturing logs. We leverage a centralized portal to access comprehensive information and proactively block messaging platforms like WhatsApp and other similar applications to further enhance security measures.

We use it for detecting the traversal of data through endpoints. We keep a multi-tier isolated environment, so we have inner and outer cordons of access control. And over VPN, users could potentially be one of the exfil points, at least the privileged ones with access. Being able to identify when information enters the system and leaves, based on a number of complex criteria, because we work with medical information from all over the world, is the purpose of it in our organization.

The solution is all on-premises. We're a healthcare organization, and that's actually one of the reasons we use it. We can't have a lot of our security functionality in the cloud.

We operate a Waterfall scene mechanism. We trickle up data from a bunch of different endpoint and network solutions to a central event and processing correlation mechanism. We're able to detect when somebody accesses data internally and correlate that to a DLP event when a file lands on their system. It actually provides a data point within our global view. It's an ongoing operation.

We also use it to monitor all clipboard activity. When a detection occurs, we can generally identify it pretty quickly, but someone would have to be copying some pretty specific data to match the policies we've created. When it occurs, we know. Generally, it's also in the line of business. We have healthcare analysts here, and that's what they do all day.

We use it to block USB and any external devices for read-write. We only allow people to read an external device, not to write to an external device, unless we approve it. Our main reason is that we have 30 percent of our workforce working globally around the world. In addition, a lot of them do not have WiFi access, as they are working in the desert. We needed an application that allows us to unblock or block something by giving a code and could be sent by WhatsApp or SMS.

It's hosted on the cloud, then deployed to workstations. This is a portal from the vendor that we have access to where we can see and remove the agent.

Once you put a policy in place, you can see if somebody is trying to access something, even if it's not allowed and will not go through. In IT, we need to make sure that we think first before applying the rules that we do want. We have different groups levels of access. Once you have done this correctly, then it definitely stops any misuse of data and leaks. However it is not the software. It's you, as the administrator, who has to make sure that the profiles are set up correctly.

Sometimes, we have engineers who are in the desert taking pictures with an external camera, etc., and they need to send these pictures ASAP to our online portal for reporting. These devices are normally blocked. We can then very quickly (within seconds) open up this device for a certain time to be fully accessible. Then, we do not have to worry about it because the policy will kick in after the period that we have given. This helps us a lot when people are onsite doing reviews of company sites and they need to send a report. It also gives us control of what people can access at that moment, because most of our field engineers have zero access to any external devices. They are only given the device once we decide, "Yes, they need it and for how long."

We are a pretty small company. We only have an IT engineer who administers everything along with myself. We don't have a big IT team; it's only one engineer and me. The access is great because we can do it from home. We don't need to be inside the company since all of it is cloud-based.

Currently, we are using it only for the media access restriction. We're not like a bank or financial sort of organization, so we're not using EPP for DLP.

We have only Windows clients in our environment. We don't have macOS or Linux in our environment.

We were facing multiple issues when we were using a different solution. For example, for upgrading the software, if there was a new agent, we had to first remove the agent, but we used to face issues when an end-user was outside the organization. That solution required some sort of active link between the agent and the service to be able to remove the agent. With EPP, there is OTP, and we can put a password on the agent. Management is much easier. Upgrades are also easier.

If an end-user, who is not on our premises and is in a different country or location, needs to access the media, he or she can send us an email providing the information about the device. We can then provide an OTP. So, our IT department has less headache now. Overall, it's much better for our organization. Our management might be seeing the same or even more cost with EPP, but even if we are paying a little bit more than other solutions, in the end, the headache that our department IT used to have previously is gone.

The main reason that we brought this solution into our ecosystem is that we work with a number of financial institutions who value all of their data, whether it's marketing material, all the way up to client data, which we don't really handle as data.

Because we do promotional stuff, we need to adhere to what our clients are asking us to do to lock down the ability to lose data. We use Endpoint Protector to limit our employees' access to removing data off of company computers.

We are running the current version of the server, which I updated recently. We are running different versions of the client on different machines because we're currently doing some testing to see whether our software has conflicts with theirs.

We are a smaller company and at this point, we don't have a whole lot of concern about losing data. So, in that sense, using Endpoint Protector has not really improved anything. On the other hand, we've had a couple of hiccups where some employees have had issues with operations like attaching documents. In this regard, it's given us a slight burden, although we've been able to resolve such issues fairly quickly.

As time goes on and we become more familiar with the system, this will change. For example, as we run tests, and as we've done certain implementations, we've discovered some bugs here and there in the process and we have resolved them.

Endpoint Protector absolutely gives us the ability to lock down a wide variety of USB devices and it is extremely important to us. We have multimedia machines, and these machines are used for editing video. We use external devices as caching services or caching drives, and giving certain people access to external devices like that is a risk. However, locking down other flash drives gives us flexibility. It means that our media department can use their external devices while other people cannot.

The versatility in terms of exit points and making sure that important data doesn't leave our organization is something that I find extremely useful. It's been able to do exactly what we needed to have done so that we're adhering to our clients' standards. It's extremely valuable because it's blocking everything that we need to have blocked.

Because we're a smaller company, most of us don't typically use flash drives or other external devices to move data. However, what we really enjoy is the ability to lock down different applications, such as a cloud storage app or even its related website. This means that nobody can move data from a machine to a cloud-based system, such as Dropbox, for example. We can lock down the Dropbox app and the website so it prevents people from moving data via the cloud to it. Another example is blocking FTP transfers and all of those types of situations.

This product has the ability to search for keywords to help make sure that specific data doesn't leave the organization, although we have not used it. At some point in the future, we may get to that level of granularity. However, from a business standpoint, this is not a significant concern at this point. This implementation is primarily in place so that we are satisfying our clients that specifically ask for this type of protection for their data. Thus far, this level of granularity has not been brought up.

We use this product to protect our Mac and Windows 10 endpoints.

Our main purpose is to block the uploading of Excel and PowerPoint files. We also use it to block USB devices and other peripherals that users connect to the system. 

This product performs well and multiple things have been blocked by it.

By raising discovered issues with our team members, they are doing their part in terms of resolving them.

Endpoint Protector provides a single platform to support our Windows and Mac machines. We do not have any Linux machines in our environment. Managing DLP for our machines in this hybrid environment is pretty simple, as the product is user-friendly and we can easily find what we need.

The fact that this solution supports different operating systems is very important to us because we want to ensure that there is no data leakage.

We have one or two Macs in our organization, with the majority of people using Windows 10 machines. We haven't seen any difference in the support that this product offers for either operating system.