SafeGuard Easy ver. 4.30.1 MULTiLANGUAGE | 51,2 Mb
Utimaco Safeware A/G SafeGuard Easy 4.30.1 Build 12 (December 21, 2006) - provides total company-wide protection for sensitive information on laptops and workstations. Boot protection, pre-boot user authentication and hard disk encryption using powerful algorithms guarantee against unauthorized access and hacker attacks. SafeGuard Easy is both simple to install and operates transparently in the background.
Unauthorized persons are prohibited from accessing the system because pre-boot authentication (PBA) requires the authentication of the user before the operating system is started. PBA cannot be manipulated and therefore guarantees maximum security.
Many other protection programs are ineffective because they permit the readout of the keys or passwords from the hard disk. SafeGuard Easy prevents this by generating the code key required for boot-up from the typed password. Even hard disk analysis tools become ineffective against SafeGuard Easy.
Unlike other solutions which encode only selected files or directories, SafeGuard Easy encodes the entire content of the hard disk. This means that all the information on the hard disk is protected - regardless of where the data is stored.
Utimaco Safeware uses powerful algorithms and encryption methods to ensure that operating processes are executed efficiently and without delays.
SafeGuard Easy provides boot virus protection to resist boot sector viruses - hazardous sabotage tools that operate by interfering with the Master Boot Record and allowing hackers to gain control over the PC.
SafeGuard Easy lives up to its name within all organizations regardless of their size. The software can be installed conveniently throughout the company using configuration files without user intervention. SafeGuard Easy also allows user-specific privileges to be defined (e.g. disabling disk encryption).
The most significant features of SafeGuard Easy are:
- Boot protection - allows boot-up of the operating system only after correct authentication.
- Strong hard disk encryption to protect information.
- Encryption of external data media (e.g. floppy disk, ZIP, JAZ etc.).
Easy handling, full scalability, distribution via network and central administration confirm SafeGuard Easy as the security solution of choice for every organization whatever the size.
Pre-Boot Authentication - The user is authenticated by means of pre-boot authentication (PBA) before the system is started and therefore before the operating system is booted. Neither keys nor passwords are stored on the hard disk.
Hard Disk Encryption - SafeGuard Easy encrypts the entire hard disk or individual parts, irrespective of the file system (e.g. NTFS, FAT etc.) - sector by sector, including the operating system, temporary files and all information. SafeGuard Easy effectively closes the security gaps left open by arbitrary file encryption. Data that has been encrypted using SafeGuard Easy is securely protected from unauthorized access, even if the hard disk is removed.
Algorithms - SafeGuard Easy 4.30 supports the newly designated advanced encryption standard, AES, with 256 and 128 bit key length, Rijndael 256 bit as well as IDEA(128 bit), single DES (56 bit), Blowfish-16 (256 bit), Blowfish-8 (256 bit), Stealth-40 (48-64 bit), XOR (64 bit). This powerful and globally accepted algorithm guarantees maximum protection.
Encryption of External Data Media - SafeGuard Easy supports the secure exchange of data between individual company offices by using configurable data media encryption (such as floppy disk, ZIP, JAZ etc.).
What is new SafeGuard Easy in the version 4.20.0 has the following most important new features: The latest version of SafeGuard Easy contains many new functions, among other things certification to FIPS 140-2 (Level 1) and compatibility to Absolute’s Computrace Software.
Integrated boot manager (TWIN-BOOT) - Today, it is a frequent requirement that a laptop’s hard disk is split into a private, unprotected partition, managed by the user, and an encrypted partition that is managed by the user’s company. SafeGuard Easy now provides an integrated boot manager for this purpose, with which configurations of this kind, or similar ones, can be implemented easily and securely, from one central point. In this way the company data remains protected and the user has absolute freedom on their private partition, even when it comes to choosing the operating system.
Removable media encryption now also covers USB memory media - The range of removable media supported by SafeGuard Easy has now been extended to include the current generation of Plug and Play memory cards (USB memory sticks), so they can also be used for secure data exchange. In addition, it is now possible to temporarily switch encryption for an individual floppy drive or removable media disk drive on or off, separately from the others.
The system areas, individual partitions or a maximum of four hard disks can be encrypted SafeGuard Easy supports the following file systems: FAT-12, FAT-16, FAT- 32, HPFS, NTFS and NTFS5.
Operating Systems: Microsoft Windows 2000, Microsoft 2000 Server, on Microsoft Windows 2000 Advanced Server - is not supported!, works on Windows XP Home/Professional and Server 2003 Standard Edition.
Microsoft Windows XP with ServicePack 2 - is support!
Supported memory media: Hard disks (IDE, SCSI, serial ATA, PCMCIA, Firewire, USB), Floppy disks Removable media such as ZIP/JAZ, USB memory sticks.
What's New In v220.127.116.11:
• The Demo-Version now can be installed by using all of the additional authentication tokens of the AddOnSetup package.
• ‘System Error 6’ no longer appears at the installation of the AddOnSetup package.
• Now it is possible to install SafeGuard Easy even if ‘Microsoft Visual Studio .NET’ is already installed before.
Features in v18.104.22.168:
Certification to FIPS 140-2 Level 1: SafeGuard Easy now complies with the guidelines of FIPS 140-2 Level 1 (FIPS= Federal Information Processing Standard) certification by the American National Institute of Standards and Technology (NIST). NIST defines the security criteria for encryption products used by the American government.
SafeGuard Easy is planned to receive full certification in the first quarter of 2006.
SafeGuard Easy is already certified in accordance with the Common Criteria standard, Evaluation Assurance Level 3 (EAL 3). With Evaluation Assurance Level 3 SafeGuard Easy was awarded the attribute "Medium", after an intensive security test, which is a high level for a software product.
Compatibility with Absolute Computrace software: When Computrace is installed, a stolen computer reports in via a network and gives its location. The compatibility with SafeGuard Easy means that this now also works with encrypted hard disks.
SafeGuard Easy is prepared for being compatible with Computrace. Full compatibility requires a Computrace Software version which is at the moment not yet released by Absolute Software.
Web Self Help1: The SafeGuard Easy Web Self-Help enables an ordinary user to help themselves in case of a forgotten SafeGuard Easy password. This will lead to an overall decreased number of help-desk calls that are purely related to forgotten passwords, and thus the help-desk personnel will have more time to work on less trivial support cases.
There are also various solutions for Challenge/Response in a pure software or CryptoServer hardware based Hiding the SAL dialog: The SafeGuard Easy SAL function automatically logs users onto the operating system. The user activates the SAL via a dialog prompt. To prevent users from refusing automatic Windows logon, SafeGuard Easy can suppress this dialog, if required, and run the SAL without a prompt variant.
Support of Lenovo’s Client Security Solution (CSS) 6.0 and Rescue and Recovery (RnR) 3.0: SafeGuard Easy already supports former versions of Lenovo’s Thinkvantage technologies. With SafeGuard Easy 4.30 we are still compatible to the new software releases of CSS and RnR.
Rules for token PIN's: SafeGuard Easy supplies special rules for passwords, for example, a configurable list of forbidden passwords, extended rules for special characters etc. In future these password rules will also apply for token PIN's. When users choose their PIN they must comply with these rules, or their PIN will not be permitted.
Additional Client information in the Administration Console: In the current version, there is more informational content in the Administration Console. A function now shows when (date, time) an SGE Client last finally sent its current configuration data to the SGE Server. The Helpdesk uses this information, among other things, to check whether the SGE Client is operating with the most up to date settings.
Optional extendibility: SafeGuard Easy is not a stand-alone solution. Benefiting from the wide range of Utimaco's product portfolio, the customer can extend SafeGuard Easy in many directions to meet their requirements. For example:
- A web-based helpdesk interface with connected Hardware Security Module (HSM) for key management or biometric voice recognition via a VoiceTrust server offer additional helpdesk options, which are of particular benefit in large-scale environments.
- Transparent file and folder encryption guarantees that data for working groups remains confidential on the network or terminal server.
- The implementation of extended security guidelines, for example for access to PnP devices, exchangeable data media (CD/DVD) or certain file types, protects against unauthorized data export and import, and prevents computer viruses from being smuggled in.
- Single Sign On (SSO) increases user-friendliness and reduces helpdesk costs. It can be implemented on almost every password-based application, locally, on the web or on the terminal server.
- Small mobile devices such as Pocket PCs can also be protected just as efficiently using SafeGuard PDA, SafeGuard Easy's stablemate.
ATTENTION: All tokens already issued with SafeGuard Easy credentials can no longer be used and must be issued again!
Do Utimaco Products have Backdoors?
Question: Does Utimaco have backdoors to its SafeGuard products that would allow access to encrypted data in case users have forgotten their passwords?
Answer: Utimaco security products (SafeGuard Easy, PrivateDisk, Private Crypto, PDA and LANCrypt) do not offer any backdoors whatsoever, which would allow to access encrypted data without knowledge of a proper password or certificate key.
SafeGuard products provide a number of mechanisms that allow the custo-mers themselves to take precaution.
For example, customers can configure recovery passwords or certificates for administrators for all products except of PrivateCrypto. These passwords or certificates can be used to allow users to reset their passwords or to grant access to encrypted data.
Attention: If these recovery functions have not been configured by the customer, there is no way for the customer himself nor Utimaco to access/decrypt the data if the user password has been forgotten.
Size: 51.2 MB