Tools combat threats to XPE thin clients

Windows XP Embedded devices now covered by SecureWave's Sanctuary

SecureWave has announced its Sanctuary security tools have been extended to cover devices running Windows XP Embedded (XPE) as well as PCs. The move primarily addresses the malware threat on high-end thin-client terminals, the firm said.

Organisations typically deploy thin clients for greater security and to reduce management costs. But people often assume that thin clients are automatically secure, and this is not necessarily the case for the more capable high-end models that are needed to access modern web-based applications, according to SecureWave.

“Every XPE thin client is basically a cut-down Windows PC, with the same security issues,” said SecureWave’s Dennis Szerszen.

On PCs, Sanctuary Device Control lets an administrator set policies governing the use of USB peripherals such as Flash drives, cameras, and iPods, while Application Control only allows the execution of applications from an authorised whitelist.

For thin-client deployment SecureWave has developed client-side components that can be executed from a virtual disk, because XPE terminals do not have a hard disk as standard. These components will be installed in thin clients for customers by their systems integrator or by the terminal vendor, rather than being deployed across the LAN as with standard desktop applications.

“One of the reasons we developed Sanctuary for XPE is because the solution providers asked for it,” said Szerszen.

SecureWave’s Sanctuary Device Control and Application Control are licensed on a per-seat basis, with tiered rates for large customers.