Endpoint Protection Solution
An Endpoint Protection solution is designed to protect all endpoints connected to the enterprise network from malware and threat actors, based on a centralized approach. Devices connected to the network such as servers, workstations, laptops, smartphones and other IoT devices are considered as endpoints. Centralized management enables efficient, effective and easier management of enterprise cyber security.
An Endpoint Protection solution combines numerous cyber security components such as an antivirus, firewall, and other security components.
Blacklisting-based Endpoint Protection solutions
Gartner reports that even today most endpoint protection is still based on an increasingly antiquated default allow approach. This blacklisting-based approach blocks only “known bad” applications or executables. Hackers are able to overcome this approach as they can create slight variants of existing malware for unleashing new attacks. Creation of slightly modified malware does not require much effort, and there are tools to easily create unknown variants of known malware. Cyber criminals have also created automated tools that can automatically create unknown variants with a slight variation. Blacklisting-based detection does not consider these variants as malware when compared with the existing virus definitions database.
Signature-based detection is used by most endpoints. In this method, the signature of a process or executable is compared against existing definitions in a virus database. This method is considered as an antiquated and dangerous approach because all processes or executables that do not get detected as malicious are provided unfettered access to the enterprise network and system files. Malware can spread from a single infected endpoint to other endpoints that are part of the enterprise network. This can result in total compromise of the complete enterprise network. Due to these reasons, blacklisting-based detection is considered to provide only limited protection.
Xcitium Advanced Endpoint Protection (AEP)
Xcitium AEP Endpoint Protection Solution ensures total security for all endpoints – from workstations to mobile devices – and both physical as well as virtual endpoints. Xcitium (AEP) is a lightweight, scalable platform that provides default deny security with a default allow usability.
Xcitium AEP offers sophisticated features such as:
- Xcitium AntiVirus (blacklisting)
- Xcitium Host Firewall
- Automated Containerization
- Certificate-based Whitelisting
- VirusScope behavior analyzer
- Valkyrie Static & Dynamic Analyzer
- Integrated human analysis
- File reputation
- Host IPS
- URL filtering
- Jailing protection
The Device Control feature in Xcitium AEP offers
- Policy-based management
- Control of the default profile
- VPN aware policies
- Enforcement of strong mobile policies
- Over-the-air device enrollment
- Find my device feature
- Data isolation
- Remote data wipe
- Mobile certificates
- Sneak peak antitheft feature
To ensure the security of applications it includes:
- Application inventory
- Integrated device, application and security coverage
- Blacklisting of applications,
- Xcitium mobile apps
- Remote management
- Application whitelist store
Remote Monitoring and Management (RMM)
The RMM feature provides remote access with
- Complete device takeover
- Remote management
- Patch management
In an enterprise network, an endpoint is considered to be the most vulnerable entity. This has made it the favorite target of hackers and they use various methods to persistently attack endpoints. Once they breach the device and penetrate the network, they spread to other devices that are part of the enterprise network. The complete network can get compromised.
Robust Endpoint Protection solution
Xcitium AEP provides robust endpoint protection. It features true default deny security with default allow usability – this ensures that every file receives a definitive verdict of good (benign), bad (malicious), or unknown (to-be-determined). The AEP always allows only the known good files to run unfettered on the enterprise network systems.
All unknown executables are automatically containerized in Xcitium AEP’s Automatic Containment™ until they are identified as safe.
Xcitium Advanced Endpoint Protection (AEP) is the only robust endpoint protection solution that protects enterprise network and endpoints against all known malware, unknown files (zero-day malware), as well as advanced persistent attacks (APTs).