GCN LAB REVIEWS
A secure key drive you can operate from the cloud
- By Greg Crowe
- Jun 08, 2012
In setting up telecommuting systems for a government office of any size, safe secure file transfer is paramount, especially for files that are worked on at multiple locations by the same user.
There are many ways to do this. A cloud solution is relatively inexpensive and can keep file versions current quite well. However, this requires constant connection to the Internet, something that can’t be done all the time, like, say, during an airline flight. A portable flash drive can provide constant access, but there is the risk of stolen data in the event the drive becomes lost, even for encrypted models.
The Defender 2000 from Kanguru might be the solution to this potential problem. It is an encrypted USB flash drive with remote Web-based management capabilities. The model we tested had 4G capacity, which was portioned into a 23.3M read-only section that has the authentication and setup files, and the drive, which had 3.49G of usable space after necessary system files.
Kanguru Defender 2000 (KDF2000-4G)
Pros: Enterprise management; good encryption.
Cons: Remote manager priced per device.
Ease of Use: A
Price: $70 ($67 government)
Secure flash drives need to take it to the next level
The Defender 2000 has the 256-bit AES hardware encryption we have come to expect from such devices. What was unexpected, however, was an on-board virus scanner. By bringing up the manager interface, we could initiate a scan of the entire device or a specific folder or file. Real-time scanning can also be implemented.
Even with the real-time antivirus enabled and all the encryption going on, the Defender 2000 was pretty fast. When transferring files to the device, we averaged a rate of 96.5 megabits/sec. When going the other way, with decryption and no active antivirus scan, we achieved transfer rates of 182.8 megabits/sec. These are good levels of bandwidth usage for a USB flash drive with that level of encryption, not to mention the antivirus scans.
The Defender 2000 is FIPS 140-2 Level 2 compliant — it wouldn’t make sense to have a secure flash drive that wasn’t. But in addition, Kanguru is in the process of obtaining Level 3 certification. This additional certification will indicate that the Defender can also resist physical tampering, and Kanguru is confident that it will be completed in July.
What sets the Defender 2000 apart from many encrypted flash drives is the remote management capability. Kanguru Remote Management Console Enterprise is a Web-based control console that can be deployed either on one of your servers or within Kanguru’s cloud. It lists all of the devices and the IP addresses at which they were last seen.
We set our test device to demand a change of password the next time it was plugged in to a networked computer, and, sure enough, we were prompted to make the change as it was mounting. We were even able to set the length and strength of the password from the console. Actions can be set to reset the device, causing all of the data to become inaccessible, and control whether the device can be used offline. These functions are crucial for having any kind of workable flash drive policy, and KRMC makes it possible to implement them.
Kanguru is selling the Defender 2000 4G model for $70, or $67 under a government contract. We felt that this was a good price for a secure flash drive, let alone one with the features that the Defender 2000 has. The KRMC Enterprise is sold for $25 per device being managed, with volume discounts for government purchasers. This is definitely worth the cost for any organization that wants to allow its users to be able to use key drives but also wants control over their use. It earns our Reviewer’s Choice designation for being one amazing choice for a key drive.