ZENworks Endpoint Security Management utilizes an installed client application to enforce complete security on the endpoint itself. This ZENworks Security Client protects client data by determining in real time the network location of every Windows 2000, Windows XP and Windows Vista endpoint. Based on that location, the ZENworks Security Client:
- Implements policy-based filtering of all incoming and outgoing traffic, creating a personal firewall
- Implements policy-based control over hardware use (such as that of wireless access points, removable media and network adapters)
- Collects reporting data
- Launches nominated applications in policy-defined situations (for example, if policy dictates that in a certain location a VPN program must be used to access the network, the ZENworks Security Client launches)
The ZENworks Security Client is protected from being intentionally or unintentionally uninstalled, shut down, disabled or tampered with in any way that would expose sensitive data to unauthorized users, even by Local Admin users. Each measure protects the client against a specific vulnerability:
- Normal uninstall is not allowed without an installation password or unless an uninstall MSI is pushed down by the administrator
- Windows Task Manager requests to terminate ZENworks Security Client processes are disallowed
- Service Pause/Stop and client uninstall is controlled by a password, which is defined in the policy
- Critical files and registry entries are protected and monitored. If a change is made to any of the keys or values that are not valid, the registry is immediately changed back to valid values
- NDIS filter driver binding protection: If the NDIS driver is not bound to each adapter, ZENworks Security Client will rebind the NDIS filter driver
- 24/7 alerts monitoring: With an eye always on the well-being of your endpoint devices, ZENworks Endpoint Security Management helps you avoid costly accidents with tools that keep you informed and that distribute, enforce, and monitor security policies on your endpoint devices without forcing users to make security decisions or adjust settings