Secure Access

Trust Endpoint Access to Your Cloud and Local Networks

Endpoint Compliance

MetaAccess Endpoint Compliance included in the base MetaAccess Platform extends well beyond standard compliance checks to ensure with the highest degree of confidence that your endpoints are secure. In addition to checking OS level, Security Software, Encryption, Password and Firewall settings, there is functionality to check for vulnerability and patch management, manage potentially unwanted applications, and USB media blocking. When combined with our Advanced Endpoint Compliance module, MetaAccess provides the most comprehensive check in the industry.


MetaAccess Compliance helps your organization realize compliance by detecting and classifying which applications are installed on any endpoint and enabling your organization to monitor and manage these applications. It helps your organization assess and remediate application-specific settings.

Monitor and remediate the configuration of endpoint security applications

Check and update malware definitions on any endpoint. Check when a full system scan was last performed and launch one on any endpoint. Turn real-time protection on or off on any endpoint. Verify whether each endpoint’s firewall is enabled and enable them without any end user intervention. Verify whether anti-phishing protection is enabled on any endpoint.

Ensure that applications on any endpoint comply with policy and regulations

Check and update malware definitions on any endpoint. Check when a full system scan was last performed and launch one on any endpoint. Turn real-time protection on or off on any endpoint. Verify whether each endpoint’s firewall is enabled and enable them without any end user intervention. Verify whether anti-phishing protection is enabled on any endpoint.

Monitor and remediate application and operating system updates and patches

Detect third-party patch management applications and enable them if necessary. Detect which patches are currently installed on any endpoint, generate a list of missing patches, and automatically install them.

Verify that endpoints are encrypted per policy and regulations

Detect hard disk encryption software on each device and report which portions of each disk are encrypted. Leverages our patented method for assessing the encryption status of selected disks (Patent No. 10,229,069) and operates independently of third-party encryption algorithms and configurations. Supports all popular encryption solutions.

Powerful and Thorough information reporting and remediation

Support over 30 different product-specific remediations across all major operating systems. It gathers classified and unclassified application details, and in-depth configurations of security applications, including anti-malware, personal firewall, hard disk encryption, patch management, browsers, browser plugins, and many others. This enables organizations that must comply with regulatory frameworks to easily gather information from endpoints to help them achieve compliance.

Vulnerability and Patch Management

The Common Vulnerability Scoring System ( CVSS ), is an industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit.

Realizing limitations in CVSS, OPSWAT designed a new score system based on CVSS and big data analysis, we call " OPSWAT Severity Score ". It's a dynamic score, range from 0 to 100. With this new score, old or unimportant Common Vulnerability Exploits (CVEs) will be filtered out.

With this new score, we provide better information to make vulnerabilities easier to manage, when using OPSWAT scores old or unimportant Common Vulnerability Exploits (CVEs) will be filtered out.

Advanced Malware Protection

MetaAccess uses process scanning, connection scanning, and repeated threat reporting to provide an additional layer of malware detection. In addition, there is a multi-engine anti-malware service to greatly increase odds of near zero-day malware detection. These comprehensive features may find malware that endpoint anti-malware applications have missed or could not remediate. This capability looks for indications of whether an endpoint is infected, even though it complies with security policies and regulations. MetaAccess can greatly increase malware detection with Anti-Malware Multi-Engine Scanning. While one anti-malware can’t detect all malware issues

Process Scanning

MetaAccess scans all running processes and their loaded libraries. This may identify threats that the anti-malware product installed on the endpoint missed, by checking much more than installed applications. Your organization can accelerate process scanning by configuring the caching feature to only scan binaries that have not yet been analyzed.

Repeated Endpoint Threat Reporting

Repeated endpoint threats occur when users repeat the same behaviors that create the threat and when anti-malware applications fail to remove malware.  MetaAccess looks for repeated threats within each endpoint device to uncover persistent threats that the anti-malware application was not able to permanently remove.

Connection Scanning

Metaaccess enables your organization to scan all active network connections. It can detect all remote IP addresses connected to a device and compare those IPs to results that many IP reputation sources have reported. Each IP reputation source compares and categorizes the addresses according to the confidence rating of the IP.

Manage Potentially Unwanted Applications

MetaAccess can manage, block and even remove non-compliant or vulnerable applications. MetaAccess enables your organization to cleanly remove over 2,000 versions of popular applications (of both enterprise and consumer software) without any end user interaction. With it, your organization can silently detect such applications on any endpoint and completely remove them.

Comprehensive Removal

MetaAccess detects and removes anti-malware, personal firewall, and anti-phishing programs that conflict with your organization’s security policy as well as known vulnerable applications like Java, Adobe software (like Flash and Acrobat), browsers, and popular office software.

Automated Application Cleanup

MetaAccess automates the application cleanup process for difficult-to-uninstall applications and provides an easy way to terminate or remove these applications and remove all their files from any endpoint.

Works Silently without User Interactions

MetaAccess detects and removes potentially unwanted applications (PUAs) that can expose sensitive endpoint information without informed consent of the user (like browser toolbars, public filesharing programs, and backup or cloud-sync apps). This capability can be configured based upon the organization’s preferences to allow, block or remove the application.

Removes Corrupted Applications

MetaAccess is undeterred even under adverse conditions. It works when the program password is not known or has been forgotten and removes applications that the uninstaller has partially removed or requires forced end user interaction. Finally, it removes applications that no longer function or could not otherwise be uninstalled because required files or registry settings are missing or corrupted.

Removable Media Protection Module

MetaAccess manages removable media on endpoint devices, preventing the endpoint from connecting to any unexamined portable media, including flash drives, memory cards, SIM cards, CDs, DVDs and smart phones. It monitors endpoints for any removable media that end users insert and enables your organization to manage how each endpoint treats the media, based on preconfigured security policy.

Block. Protect. Secure.

MetaAccess can block any connection the media tries to make with an endpoint, and can block all connections, except those processes your organization specifies. It blocks all access to the media, while allowing this service to pass the content through advanced content security technologies, which verifies and sanitizes the data.

Highly Configurable

MetaAccess has highly configurable features to customize this solution to help organizations ensure that any data coming onto their environment is clean and safe to use.

Talk to us and Request a Demo