FUJITSU Security Solution IT Policy N@vi Functional ... · IT Policy N@vi performs diagnosis based on the security policy and provides functions to ... but also Android, iOS, and

July 27, 2015

FUJITSU Security Solution IT Policy N@vi Functional Description

IT Policy N@vi Functional Description

i Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

Preface

Purpose of this guide FUJITSU Security Solution IT Policy N@vi Functional Description describes contents for acquiring the knowledge required to use the functions provided, deployment effects, and operating environment. IT Policy N@vi Functional Description can also be used to understand the functions provided before deploying the service.

In this guide, FUJITSU Security Solution IT Policy N@vi is described as IT Policy N@vi.

Readers of this guide - People considering deploying IT Policy N@vi

- People who want to familiarize themselves with a functional overview of IT Policy N@vi

Organization of this guide This guide is organized as follows.

- Chapter 1 IT Policy N@vi Introduction

Provides an overview of IT Policy N@vi, and describes its features, main functions, and more.

- Chapter 2 Functional Description

Describes the IT Policy N@vi functions.

- Chapter 3 Operating Environment

Describes the operating environment of IT Policy N@vi.

How to read this guide Read this guide when considering deploying IT Policy N@vi or to familiarize yourself with a functional overview of IT Policy N@vi.


ii Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

Positioning of this guide

Timing For use by Manual name

Pre-deployment /

Deployment

Administrator IT Policy N@vi Functional Description (this guide)

Administrator IT Policy N@vi Policy Deployment/Operation Guide: Security

Administrator IT Policy N@vi Policy Setting Guide

Administrator, user IT Policy N@vi Overview Help

Client installation

User IT Policy N@vi Windows Client Installation Guide

User IT Policy N@vi Android Client Installation Guide

User IT Policy N@vi Mac Client Installation Guide

Administrator, user IT Policy N@vi iOS Setup Guide

Operation/ Description of

functions

Administrator, user IT Policy N@vi Operational Help

Option subscriber IT Policy N@vi Environment Update Option Operation Guide

Notation in this guide

Item Description method Description

Note Note Describes items that should be given particular attention during operation.

Tips Tips Describes supplementary points for operation.

See Manual name: italics Title (item): " "

- For a reference within the same manual: For details see "2.2 Basic Functions."

- For a reference to another manual or help document: For details of functions, see IT Policy N@vi Operation Help.

Operating system notation Windows 8 and Windows 8.1 are generally abbreviated as Windows 8.

Export control laws Users wishing to export or provide this guide to a third party must check the applicable export laws and regulations of the country they live in or U.S. export laws and regulations, and follow the necessary procedures thereon.

Trademarks - Adobe Flash Player is a trademark or registered trademark of Adobe Systems Incorporated

in the United States and/or other countries.

- Android is a registered trademark of Google Inc.

- iOS is a trademark or registered trademark of Cisco Systems Inc. and/or its affiliates in the United States and certain other countries.


iii Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

- Windows is a registered trademark of Microsoft Corporation in the United States and other countries.

- Other product and/or company names appearing in this guide are the trademarks or registered trademarks of their respective owners.

- The TM or R symbols are omitted for some system and product names appearing in this manual.

Notes - Fujitsu Systems West Limited holds the copyright to IT Policy N@vi.

- The use or reproduction, in whole or in part, of IT Policy N@vi or this guide without the permission of Fujitsu Systems West Limited is prohibited.

- Fujitsu Systems West Limited assumes no responsibility for any loss or damage arising from the use of IT Policy N@vi or this guide.

- The IT Policy N@vi specifications and the matters described in this guide are subject to change without notice.

- The use of IT Policy N@vi is permitted in accordance with the accompanying "License agreement." Be sure to read the license agreement accompanying this product. Customers must indicate acceptance of the terms of this license agreement before using this product.

- The IT Policy N@vi source code is confidential information of Fujitsu Systems West Limited and/or the developer. Disclosing the source code without the permission of Fujitsu Systems West Limited is prohibited.

- The screenshots appearing in this guide may differ from actual screen displays.

Publication date and edition March 2015 Version 1.0

Copyright notice Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

Revision history

Change Location Version

Published together with release of Version 4 - Version 1.0


iv Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

Contents

Chapter 1 IT Policy N@vi Introduction ............................................................................................. 1 1.1 What is IT Policy N@vi? ............................................................................................... 2 1.2 Features of IT Policy N@vi ........................................................................................... 4 1.3 Main Functions of IT Policy N@vi ................................................................................. 6

1.3.1 Basic functions ................................................................................................ 6 1.3.2 Optional functions............................................................................................ 6

1.4 Effects from Installing IT Policy N@vi ........................................................................... 7 1.5 Configuration and Overview of IT Policy N@vi ............................................................ 8 1.6 Operation Image of IT Policy N@vi .............................................................................. 9

Chapter 2 Functional Description ................................................................................................... 10 2.1 Function List ................................................................................................................. 11 2.2 Basic Functions ........................................................................................................... 12

2.2.1 Policy setting ................................................................................................. 12 2.2.2 Security management for PCs ...................................................................... 12 2.2.3 Security management for smartphones and tablets ..................................... 12 2.2.4 IT asset management ................................................................................... 13 2.2.5 Sustainability management ........................................................................... 13 2.2.6 Dashboard ..................................................................................................... 13

2.3 Optional Functions ...................................................................................................... 14 2.3.1 Environment update option ........................................................................... 14

Chapter 3 Operating Environment .................................................................................................. 15 3.1 Network Requirements ............................................................................................... 16 3.2 Operating Environment ............................................................................................... 17

3.2.1 Managed devices (clients) ............................................................................ 17 3.2.2 Management console .................................................................................... 17 3.2.3 Option console .............................................................................................. 17


1 Copyright 2015 FUJITSU SYSTEMS WEST LIMITED

Chapter 1 IT Policy N@vi Introduction

IT Policy N@vi is an all-in-one cloud solution that provides a secure and comfortable IT environment to realize IT governance.

This chapter provides an overview of IT Policy N@vi, and describes its features, main functions, and more.

1.1 What is IT Policy N@vi? 1.2 Features of IT Policy N@vi 1.3 Main Functions of IT Policy N@vi 1.4 Effects from Installing IT Policy N@vi 1.5 Configuration and Overview of IT Policy N@vi 1.6 Operation Image of IT Policy N@vi



1.1 What is IT Policy N@vi? As seen in the rapid expansion and widespread use of cloud services and mobile devices, such as smartphones and tablets, customers' environments for device usage have been dramatically changing.

IT Policy N@vi is a cloud service that provides integrated operations management based on "IT Policies" to support customers' risk management and business continuity in their diverse environments.

Figure 1.1 Product concept

IT Policy N@vi offers functions based on the following "IT Policies," which encompass the product concept.

Security policy IT Policy N@vi performs diagnosis based on the security policy and provides functions to improve compliance of managed devices for the "safe and secure" use of PCs and mobile devices.

Mobile security policy IT Policy N@vi provides functions to maintain security for mobile devices, such as smartphones and tablets, and to establish risk countermeasures for lost or stolen devices.

IT asset management policy IT Policy N@vi provides functions to conduct centralized management of IT resources including PCs, mobile devices, network devices, and software licenses.



Sustainability policy IT Policy N@vi provides functions to apply a sustainability policy to help conserve the global environment.

System usage policy IT Policy N@vi provides optional functions for smooth system usage, such as software updates.

The system administrator sets or applies these "IT Policies" to IT resources such as PCs and mobile devices, to realize "visualization" and "optimization assistance" for operation management of IT resources.

Figure 1.2 Optimization of operation management of IT resources



1.2 Features of IT Policy N@vi This section describes the features of IT Policy N@vi.

Multiple policies for each office Policies, both in-house and external, can be set according to the rules or user literacy at domestic and international offices.

Figure 1.3 Multiple polices for each office

Support for multiple devices IT Policy N@vi supports not only Windows PCs, but also Android, iOS, and Mac OS devices to allow centralized management and reduce the system administrator’s work related to operation management.

Figure 1.4 Support for multiple devices

Visualization via the Web dashboard The Web dashboard visualizes the security status and inventory information of all terminals. IT governance is realized even for distant or overseas offices through this visualization.



Figure 1.5 Visualization via the Web dashboard

Quick installation by cloud Since IT Policy N@vi is a cloud service that does not require server installation, implementation is quick and low cost. Also, after going live, there is no work related to server operation or maintenance required.

Figure 1.6 Cloud service



1.3 Main Functions of IT Policy N@vi This section describes the main functions of IT Policy N@vi, divided into the basic functions and optional functions.

1.3.1 Basic functions The basic functions of IT Policy N@vi are as listed below.

For details of the basic functions, see "2.2 Basic Functions."

-- Policy setting

-- Security management for PCs

- Password settings checks

- PC functionality restrictions

- Recording logs

-- Security management for smartphones and tablets

- Countermeasures for missing devices

- Hardware functionality restrictions

- Software functionality restrictions

-- IT asset management

- Acquisition of user terminal information

- Software license management

- Inventory

-- Sustainability management

- Printing management

-- Dashboard

1.3.2 Optional functions The optional functions of IT Policy N@vi are listed below.

For details of the optional functions, see "2.3 Optional Functions."

Environment update option -- Program installation

- Program registration

- Remote installation

-- File distribution

- File registration

- Remote distribution



1.4 Effects from Installing IT Policy N@vi This section describes the effects from installing IT Policy N@vi.

Senior management From the collected and analyzed data, it is possible to check the IT governance status, recognize problems that the organization faces, and create an improvement plan for the effective use of IT assets.

System administrator The system administrator can check the operational status of all users’ terminals at a glance. In addition, when a problem occurs, the system administrator can take efficient action by using the collected information and Internet support tools.

Users Users can comply with the policies of the organization even without being aware of them, while at the same time, they can increase their productivity as they can use their terminals comfortably.



1.5 Configuration and Overview of IT Policy N@vi IT Policy N@vi is made up of the SaaS function hosted in a cloud and the client function to be installed on each client.

The role of the client function includes restricting operation on clients and sending information to the cloud servers.

There is no client program for iOS since the standard functions provided by Apple include the equivalent functions.

The configuration and overview of IT Policy N@vi are shown below.



1.6 Operation Image of IT Policy N@vi The following shows an operation image of IT Policy N@vi.

Figure 1.7 Operation image of IT Policy N@vi



Chapter 2 Functional Description

This chapter describes the functions of IT Policy N@vi.

2.1 Function List 2.2 Basic Functions 2.3 Optional Functions



2.1 Function List The following tables list the IT Policy N@vi functions.

Table 2.1 Basic functions

Basic function Function

Policy setting

Security management for PCs Password settings checks PC functionality restrictions Recording logs

Security management for smartphones and tablets

Countermeasures for missing devices Hardware functionality restrictions Software functionality restrictions

IT asset management Acquisition of user terminal information Software license management Inventory

Sustainability management Printing management

Dashboard

Table 2.2 Optional functions

Optional function Functions

Environment update option Program installation - Program registration - Remote installation File distribution - File registration - Remote distribution



2.2 Basic Functions This section describes the basic functions of IT Policy N@vi.

To use basic functions of IT Policy N@vi, a management terminal and the user terminals must be connected to the service environment. For some types of user terminals or for some installed OSs, some functions cannot be used.

2.2.1 Policy setting The operation manager uses this function to create policies that are to be assigned to each user terminal from the management terminal, and then to register them in the service environment. Created policies are applied to user terminals.

2.2.2 Security management for PCs This function manages PC security. It includes the following functions.

-- Software check The operation manager is able to check the version of software that is installed on user terminals from the management terminal.

-- Password settings check The operation manager checks whether user terminals have been set to require a logon password or a terminal unlock password from the management terminal.

-- PC functionality restrictions The operation manager can prohibit the following operations from the management terminal.

- Launching of software on a user terminal

- Using USB devices

- Printing

- Attaching files to e-mail messages

- Accessing Web servers

- Downloading files from Web servers

-- Recording logs Logs about software start/end, e-mail transmission, and printing operation occurring on user terminals are automatically sent from the user terminals to the service environment. In addition, the operation manager can view the logs from the management terminal.

2.2.3 Security management for smartphones and tablets This function manages of smartphone and tablet security. It includes the following functions.

-- Countermeasures for missing devices From the management terminal, the operation manager can lock a device, wipe a device, delete data from a device, or block data transmission from a device.

-- Hardware functionality restrictions From the management terminal, the operation manager can restrict or prohibit use of the following functions on a user terminal: making phone calls, taking pictures using the internal camera, Bluetooth transmission, and Wi-Fi transmission.

-- Software functionality restrictions From the management terminal, the operation manager can restrict or prohibit launching of



software on a user terminal.

2.2.4 IT asset management This function manages IT assets. It includes the following functions.

-- Acquisition of user terminal information This function automatically sends hardware information (CPU type, amount of installed memory, etc.) and software information (OS type, a list of installed software, etc.) of a user terminal to the service environment.

-- Software license management The operation manager can view the total number of installations of each software title based on the software information collected and sent to the service environment from the user terminal.

-- Inventory

- The operation manager can send a message to request an inventory check from the management terminal to the user terminals.

- Information including the user name and installation location of the terminal is input from the user terminal, and then it is sent to the service environment.

- From the management terminal, the operation manager can view the information that is sent from the user terminal to the service environment by using this function.

2.2.5 Sustainability management The sustainability management function includes the following functions.

-- Printing management From the management terminal, the operation manager can view or restrict the number of sheets printed from a user terminal.

2.2.6 Dashboard The dashboard includes the following functions.

-- From the management terminal, the operation manager can check information sent from user terminals to the service environment (CPU type, amount of installed memory, OS type, list of installed software, etc.) and the policy observation status etc. for each user terminal.



2.3 Optional Functions This section describes the optional functions of IT Policy N@vi.

2.3.1 Environment update option The environment update option has the following functions. To use the environment update option, the management terminal and user terminals must be connected to the service environment via the Internet. For some types of user terminals or for some installed OSs, some functions cannot be used.

-- Program installation

- Program registration From the management terminal, the operation manager can register arbitrary program data in the service environment or on a server owned by a customer.

- Remote installation From the management terminal, the operation manager can install program data that has been registered with the above program registration function on an arbitrary user terminal.

-- File distribution

- File registration From the management terminal, the operation manager can register arbitrary file data in the service environment.

- Remote distribution From the management terminal, the operation manager can distribute file data that has been registered with the above file registration function to an arbitrary user terminal.



Chapter 3 Operating Environment

This chapter describes the operating environment of IT Policy N@vi.

3.1 Network Requirements 3.2 Operating Environment



3.1 Network Requirements This section describes the network requirements of IT Policy N@vi.

To use IT Policy N@vi, the managed devices and the PC for management must be connected to the Internet.

Figure 3.1 Network requirements

-- If your intranet is connected to the Internet via a proxy server, the proxy server must support HTTP1.1.

-- If your intranet is connected to the Internet via a firewall, a rule for the firewall to permit HTTPS communication must be added.

When Android or iOS devices are used exclusively in a Wi-Fi environment When Android or iOS devices are used exclusively in a Wi-Fi environment and connection to the Internet is via a firewall, port "5223/tcp" must be open.



3.2 Operating Environment This section describes the operating environment for IT Policy N@vi.

3.2.1 Managed devices (clients) For the latest operating environment for the managed devices (clients) of IT Policy N@vi, see the product website.

<URL for the operating environment for IT Policy N@vi (V3)>

http://www.fujitsu.com/jp/group/fwest/en/business/itpolinavi/environment/

Note Please note that Fujitsu Systems West does not provide support for problems inherent in an OS for which its supplier no longer provides support, or for problems with IT Policy N@vi attributed to problems inherent in an OS.

3.2.2 Management console The IT Policy N@vi management console operates in the following environments.

-- Microsoft Internet Explorer 10

-- Microsoft Internet Explorer 11 (*1)

-- Mozilla Firefox 7 or later (*2)

*1: Microsoft Internet Explorer Metro Mode is not supported. *2: Only the Web browsers running on a Windows OS are supported. Web browsers other than the above can also be used so long as Adobe Flash Player 10.2 or later is installed. However, note the layout may not be displayed correctly and there may be operational issues.

3.2.3 Option console The option console has the same operating requirements as the Windows OS in "3.2.1 Managed devices (clients)."

Tips For other considerations regarding the operating environment, see the Limitations and Considerations on Use of IT Policy N@vi, which can be downloaded from the following URL. http://jp.fujitsu.com/group/fwest/downloads/services/itpolinavi/itpn-attention-en.pdf

Documents

FUJITSU Security Solution IT Policy N@vi Functional ... · IT Policy N@vi performs diagnosis based on the security policy and provides functions to ... but also Android, iOS, and