Endpoint OS Firewall
The anti-software DLP
Creates a hardware level isolated endpoint standalone “mini” VM/OS to prevent outgoing traffic to unauthorized recipients (or to enforce other security policy), preventing exfiltration even if the endpoint is infected or the user - inadvertently or intentionally - gives up network credentials. Even if a hacker successfully invades the endpoint OS, TrustWall prevents return communications, i.e., the hacker never knows the intrusion occurred and cannot receive data from the endpoint.
What TrustWall does
Security policy, such as whitelisting recipients, is set at the Admin level and cannot be altered at the user level because TrustWall resides in our hardware-enforced firmware mini-VM or mini-OS. But TrustWall can be used to enforce other policy as well which establishes rules for outgoing traffic. The applicable policy can be altered or updated remotely from time to time.
Why we created TrustWall
To eliminate vulnerabilities of commercial endpoint firewall and related security products that are software-based and therefore inherently accessible to sophisticated and zero-day malware. This is more important than ever as new OS code vulnerabilities are continually discovered that can allow hackers to obtain Escalated Privileges, perform Remote Side Execution, etc. With TrustWall, while an attack might invade the endpoint, the hacker will never know it.