BUFFERZONE Advanced Endpoint Security

Similar documents
BUFFERZONE Advanced Endpoint Security

BUFFERZONE Advanced Endpoint Security

McAfee Public Cloud Server Security Suite

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Isla Web Malware Isolation and Network Sandbox Solutions Security Technology Comparison and Integration Guide

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Building Resilience in a Digital Enterprise

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Securing Today s Mobile Workforce

A Guide to Closing All Potential VDI Security Gaps

CA Host-Based Intrusion Prevention System r8

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

CloudSOC and Security.cloud for Microsoft Office 365

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

Securing Your Most Sensitive Data

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Kaspersky Open Space Security

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

Symantec Endpoint Protection 14

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

RSA NetWitness Suite Respond in Minutes, Not Months

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SentinelOne Technical Brief

DATA SHEET RSA NETWITNESS ENDPOINT DETECT UNKNOWN THREATS. REDUCE DWELL TIME. ACCELERATE RESPONSE.

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

McAfee Advanced Threat Defense

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

SentinelOne Technical Brief

with Advanced Protection

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

McAfee Embedded Control

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY

Traditional Security Solutions Have Reached Their Limit

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Symantec Network Access Control Starter Edition

Agile Security Solutions

Stopping Advanced Persistent Threats In Cloud and DataCenters

AT&T Endpoint Security

Defend Against the Unknown

Case Study. Top Financial Services Provider Ditches Detection for Isolation

Intel Security Advanced Threat Defense Threat Detection Testing

Advanced Threat Intelligence to Detect Advanced Malware Jim Deerman

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

align security instill confidence

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

FIREWALL BEST PRACTICES TO BLOCK

Dr.Web KATANA. Kills Active Threats And New Attacks

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Free antivirus software download

McAfee Embedded Control for Retail

Cisco Advanced Malware Protection. May 2016

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Maximizing IT Security with Configuration Management WHITE PAPER

Symantec Network Access Control Starter Edition

Best Practical Response against Ransomware

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Managed Endpoint Defense

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

Symantec Network Access Control Starter Edition

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Enterprise Security Solutions by Quick Heal. Seqrite.

Next Generation Enduser Protection

2017 Annual Meeting of Members and Board of Directors Meeting

Carbon Black PCI Compliance Mapping Checklist

Symantec Endpoint Protection

GUIDE. MetaDefender Kiosk Deployment Guide

How Cisco IT Upgraded Intrusion Prevention Software to Improve Endpoint Security

2018 Edition. Security and Compliance for Office 365

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Introduction. The Safe-T Solution

esendpoint Next-gen endpoint threat detection and response

Endpoint Security for the Enterprise. Multilayered Defense for the Cloud Generation FAMILY BROCHURE

Measuring cloud-based anti-malware protection for Office 365 user accounts

At a Glance: Symantec Security.cloud vs Microsoft O365 E3

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

Security by Default: Enabling Transformation Through Cyber Resilience

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

Go mobile. Stay in control.

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

What s New in Version 3.5 Table of Contents

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Transcription:

BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment, bridging and intelligence. Employees enjoy frictionless access to the internet, mail and removable storage while the enterprise stays secure. 1

You Cannot Block Threats You Don t Understand As cyber threats grow increasingly sophisticated, it is now widely agreed that organizations must take a layered approach to protecting their networks and data. Even with the best perimeter defenses, malware is getting through and is infecting user endpoints the largest and most vulnerable attack surface in the organization. Unfortunately, traditional solutions such as signature-based anti-virus, HIPS and patch management are not effective in preventing many types of attacks, including phishing scams, zero-days, drive-by downloads, and advanced threats that are constantly morphing. Detection as a means of blocking malware is an inherently limited approach - as Forrester writes, You can t block threats you don t understand. 1 As a result, some organizations have shifted their focus to post-breach detection, rather than prevention. While necessary, detection and remediation are generally far more expensive than prevention 2. Due to the large number of incidents and false positives, it is more important than ever to prevent as many infections as possible. Other organizations try to control the threat by restricting users their access to the internet and applications. Restriction is, and will remain, an uphill battle. Internet, email and removable storage are essential to business today. Organizations that try to control access inevitably impact productivity as well as employee satisfaction. And since the list of dangerous sites and sources is constantly changing, it is impossible to maintain a foolproof policy. Contain Threats, Not Employees It s simply not possible to detect every threat. It is equally impossible to control human behavior - and the more restrictive and inconvenient the security control, the more likely users are to circumvent it. Given these realities, containment is the key to keeping the organization safe, without restricting employees. BUFFERZONE protects organizations from a wide range of threats with patented containment, bridging and intelligence technologies. Instead of blocking, BUFFERZONE isolates potentially malicious content from web browsers, email and removable storage and provides a secure bridge for transferring it safely to the corporate network. BUFFERZONE maximizes user productivity with seamless, unrestricted access to information, while empowering IT with a simple, lightweight and cost-effective solution for up to thousands of endpoints within and beyond the corporate network. 1 Forrester, Top 15 Trends S&R Pros Should Watch, https://www.forrester.com/top+15+trends+sr+pros+should+watch+q2+2014/fulltext/- /E-RES112361 2 Gartner, Next Steps in Endpoint Malware Protection, https://www.gartner.com/doc/2791117/steps-endpoint-malware-protection. 2

BUFFERZONE s advanced endpoint security solution features: Virtual Container: A secure, isolated environment for accessing content from any potentially risky source including internet browsers, removable media and e-mail. Secure Bridge: A configurable process for extracting data from the container to enable collaboration between people and systems while ensuring security and compliance. Endpoint Intelligence: Detailed reporting and integration with SIEM and Big Data analytics to identify targeted attacks. The BUFFERZONE container gives employees an unrestricted and transparent environment for using internet applications and removable storage, including opening files in popular applications like Microsoft Office and Adobe Acrobat. If malware reaches the endpoint, it is stuck inside the container, where it can do no further harm to the rest of the endpoint or the enterprise. The contents of the container are wiped periodically to permanently remove malware from the computer. Most of the time, it is not necessary to remove files or data from the container. Users can freely save and reopen files any time, within the container, without risk to the organization. However for some users and organizations, a container alone is not enough. It is necessary to transfer files or copy data that has been downloaded from the open internet to other applications or parts of the organization. BUFFERZONE includes a configurable bridge for transferring content and data safely between the isolated environment and secured areas of the endpoint and the corporate network. It enables organizations to define and automate the procedures and disinfection technologies that must be employed before the transfer. BUFFERZONE also provides critical intelligence for enterprise-wide security analytics to enable correlation of high risk events. Easy to deploy and configure, BUFFERZONE is a lightweight solution that works seamlessly with leading management platforms to provide cost-effective containment for up to thousands of endpoints. 3

How Does Containment Work? Rather than trying to detect or block, BUFFERZONE isolates applications that come into contact with untrusted sources. From the user perspective, the application runs normally. But from the security perspective, the application is running in a separate, virtual container that is completely isolated from the rest of the endpoint. This creates a buffer that prevents malware from infecting the endpoint and your corporate network. BUFFERZONE s patented containment technology is transparent to both the application and the enduser, yet completely seals off threats from the rest of the computer. The concept is similar to Protected Memory, a core technology in modern operating systems that uses memory virtualization to isolate one application from another. BUFFERZONE takes a similar approach to isolating the entire application environment memory as well as files, registry and more. An infection attempt will be confined to the boundaries of the container. Windows applications must have read/write access to files and registry data. But it is also through the file system and registry that viruses, worms, Trojan horses, Spyware and Malware are installed. BUFFERZONE s patented containment technology solves this problem effectively using a kernel driver that resides as part of the operating system kernel and filters application-level I/O requests. Non-trusted applications are allowed to read from the file system and the registry; but as soon as they attempt to write or modify a file or registry key, it is performed on a different area on the disk. All future read/write operations from this non-trusted application are redirected to the container. This I/O redirection is completely transparent to both the application and the end user. As a result, any harm inflicted by malware is completely sealed off in the virtual environment. Neither the endpoint nor the corporate networks are infected. New threats with unpredictable behaviors are contained just as effectively as known malware. What is a Trusted Source? BUFFERZONE provides a secure, virtual environment for accessing content from web browsers, email, Skype, FTP, removable storage and any other potentially insecure source. It enables you to define very granular policies that determine precisely what is trusted and untrusted according to network 4

segment, file location or file tag, File Digital signature, and URL/IP source. BUFFERZONE offers location awareness, which automatically detects an endpoint that has moved to an insecure location (such as a public wi-fi hot spot) where stricter policies are required. BUFFERZONE provides this same level of intelligence to defining secure zones. So, for example, a SharePoint server can be defined as secure. When the user visits the server from his web browser, it will not open in the container, and any files that are downloaded can be saved directly to the enterprise network. Providing a Transparent User Experience BUFFERZONE contains applications instead of employees. IT security defines untrusted and trusted sources. When users access an untrusted source using a web browser, instant messenger, email client or desktop application, they automatically begin to work in a BUFFERZONE container. An isolated application has a red border as in the web browser above. When the user opens a file from an untrusted source, it is also opened in a container, and the application window has a red border. In every other respect, the user experience is completely transparent. When the user accesses a trusted source, the application border turns green. BUFFERZONE has a small footprint and virtually no impact on performance. It does not require hardware or operating system upgrades. 5

Building a Bridge between the Endpoint and the Enterprise Most employees do not need open, unrestricted internet access to do their jobs. Experience has shown that the majority of the web pages and files that they view through a web browser or email do not need to be saved on the enterprise network. They can safely and conveniently be stored and viewed within the BUFFERZONE container. This significantly reduces the attack surface of the organization as a whole. Nonetheless, there are situations where files and data must be made available for use in a wider organizational context. Therefore a Secure Bridge is an essential part of a containment strategy. In fact, transferring data from the container to the enterprise secure zone can be the most vulnerable aspect of a containment methodology. Today s malware is designed to fly under the radar and persist for long periods of time. It is learning to evade gateway virtual environments like sandboxes with a long sleep period or by waiting for intelligent user interaction like a mouse click. BUFFERZONE provides organizations with a configurable bridge for extracting and disinfecting files that leave the container. It enables every organization to establish their own process in line with industry best practices and enterprise security policies. The bridge defines a process for where and how files are saved, as well as the procedures that will be performed in order to disinfect or disable data and remove any potential threats. The bridge does not rely on detection and is therefore effective against zero-day and unknown threats. BUFFERZONE provides a large variety of options that are capable of disabling hidden malware in different types of files including Microsoft Office, PDF, images, HTML and XML, archives, audio files and more. For each type of file, BUFFERZONE offers specialized functions that are designed to prevent malware from getting through while maintaining maximum functionality/content of the original document. For example, in Microsoft Word files, BUFFERZONE can block, contain or remove macros, images and embedded files. For images, BUFFERZONE uses techniques such as multiple format conversions and random flattening to disable malware. From the user perspective, the bridge is transparent. Until all of the steps in the process are completed, the file simply opens inside a container. BUFFERZONE is designed to optimize flexibility and convenience for employees, while maximizing security for the enterprise. Correlating Information across the Enterprise Advanced malware is highly distributed it communicates with a network of hosts via a Command and Control server and often will infect a number of endpoints in your organization, especially if it is a targeted attack. Therefore it is essential to correlate threat information across the organization. BUFFERZONE collects information about suspicious software such as registry alterations, file system activity, network activity and more, and shares it directly with SIEM and other Big Data analytics platforms for effective organization-wide event correlation. 6

Scaling for Thousands of Endpoints Since organizations have thousands of physical and virtual endpoints running different operating systems at distributed sites and off-premises, management is a critical factor for endpoint security. BUFFERZONE is easy to deploy using the built-in Management Server. It also integrates seamlessly with leading endpoint management platforms including LANDESK, McAfee epolicy Orchestrator and Microsoft Group Policy Management. One BUFFERZONE fits most Windows versions, microprocessors and physical/virtual deployments. It also supports most standard Internet browsers, plug-ins or applications. BUFFERZONE is a cost-effective solution with a very small footprint and little impact on endpoint performance. Once policies are configured, BUFFERZONE requires little ongoing management, resulting in very low total cost of ownership for the organization. Summary When it comes to protecting endpoints against modern threats, the most effective approach is Containment First. BUFFERZONE s patented container technology enables employees to freely access information from anywhere without compromising the organization. It provides a safe place to run internet-exposed applications and removable storage, and collects information that can be vital for attack detection and event correlation. BUFFERZONE provides a complete solution for successfully integrating containment into the enterprise, including a secure bridge for transferring files according to industry best practices and advanced file sanitization technologies. It has minimal hardware requirements, is easy to deploy and manage, and offers a very low total cost of ownership. With BUFFERZONE, organizations of all sizes can defend their endpoints against malware while giving employees seamless internet access to increase productivity and user satisfaction. The BUFFERZONE Advantage: Enable employees to access the internet freely to maximize productivity and satisfaction Effectively defend the network against APTs, zero-day attacks and advanced malware Prevent malware from infecting user endpoints Protect access to removable storage Protect all windows devices and users both on-site and outside of the corporate network Safely transfer information into the organization without compromising security Enforce organizational policies and processes seamlessly Deployment within hours, very easy to manage through leading endpoint management platforms Minimal resource utilization 2014 Trustware, Ltd. All rights reserved. Trustware and BUFFERZONE are registered trademarks of Trustware, Ltd. 14.10.2014 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback