GFI EndPointSecurity

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Is there any other way to know who use GFI landguard?, Is it possible to add a login to the app and to know what actions are made for the te

    Is there any other way to know who use GFI landguard?, Is it possible to add a login to the app and to know what actions are made for the any technician

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. EP Security Volume Encryption Decrypt option along as Enter encripted pen password

    We would like to be able and have the option to volume decrypt in the same window when encrupted pen asks for encryption password.

    We ask this, so that we wont do any changes in encryption options policies.

    Thank you,

    José

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Traveler program need not require user to have local admin rights to run.

    In my POC environment, all of the PCs & Laptops in the POC network will have the GFI End Point Security installed but the rest of the corporate PCs & laptops are not install with GFI and thus required the Traveller. And that's why I cannot agreed with the requirement of the users must has local PCs or Laptops Administrators privilege before he/sh could use the traveler.

    We will not have the direction to replace my existing DLP endpoint solution with GFI just because of this requirement. Thus, I am requesting for this feature to be added into GFI and…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Reviewed  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Blocking Removable Memory Cards

    At the moment, EPS does not have the features to block access to removable memory cards. It is only possible to do this on card 'reader'. However, if you allow access to this reader you would allow any memory cards to be access from the reader. Please vote for this feature guys.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. More control of temporary access

    When granting temporary access currently you give access to all types of a category (ie USB devices) for the time frame specified. We would like to be able to limit the access to a subset or in our example just bitlocker encrypted devices.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Endpoint security agent support for windows 10

    ESA does not support windows 10 ..please release version to avoid using legacy OS

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. View, count or export a list of Computers by policy

    It seems a list of computers that have a certain protection policy applied cannot be exported, counted or organized by policy. This can only be counted on screen. This would be an easy and useful feature to have if we are to continue the rollout of our Endpoint security installation.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Auto Discover By IP Range

    Despite being able to Scan by IP range (Under Scanning > Scan Area), the GFI Console does not allow to Auto-Discover by IP range (Under Configuration > Computers > Auto Discovery Settings).

    We have 6 Jurisdictions and 6 GFI Servers, 1 Server per Jurisdiction. Auto Discovery by Domain is totally impractical because this pulls in ALL Workstations into EVERY GFI Server; rather than just those specified in the Scanned IP Range.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Centralised Deployment Enhancement For Policies

    When deploying the GFI Agent, using SCCM or WDS for example, the Agent is deployed without the Policies. Policies are only picked up when the Agent is deployed from the Console.

    This is especially problematic with Microsoft Surface Pro devices, for which the Docking Station (which provides Ethernet connectivity) is completely blocked when the GFI Agent is deployed. The device must then be connected to Wi-Fi, have the GFI Agent removed from the console, and then re-deployed again but from the console instead.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Case# GFI-160718-421294 for EndPointSecurity: Define priority for whitelisted hardware - Routing ID: [ ref:_00D80ZQDU._500C012HNEx:ref ]

    The manual process to increase of decrease the priority for whitelisted/blacklisted hardware is very disturbing...!

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Centralised Deployment Enhancement For Policies

    When deploying the GFI Agent, using SCCM or WDS for example, the Agent is deployed without the Policies. Policies are only picked up when the Agent is deployed from the Console.

    This is especially problematic with Microsoft Surface Pro devices, for which the Docking Station (which provides Ethernet connectivity) is completely blocked when the GFI Agent is deployed. The device must then be connected to Wi-Fi, have the GFI Agent removed from the console, and then re-deployed again but from the console instead.

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. GFI Endpoint Security Offline Temporary Access

    The user/computer protected by GFI Endpoint Security requesting the temporary access using a request code should not mandatorily need to be connected to the network for an unlock code to be generated and temporary access validated. Very often, we have scenarios where no wired/wireless connection is available at certain sites but still temporary access is required on USB ports. For e.g, a user who in the middle of a presentation in the boardroom which is not connedted to any network needs to plug in the USB device of a guest. Or a user in a remote office or at home…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. differentiate action for mobile phone, USB devices

    Client would like to be able to set for the same user, mobile phone with read-only permission and USB with read-write and encryption capability. Because the OS detects both mobile and USB drivers as storage device, it is not possible to set different right for those devices.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Laptops should view the site concentrator as an option for managed AV updates

    Laptops look for site concentrator before going to the Internet

    When managed antivirus gets updates, laptops should check for the presence of the site concentrator and then after a predetermined number of retries go to the Internet to download their definitions. In healthcare and education environments where a lot of laptops roam the campus, but never leave the site are placing a large burden on the Internet connection for updates. Managed antivirus on laptop do not use the site concentrator for updates. This simple solution would save a lot of bandwidth, especially on Monday mornings.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Configurable Windows Event Log

    When configured to log GFI EndpointSecurity events to Windows log, a new GFI EndpointSecurity log log is generated and registered in windows WMI. The size and retention settings for this log, however, seem to be hardcoded and enforced by the agent.

    For forensics reasons, we'd like to ensure the raw windows logs are never overwritten. Can some options be set in the GUI or at least in the XML config files to allow configuration of "Retention Method" and "Max Log Size" or otherwise disable the enforcement of the default values so that they can be changed in Windows?

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Toggle client to use least restrictive group

    We're using GFI Endpoint to control data written to removable media. We want to allow all users to read from removable media, but want a small subset of users to write to removable media. I

    deally, the "Everyone" group would have read only access while a "Media Write Authorized" group would have Read/Write capability. As it stands now, this won't work because the "Everyone read only" is most restrictive and would be applied to, well, everyone. Can we set a bit in the policy to process permissions for least restrictive rather than most restrictive? Otherwise most new users to the…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Alerts and enumeration

    We have been using EPS for many years and untill the 2013 version it alerted us as to when a unauthorized user would use a device they should not. Now the EPS alerts to every computer just enumerating and not really accessing the devices. the company is now saying the product is working as intended. maybe so but it just started with the 2013 version. I hope the will fix the issue and release an update to us.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Distinguish between ENUMERATING a CD/DVD and ACCESSING the drive

    Currently (ESEC 2013) registers the same "event" whether a user knowingly access a CD/DVD drive and also when explorer.exe simply opens up "My Computer" to ENUMERATE the drives.

    However, by not distinguishing between an enumeration of the CD/DVD and an intentional access of data, ESEC creates many "false positive" alerts that do not help a sysadmin know whether there is a potential security breach or whether a user simply opened the "Save As" dialog box from withing Notepad.

    In Windows, "auditing" can be enabled that distinguishes among many different types of "access" such as:
    - Traverse Folder
    - List Folder …

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Encryption with whitelisted devices

    I am not able to access encrypted devices that have been whitelisted. I need to have full access on the USB devices to be able to access encrypted content.

    That is not an ideal situation. I would like to be able to block USB device as category and still be able to whitelist only certain products by their serial numbers and also have encryption on those USBs.

    As the product works right now it is either allow the entire category and have encryption or block the category and use whitelist but without encryption

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Reporting and Warning Notification

    I would like to suggest in GRI EndPointSecurity if feasible, to

    1. add feature to view a log report of file being transferred/copied to any USB devices and DVD/CD RW. On this way, we can monitor each client/workstation that are being suspicious.

    2. add feature of warning display notification on end-user for any transferred/copied transaction to USB devices.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

GFI EndPointSecurity

Feedback and Knowledge Base