R-Guard data security system |
R-Guard is Windows independent Security System that enables its users to set the
rights either for users or applications to access and/or modify file system
objects on any file system including FAT. For example, the administrator can
forbid access to any or all .doc file objects for all applications except Microsoft Word.
After that, even if any virus application starts in the system, the file would never
be corrupted or deleted by the virus. Then the administrator can forbid a
peer-to-peer file exchange program access to all files in the system except files in its
own folder(s). In this case, even if that program launches a trojan, it will never get
access to the data or system files. Such protection level cannot be achieved by the
standard Windows security services because they control access to files basing on the
user's access rights, which the trojan can easily obtain. R-Guard controls the access
rights for each program/application individually.
|
R-Guard files encryption |
R-Guard is Windows independent Data Encryption System that enables its users to encrypt
file objects and keep them encrypted on a hard drive on any file system including FAT
and even on a virtual hard drive on a remote file server. Files from the remote
server are transferred in the encrypted form and decrypted on the host only.
To ensure strong and fast encryption, R-Guard uses an industry standard
AES encryption algorithm with 256-bit key in the Cipher Block Chaining mode.
To secure encryption key generation, the R-Guard Data Encryption System uses a
complex randomized block key and variable-length key generated from the user
password (MD5 algorithm).
|
R-Guard self-protection |
- secure connection between R-Guard control panels and kernel
- protection of R-Guard modules and audit files from unauthorized access
- protection against R-Guard kernel debugging and unhooking
- only R-Guard Users can manage and uninstall R-Guard
|
|
R-Guard features and benefits |
Total control over file/folder operations at the user application level
- two types of access control: user-specific and process-specific access rights
- ability to completely isolate any file from any process
- file access blocking (Read\Write\Rename\Delete)
- can block start of any executable file (EXE DLL COM BAT HTML XML JS CLASS, 32/16bit applications, Win32, Win16, Dos, DPMI)
- file system-independent extended attributes stored in a distributed database ( UNIX-stile data security architecture). This allows the user to set extended attributes on removable network media
- true file/folder hiding and wiping file on delete to prevent unauthorized data recovery.
Strong data encryption
- easy to use but uncrackable file encryption and protection against unauthorized file opening and modification (CRC-128)
- user can create a backup of encrypted data / files on external devices visible by the host operating system, such as a Floppy Disk, CD, Flash Card, USB, etc.
Flexible and detailed audit
- user activity audit: user login, logoff, etc.
- flexible and detailed audit of all operations for any file
- compact binary audit format to save disk space
- processes - file operations linking
- powerful audit search by file masks and regular expressions
|
R-Guard data audit system |
R-Guard users can easily trace information about what users and/or applications
started by any user accessed a particular file object and what action was taken:
read, write, execute, delete, etc.
|
|