BUFFERZONE Advanced Endpoint Security

Similar documents
BUFFERZONE Advanced Endpoint Security

BUFFERZONE Advanced Endpoint Security

McAfee Public Cloud Server Security Suite

Getting over Ransomware - Plan your Strategy for more Advanced Threats

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Securing Today s Mobile Workforce

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Kaspersky Open Space Security

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Building Resilience in a Digital Enterprise

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

CloudSOC and Security.cloud for Microsoft Office 365

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

McAfee Embedded Control

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

McAfee Embedded Control for Retail

CA Host-Based Intrusion Prevention System r8

Symantec Endpoint Protection 14

Securing Your Most Sensitive Data

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

Rethinking Security: The Need For A Security Delivery Platform

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Isla Web Malware Isolation and Network Sandbox Solutions Security Technology Comparison and Integration Guide

Dr.Web KATANA. Kills Active Threats And New Attacks

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security

Managed Endpoint Defense

CipherCloud CASB+ Connector for ServiceNow

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

A Guide to Closing All Potential VDI Security Gaps

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

Introduction. The Safe-T Solution

Securing Office 365 with SecureCloud

How to Secure Your Cloud with...a Cloud?

Enterprise Security Solutions by Quick Heal. Seqrite.

AT&T Endpoint Security

THE ACCENTURE CYBER DEFENSE SOLUTION

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Endpoint Security for DeltaV Systems

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Seqrite Endpoint Security

Changing face of endpoint security

align security instill confidence

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Stopping Advanced Persistent Threats In Cloud and DataCenters

with Advanced Protection

Hazardous Endpoints Protecting Your Network From Its Own Devices

Office 365 Buyers Guide: Best Practices for Securing Office 365

Endpoint Security for the Enterprise. Multilayered Defense for the Cloud Generation FAMILY BROCHURE

Securing Office 365 with MobileIron

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

MITIGATE CYBER ATTACK RISK

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

MEETING ISO STANDARDS

2017 Annual Meeting of Members and Board of Directors Meeting

Symantec Network Access Control Starter Edition

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Symantec Network Access Control Starter Edition

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

McAfee Endpoint Security

Enterprise Security Solutions by Quick Heal. Seqrite.

Free antivirus software download

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

Symantec Endpoint Protection Family Feature Comparison

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Advanced Threat Intelligence to Detect Advanced Malware Jim Deerman

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Go mobile. Stay in control.

Defend Against the Unknown

Quick Heal Mobile Device Management. Available on

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Security Gap Analysis: Aggregrated Results

Secure app and data delivery across devices, networks and locations

DATA SHEET RSA NETWITNESS ENDPOINT DETECT UNKNOWN THREATS. REDUCE DWELL TIME. ACCELERATE RESPONSE.

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

How Cisco IT Upgraded Intrusion Prevention Software to Improve Endpoint Security

RSA NetWitness Suite Respond in Minutes, Not Months

Digital Workspace SHOWDOWN

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

SentinelOne Technical Brief

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Transcription:

BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment, bridging and intelligence. Employees enjoy frictionless access to the internet, mail and removable storage while the enterprise stays secure. 1

You Cannot Block Threats You Don t Understand As cyber threats grow increasingly sophisticated, it is now widely agreed that organizations must take a layered approach to protecting their networks and data. Even with the best perimeter defenses, malware is getting through and is infecting user endpoints the largest and most vulnerable attack surface in the organization. Unfortunately, traditional solutions such as signature-based anti-virus, HIPS and patch management are not effective in preventing many types of attacks, including phishing scams, zero-days, drive-by downloads, fileless malware and advanced threats that are constantly morphing. Detection as a means of blocking malware is an inherently limited approach As a result, some organizations have shifted their focus to post-breach detection, rather than prevention. While necessary, detection and remediation are generally far more expensive than prevention. Due to the large number of incidents and false positives, it is more important than ever to prevent as many infections as possible. Other organizations try to control the threat by restricting users access to the internet and risky applications. However, restriction is, and will remain, an uphill battle. Internet, email and removable storage are essential to business today, And organizations that try to control access inevitably impact productivity as well as employee satisfaction. And since the list of dangerous sites and sources is constantly changing, it is impossible to maintain a foolproof policy. Contain Threats, Not Employees It s simply not possible to detect every threat. It is equally impossible to control human behavior - and the more restrictive and inconvenient the security control, the more likely users are to circumvent it. Given these realities, containment is the key to keeping the organization safe without restricting employees. With patented containment and bridging technologies, BUFFERZONE protects organizations from a wide range of threats. Instead of blocking, BUFFERZONE isolates potentially malicious content that arrives from web browsers, email and removable storage and provides a secure bridge for safely transferring it to the native endpoint and the corporate network. BUFFERZONE maximizes user productivity with seamless, unrestricted access to information, while empowering IT with a simple, lightweight, centrally managed, enforceable and cost-effective solution for up to thousands of endpoints within and beyond the corporate network. 2

BUFFERZONE s advanced endpoint security solution features: Virtual Container: A secure, isolated environment for accessing content from any potentially risky source including browsers, removable media and email. Secure Bridge: A configurable process for extracting data from the container to enable collaboration between people and systems while ensuring security and compliance. Network Separation with Passport Enforcement: Enforced by the organizational proxy server, endpoint connections to the internet use separate networks from connections to internal, trusted resources. Upload Blocker: As part of an organizational DLP strategy, BUFFERZONE restricts browser uploads to be only from an isolated location that can t have any data from internal sources. Endpoint Intelligence: Detailed reporting and integration with SIEM and Big Data analytics to identify targeted attacks. The BUFFERZONE container gives employees an unrestricted and transparent environment for using internet applications and removable storage, including opening files in popular applications like Microsoft Office and PDF readers. If malware reaches the endpoint, it is stuck inside the container, where it can do no further harm to the rest of the endpoint or the enterprise. Container contents are wiped periodically to permanently remove malware from the computer. Most of the time, it is not necessary to remove files or data from the container. Users can freely save and reopen files any time, within the container, without risk to the organization. However, sometimes it is necessary to transfer downloaded files to other parts of the organization. For this purpose, BUFFERZONE includes a configurable bridge for transferring content and data safely between the isolated environment and trusted areas of the endpoint and the corporate network. It enables organizations to define and automate the procedures and disarming technologies that must be applied before the transfer. BUFFERZONE also provides critical intelligence for enterprise-wide security analytics to enable correlation of high risk events. A centrally-managed policy defines containment and bridging policies for all parts of the organization. Easy to deploy and configure, BUFFERZONE is a lightweight solution that is deployed and managed seamlessly from the BUFFERZONE Management Server or from leading endpoint management platforms including Ivanti (LANDESK), McAfee epo, and Microsoft Group Policy (GPO) to provide costeffective containment for up to thousands of endpoints. 3

How Does Containment Work? Rather than trying to detect or block, BUFFERZONE isolates application instances that come into contact with untrusted sources. From the user perspective, the application runs normally. But from the security perspective, the application is running in a separate, virtual container that is completely isolated from the rest of the endpoint. This creates a buffer that prevents malware from infecting the endpoint and your corporate network. BUFFERZONE s patented containment technology is transparent to both the application and the end-user, yet completely seals off threats from the rest of the computer. The concept is similar to Protected Memory, a core technology in modern operating systems that uses memory virtualization to isolate one application from another. BUFFERZONE takes a similar approach to isolating the entire application environment memory as well as files, registry and more. An infection attempt will be confined to the boundaries of the container. Windows applications must have read/write access to files and registry data. But it is also through the file system and registry that viruses, worms, Trojan horses, Spyware and Malware are installed. BUFFERZONE s patented containment technology solves this problem effectively using a kernel driver that resides as part of the operating system kernel and filters application-level I/O requests. Non-trusted applications are allowed to read from the file system and the registry; but as soon as they attempt to write or modify a file or registry key, it is performed on a different area on the disk. All future read/write operations from this non-trusted application are redirected to the container. This I/O redirection is completely transparent to both the application and the end user. As a result, any harm inflicted by malware is completely sealed off in the virtual environment. Neither the endpoint nor the corporate networks are infected. New threats with unpredictable behaviors are contained just as effectively as known malware. 4

What is a Trusted Source? BUFFERZONE provides a secure, virtual environment for accessing content from web browsers, email, Skype, FTP, removable storage and any other potentially insecure source. It enables you to define very granular policies that determine precisely what is trusted and untrusted according to network segment, file location or file tag, File Digital signature, and URL/IP source. BUFFERZONE offers location awareness, which automatically detects an endpoint that has moved to an insecure location (such as a public wi-fi hot spot) where stricter policies are required. BUFFERZONE provides this same level of intelligence to defining secure zones. So, for example, a SharePoint server can be defined as secure. When the user visits the server from his web browser, it will open outside the container, so any files that are uploaded will be from trusted sources. Providing a Transparent User Experience BUFFERZONE contains applications instead of employees. IT security defines untrusted and trusted sources. When users access an untrusted source using a web browser, instant messenger, email client or desktop application, they automatically begin to work in the BUFFERZONE container. Isolated applications have a red border,as the web browser above. When the user accesses a trusted source, the browser opens outside the container and its border is green. In every other respect, the user experience is completely transparent. BUFFERZONE has a small footprint and virtually no impact on performance. It does not require hardware or operating system upgrades. 5

Building a Bridge between the Endpoint and the Enterprise Experience has shown that the majority of the web pages and files that employees access from web browsers or email do not need to be saved on the enterprise network. They can safely and conveniently be stored and viewed within the BUFFERZONE container. This significantly reduces the attack surface of the organization as a whole. Nonetheless, there are situations where files and data must be made available for use in a wider organizational context. Therefore, a Secure Bridge is an essential part of a containment strategy. BUFFERZONE provides organizations with a configurable bridge for extracting and disinfecting files that leave the container. It enables every organization to establish their own process in line with industry best practices and enterprise security policies. The bridge defines a process for where and how files are saved, as well as the procedures that will be performed in order to disarm data and remove any potential threats. Enforcable Network Separation Endpoint connections from within the BUFFERZONE container use separate networks than connections from outside the container, ensuring that no application can access both trusted and untrusted resources. The separation is enforceable by the organizational proxy, which can be configured to allow internet access only to connections clearly identified as originating within the container. Upload Blocker for DLP BUFFERZONE can restrict browser uploads to be only from a specified, contained location (for example, the Downloads folder). When configured along with BUFFERZONE s Hidden Files feature, which prevents contained applications from accessing locations that could contain sensitive data, BUFFERZONE contributes to a wider organizational DLP strategy, by ensuring that potentially sensitive information cannot be uploaded to the internet. 6

Correlating Information across the Enterprise Advanced malware is highly distributed it communicates with a network of hosts via a Command and Control server and often will infect a number of endpoints in your organization, especially if it is a targeted attack. Therefore, it is essential to correlate threat information across the organization. BUFFERZONE collects information about suspicious software such as registry alterations, file system activity, network activity and more, and shares it directly with SIEM and other Big Data analytics platforms for effective organization-wide event correlation. Scaling for Thousands of Endpoints Since organizations have thousands of physical and virtual endpoints running different operating systems at distributed sites and off-premises, central deployment and policy management is a critical factor for endpoint security. BUFFERZONE is easy to deploy using the provided BUFFERZONE Management Server or other, third-party endpoint management systems including Ivanti (LANDESK), McAfee epolicy Orchestrator (epo), and Microsoft Group Policy (GPO). BUFFERZONE is supported on most Windows versions, microprocessors and physical/virtual deployments. It also supports most standard browsers, plugins and applications. BUFFERZONE is a cost-effective solution with a very small footprint and little impact on endpoint performance. Once policies are configured, BUFFERZONE requires little ongoing management, resulting in very low total cost of ownership for the organization. Summary When it comes to protecting endpoints against modern threats, the most effective approach is Containment First. BUFFERZONE s patented container technology enables employees to freely access information from anywhere without compromising the organization. It provides a safe place to run internet-exposed applications and removable storage, and collects information that can be vital for attack detection and event correlation. BUFFERZONE provides a complete solution for successfully integrating containment into the enterprise, including a secure bridge for transferring files according to industry best practices and advanced file disarming technologies. It has minimal hardware requirements, is easy to deploy and manage, and offers a very low total cost of ownership. With BUFFERZONE, organizations of all sizes can defend their endpoints against malware while giving employees seamless internet access to increase productivity and user satisfaction. 7

The BUFFERZONE Advantage: Enable employees to access the internet freely to maximize productivity and satisfaction Effectively defend the network against APTs, zero-day attacks and advanced malware Prevent malware from infecting user endpoints Protect access to removable storage Protect all windows devices and users both on-site and outside of the corporate network Safely transfer information into the organization without compromising security Enforce organizational policies and processes seamlessly Deployment within hours, very easy to manage with leading endpoint management platforms Minimal resource utilization 2014-2017 BUFFERZONE Security Ltd. All rights reserved. BUFFERZONE is a registered trademark of BUFFERZONE Security Ltd. 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback