CompuSec Overview
This is the new CompuSec 4.15 Release. New functions and
several improvements in the user interface and the remote control capabilities
were added.
This product provides more powerful features for
securing your data company wide or in your personal environment.
2
Versions of CompuSec are available:
- A free SW version representing the
latest security technology.
- The e-identity based version
providing latest Public-Key technology on the highest security level.
Both product versions are professional products designed for use by
large organizations as well as individuals.
New in release 4.15
·
Single user installation on machines without a diskette is
now possible.
·
The encryption of removable medias and removable devices is
improved. Easier handling is implemented.
·
Installation and removal of CompuSec components is now
possible at any time.
·
The graphical user interface is improved for the service
menu.
·
Several minor bugs are fixed.
·
Additional support hotlines are available. Please check our
WEB pages for the telephone numbers.
CompuSec SW Version is free
The CompuSec version without
e-Identity token is free for both personal and commercial use.
- No
registration is necessary.
- CE-Infosys provides service and support for this free
version of CompuSec through telephone hotlines in Berlin, Singapore and
Washington.
- Additional support hot lines will follow.
- Maintenance contracts are available for those company
users who require fast guaranteed response time.
- Corporate customers may use the GlobalAdmin management
station to administer large numbers of CompuSec.
- Corporate customers may use CompuSec with and without
e-Identity in a mixed environment. Again the version without e-Identity is
free of charge.
- The free product is a full version without any
limitation. It is NOT a demo or trial version.
Functions and Features of the
free CompuSec version
- Access control with user ID and password
- Password reset code for lost passwords
- Emergency rescue diskette for lost password and
lost password reset code
- Security information will be generated during installation and can be stored on the media of your choice
- Hard disk encryption of all sectors (used and
unused)
- Hibernation mode support (Suspend to disk)
- The hibernation data are stored encrypted on the
disk
- Floppy diskette encryption
- Removable Media encryption (ZIP Drives…)
- Removable Device encryption
- Up to 8 hard disks can be encrypted
- Single Sign On for Microsoft Windows 2000 and
Microsoft XP
- Background encryption saves installation
time
- Encryption of USB Memory-Sticks
- Multiple Boot Device support
Functions
and Features of the e-Identity based CompuSec
This version of the product is sold together with a USB
based smart card token or with a smart card reader and a smart card.
Access control
- 2-factor authentication prior to the operating
system boot process
- USB bus access before the OS is loaded
- e-Identity based 2 factor access control
- A wide range of password policies are provided
for our corporate customers
- Forgotten passwords are no problems for
our corporate customers. Secure Remote Password Change will solve
the situation in a minute
- Multiple Boot Device support
Pre Boot PKI
- Public Key based access control before the system
boots
- Access granted based on validity of the
certificate
- Central management of user - computer relation
based on PKI
- Allows any number of user groups and flexible
computer pools
- Remote control for user assignment
(Add and remove users without touching the machine or the users
e-Identity)
- Multiple users per machine and multiple machines per
user
Hard disk encryption
- CompuSec provides sector based hard disk
encryption of the total hard disk. This includes encryption of the
operating system
- The keys are safely stored in your e-Identity
token either as USB token or as smart card
- The hard disk encryption supports virtual disk,
a great new opportunity for our corporate customers
- Hibernation mode support (Suspend to disk) stores encrypted hibernation data on
the disk
- Fast AES Algorithm with 128 or 256 bit key length
- Up to 8 hard disks can be encrypted
- The initial encryption of the hard disk can be
performed while the user continues his/her normal work.
Floppy encryption
- CompuSec comes with a sector based Floppy disk
encryption. Every sector of a floppy is encrypted
- A small Floppy icon at the task bar is used to
switch between plain and encrypted diskette operation
- Formatting in encrypted mode converts a normal
floppy to an encrypted floppy
- An encrypted diskette is seen as unformatted in a
non-encrypted drive
Removable device encryption
- CompuSec comes with a full media, sector based
encryption for removable devices like hard disks
- A small Floppy icon at the task bar is used to
switch between plain and encrypted operation
- Formatting of the removable device creates an
encrypted device
- An encrypted device is seen with unknown
partition type if the user does not own the media key
SafeLan
- This great product is now a part of CompuSec for
our corporate customers. Corporate users use a GlobalAdmin station to
manage SafeLan keys.
- Encrypted folders on the NTFS file server or on
your local NTFS partitions.
- SafeLan keeps file contents secret wherever your
files are, on the local drive, on the file server or on the backup made
from the file server.
- Your SafeLan keys are safely stored on your
e-Identity.
- Three sample keys come with the every e-Identity.
Private end users can try SafeLan without buying an Admin station.
IPCrypt Client VPN
- IPCrypt Client is inbuilt into CompuSec
- VPN client for Corporate users traveling
worldwide using any kind of connection
- Secure VPN client for http://www.guardmydata.com
services.
- VPN security for wireless LAN applications
Single Sign On
- Automatic logon at Windows 2000 and Windows XP
- Credentials stored inside the e-Identity
Pre Boot PKI
- Public Key based access control before the system
boots
- Access granted based on validity of the
certificate
- Central management of user - computer relation
based on PKI
- Allows any number of user groups and flexible
computer pools
- Multiple users per machine and multiple machines per
user
Certificate
Store
- CompuSec uses e-Identity as certificate
store for X509.V3 certificates
- e-Identity stores Logon certificates for
Microsoft Domain Server Logon
- e-Identity stores certificates for
E-Mail encryption and E-Mail signature.
Large
Customer Support
- e-Identity can be used in four different modes:
- User Mode; An
e-Identity managed by the GlobalAdmin using the PKI for an user
- Expert Mode; An
e-Identity managed by the GlobalAdmin using the PKI for an user
installing the system by himself
- Installer Mode; An
e-Identity managed by the GlobalAdmin using the PKI for an installer used
to install multiple systems
- Direct Access Mode; An e-Identity managed by the GlobalAdmin for
direct access from one user to just one computer
- An unattended automatic installation mode is
available for large organizations. Please contact your dealer or
CE-Infosys.
Options
The philosophy of CE-Infosys is to provide the customers the best
possible solution and make the solution as easy as possible for the users.
Following this philosophy as many functions as possible are integrated into the
CompuSec Security Suite. The customer can choose at installation
time what functions are installed. Therefore the list of options is very small
and contains only the central management station and custom specific
enhancements.
Central Management
GlobalAdmin is the solution
for central management of large numbers of CompuSec installations.
Any number of
users per computer can be assigned. At the same time each user can be
assigned to any number of computers.
The assignment of users to
computers is performed at the Admin station without physical access to the
users smart card or the computer.
Public Key Infrastructure
CompuSec customers may
use the CE-Infosys PKI which is part of the GlobalAdmin products and supports
e-Identity.
The use of e-Identity is
not limited to CompuSec security functions. User provided applications can
easily be secured using CompuSec.
Further
enhancements of the product will be announced at for http://www.ce-infosys.com
Installation Notes
CompuSec
comes with its own boot sector virus protection. Before installing
CompuSec any existing boot sector virus protection must be deactivated.
CompuSec will save the existing boot sector and replace it with the CompuSec
boot sector. After installation CompuSec protects the boot sector
with its integrated protection mechanisms. Anyway a normal BIOS based boot
sector protection may be activated again.
CompuSec Installation Tips
A single user installation
creates a file with all the keys required for a later service activity. This
file is named SecurityInfo.dat and it is recommended
to copy this file onto a reliable external media. Please store this file at a
safe place.
The security file
SecurityInfo.dat is required for the de-installation of the product or when the
password and the password-reset code are forgotten.
The security file
SecurityInfo.dat is related to a computer. They can only be used for the machine where they were initially
created.
The initial password after the
installation of CompuSec is “start123”.
The user ID must be 1 to 16 characters long. Characters can be alphanumeric.
The password must be 6 to 16 characters long. Characters can be alphanumeric.
The first time Windows is
started a MANUAL log on is required. CompuSec learns the password for future
automatic log on.
A CompuSec managed by a
GlobalAdmin station does not generate such a file. All the required data are
stored in the GlobalAdmin database.