3Com WX2200 3CRWX220095A Switch User Manual

Malicious Code Protection – Detects and blocks keystroke loggers
that capture usernames and passwords, Trojans that create back-door
user accounts, and Screen Scrapers that spy on user activity.
The Malicious Code module integrates a Virtual Keyboard function
that requires users to input confidential information such as
passwords using the Virtual Keyboard when accessing specific Web
sites, to protect against hardware keystroke loggers. This module uses
a combination of signatures for known exploits and behavioral
detection to protect against unknown threats.
Cache Cleaner – Ensures that Web browser information, such as
cookies, history, auto-completion data, stored passwords, and
temporary files are erased or removed upon termination of the user’s
session, inactivity timeout, or closing of the browser.
Connection Control – Controls network connections based on
Domain, IP address, Port, and Service. For example, Connection
Control can prevent a Trojan from sending out a confidential
document, downloaded legitimately through an SSL VPN tunnel, to a
malicious e-mail server (SMTP) using a second network tunnel.
Adaptive Policies – Sense the type and location of device and adjusts
access based on endpoint parameters such as IP range, registry keys,
and DNS settings
The SODA endpoint security modules are configured through Sygate
On-Demand Manager (SODA Manager), a Windows application.
SODA Manager is used to create a SODA agent, which is a Java applet
that is downloaded by client devices when they attempt to gain access
to the network. Once downloaded, the SODA agent runs a series of
security checks to enforce endpoint security on the client device.
SODA Endpoint
Security Support on
WX Switches
WX switches support SODA endpoint security functionality in the
following ways:
SODA agent applets can be uploaded to a WX switch, stored there,
and downloaded by clients attempting to connect to the network.
The WX switch can ensure that clients run the SODA agent security
checks successfully prior to allowing them access to the network.
Different sets of security checks can be downloaded and run, based
on the SSID being used by the client.