ESP Policy Enforcement
ESP Security Policy Enforcement
Cyber security policies are difficult not only to design, implement, and monitor, but especially to enforce in a consistent, company-wide manner.
ESP provides added value!
ESP is a powerful solution that helps organizations at each and every step of the “Plan - Do - Check - Act” process management cycle to work toward achieving desired levels of audit-proof security compliance.
Designed specifically to achieve maximum efficiency with minimum IT resources and minimum maintenance, ESP is a policy enforcement-driven cyber security solution that ensures critical digital assets are continuously in compliance hence always protected. To do so, ESP provides consistent and documented enforcement of best practice security configurations and network communication policies at the endpoint level.
ESP continuously monitors and enforces the integrity of multiple subsystems, for example:
- - Turning logging on and off for specific daemons and services
- - Checking and enforcing retention methods and length of data retention for application, security, and system logs
- - Checking and enforcing management rights and access rights to application, security, and system logs
- - Checking and enforcing enabled/disabled status of file system services and file systems
- - Checking and enforcing permission settings for various types of files
- - Checking and enforcing specific Windows registry settings
- - Checking allowed rule exceptions
- - And much more
ESP offers pervasive and documented enforcement of cyber security policies by:
- - Continuously monitoring security configurations and activities of managed servers and hosts
- - Detecting changes in those configurations and flagging policy violations
- - Automatically deploying targeted containment policies (if required) to limit violators’ accessibility
- - Resolving those violations at the host level by changing host configurations or network-level activity by denying traffic on specific ports or interfaces
- - Maintaining detailed records of all policy enforcement actions performed by the system
As an example, with ESP, the use of dozens of non-essential programs, functions, ports, protocols, and processes can be restricted or disabled on any number of endpoints with just a few clicks of a button. This allows for better strategic planning by management, improved agility for the IT teams, and fewer resources needed to implement critical security policies on a day-to-day basis.