Guests can download agents from SafeAccess and, with local administrator privileges, install them. Otherwise, when an agentless system opens Internet Explorer and attempts to access a Web site, the user will be redirected to SafeAccess and told to install the ActiveX component and have the host assessed. SafeAccess can allow hosts to access some Web sites, like Windows Update, without passing an assessment. However, be careful how you define allowable URLs: By default, Microsoft.com is defined as an accessible host. That means when IE starts up, if the home page is Microsoft.com, it will be granted access. The user won't be assessed until she goes elsewhere.
Note that once the ActiveX agent is running and the host passes the assessment and has been moved to the production network, the browser window must remain open to keep the ActiveX agent running. Agentless assessment uses either user-supplied credentials on the host or domain administrator credentials defined in SafeAccess. Multiple accounts may be added per domain, and multiple domains can be defined.
WATCH AND LEARN
SafeAccess' monitoring facilities are acceptable; however, report generation lacks important features, and troubleshooting is difficult at best. Endpoint activity is monitored and IT may generate a list of computers that are granted access, quarantined, or transitioning from one state to another. A variety of host data is available for real-time and historical reporting.
SafeAccess ships with some canned reports, but there's no facility to create new templates or schedule reports. We could, of course, use syslog to forward events, but that's cumbersome, requiring command line configuration. StillSecure does have an API that uses Java Message Service to respond to requests, and SafeAccess ships with sample scripts for using JMS. If you have developers, you may be able to roll your own reports--however, we'd really like to see custom reporting, report scheduling, and simpler event forwarding built into the product. Still, at $20 per user at 2,500 seats, pricing is on par with functionality.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
