logo ZONECENTRAL, confidentialité et cloisonnement

Encryption for fixed and roaming workstations

ZONECENTRAL automatically applies the enterprise encryption policy in order to protect all files and sensitive zones on the workstation, including those saved in the user profile. Temporary files are encrypted along with the swap file and the browser cache.
ZONECENTRAL also protects virtualized workstations.

Data confidentiality vis-à-vis the operator

The data always remain encrypted on the servers (no unencrypted copy at any given time), thus guaranteeing the confidentiality of the data vis-à-vis the operators, and makes ZONECENTRAL an indispensable component of any outsourcing project.

The company maintains control over security governance

ZONECENTRAL allows IT security officers to coordinate from their workstations the application of their security strategy. They can delegate some or all of these operations to local managers.

Encryption of file servers

ZONECENTRAL encrypts the files deposited on the network (fillers, NAS, etc.) and handles the Right-to-Know management for encrypted shares. It manages the cryptographic partitioning of files between users, workgroups or categories
of personnel.

Flexible and powerful configuration

The security rules and settings applicable to fixed or portable workstations, shared zones on the network and portable devices are defined by the Security manager using Windows Security Strategies (Policies).

Secure network traffic

ZONECENTRAL encrypts/decrypts files as and when they are used,
on the workstation, in the memory. This means that when data are accessed remotely (file servers, SharePoint), the data travel encrypted over the network.

You want more info about ZONECENTRAL?


Labels and Certifications of ZONECENTRAL

  • Common Criteria Certifications at level EAL3+

  • Qualification Standard Level from ANSSI

  • Approvals for protecting information at the levels OTAN restricted and EU RESTRICTED

  • Security Visa from ANSSI

Key Functions


  • Encryption on-the-fly, transparent for users
  • Configurable Enterprise Encryption Plan
  • Encrypted e-mails and containers for secure exchanges
  • Encryption management on portable devices (memory sticks, external HDDs, etc.)

Encryption security

  • Cryptographic engine operating in kernel mode to reduce exposure to spywar
  • Keyboard driver preventing the keylogging of confidential codes
  • Signed administration settings (policies)
  • Enterprise recovery mechanism
  • User backup mechanism
  • Automatic and secure deletion of files (wiping)

User authentication

  • Authentication via X509 certificate or password
  • Compatible with smartcards from the main manufacturers
  • Compatible with Pfx, P12, etc. keystores
  • Compatible with Microsoft CSP

/ Technical specifications

    AES (128 to 256 bits) and RSA (1024 to 4096 bits).
    PKCS#1, PKCS#5, PKCS#11, X509, Microsoft CSP, LDAP technologies, PKIx compatible.
    Available for Windows 11 to Windows 7.
    Compatible with Windows, Novell and UNIX (NTFS & Samba) servers.
    English, French, German and Spanish.