Modern corporate networks face two interrelated risks: data leaks (through removable drives, mobile devices, and shared network resources) and threats that infiltrate the organization along with connected devices (such as automatic installation of malware from USB drives or compromised external disks). Moreover, multiple separate management consoles (Defender, Firewall, BitLocker, and access policies) make it difficult to maintain unified and efficient security control.
DataGuard from Axence nVision® addresses this practical challenge by providing centralized control over external media and network resources. It reduces the risk of data leaks, blocks malicious auto-runs from removable devices, and consolidates management of built-in Windows security tools—without the need to use multiple separate utilities. It is important to note that DataGuard is not a full-fledged DLP solution but rather an nVision module designed for applied device and resource control, file operation auditing, and basic data loss prevention. This article provides an overview of the DataGuard module’s functionality.
Full Control Over Network Resources
DataGuard enables monitoring of file operations on shared network resources—even when they are hosted on devices that do not support the nVision Agent (e.g., Synology, QNAP). This ensures complete transparency of how corporate data is handled, regardless of the device type.
Data Leak Prevention
The module minimizes the risk of confidential information leakage through external or mobile storage devices. Administrators can monitor USB drives, memory cards, and other connected devices, defining who is authorized to copy or transfer specific data.
Corporate Network Security
DataGuard prevents the spread of malware that can automatically run from USB drives or external disks. This helps avoid the compromise of workstations and servers—even in cases where antivirus software has not yet detected the new threat.
Integration with Windows Defender
DataGuard allows administrators to manage Windows Defender parameters directly from the nVision console. They can review detected threats, modify protection settings, and centrally control the antivirus status across all workstations.
Windows Firewall Management
The module integrates with Windows Firewall, enabling administrators to enable or disable the firewall for selected connection types, create traffic rules, and view the protection status on each computer in the network.
BitLocker Encryption Support
DataGuard supports integration with Windows BitLocker encryption technology, providing an additional layer of data security. The system allows administrators to check TPM module status and control volume encryption processes, protecting sensitive data from unauthorized access.
Complete Feature Set of DataGuard from Axence nVision®
- Automatic assignment of default monitoring and security policies to users
- Removal of inactive or missing data storage devices (e.g., USB drives)
- Alerts when an untrusted device is connected (without the “trusted media” attribute)
- Centralized configuration of rules for the entire network, individual network cards, and for Active Directory groups and users
- Integration of user and group databases with Active Directory
- Notifications about mobile device connections/disconnections and file operations performed on them
- Policy definition for transferring corporate data by employees with appropriate permissions
- Access to information about devices connected to a specific computer
- Generation of a list of all devices connected to computers in the network
- Audit (history) of connections and file operations on mobile devices and shared network resources
- Management of access rights (read, write, execute) for devices, computers, and users
Conclusion
DataGuard from Axence nVision® is a module designed for centralized control of external devices and shared network resources, file operation auditing, and consolidation of built-in Windows protection (Defender, Firewall, BitLocker). It reduces the risk of data leaks from storage media and safeguards the network from threats introduced by connected devices—ensuring transparency and manageability through a single console.
Axence nVision® is a comprehensive platform for centralized IT infrastructure management and enhanced cybersecurity. It combines six functional modules into one integrated solution, allowing organizations to control network resources, users, devices, and installed software, while providing secure and efficient remote technical support.
Axence nVision® modules:
Through seamless interaction between these modules, nVision® forms a unified information environment that allows organizations to manage IT resources, monitor security status, and improve employee efficiency.
The combined use of all system components ensures a consistent, stable, and secure infrastructure that supports business continuity and reduces IT workload.
