fbpx

enterprise-endpoint-protection

Enterprise Endpoint Protection

We are a leading service solutions provider and are officially an appointed distributor for eScan in Singapore market.

We selectively partner with market leading vendors who are established in their respective domains.
Enterprises are constantly at risk due to increasing security threats of malware and data theft/misuse in the information technology landscape. Protection of endpoints comprising servers, workstations and mobile devices in the enterprise network is a critical issue today.

eScan’s Enterprise Endpoint Protection (EPP) provides an unified security solution to protect and manage enterprise data, systems and network in a platform agnostic environment. eScan’s EPP uses a combination of advanced technologies to provide real time monitoring and protection against evolving cyber threats such as Ransomware, DDoS, APT or targeted attacks.
Looking for Benefits? Here they are!

Broad Overview

eScan is equipped with advanced technologies for comprehensive threat protection to eliminate zero day attacks. These technologies are based on proactive detection using intelligent sandboxing, active monitoring and continuous process review. The administrator can deploy policies to secure and manage network endpoints centrally from the management console. In case of virus outbreaks, outbreak prevention policies can be deployed to restrict access of network resources from selected computer groups for a defined period of time.

eScan’s Endpoint Detection and Response (EDR) Solution offers detection mechanisms with combinations of behavioral indicators that are able to detect and block attackers’ tools, techniques and procedures. It is capable of alleviating fileless malicious activities that use memory exploits and take advantage of Windows utilities such as MSTSC, CMD,and PowerShell.

eScan empowers enterprises with advanced features for identifying and securing all critical data at rest or in motion. It minimizes the risk of data loss with its advanced features for application and device control as well as data leak prevention at Endpoint, Network or Mail Gateway level. eScan is equipped with features such as Block Port Scan attempt, USB Whitelisting, Disable Print Screen, Block File transfer through Messenger, Print Activity Management, File and Folder Protection and Advanced two way Firewall for managed endpoints.

The Two-Factor Authentication (2FA) is an extra layer of security to make sure that users trying to gain access to the endpoints are legitimate users. An one-time password (OTP) will be sent to the user for logging in.

Remote Monitoring and Management (RMM), is a Remote Desktop and Screen Sharing feature that helps Managed IT Service Providers (MSPs) remotely monitor and control all client endpoints from a centralized console. The RMM feature can be used to carry out tasks such as installing updates, patching and service configurations on the client’s systems. All of the above mentioned tasks and many more can be performed remotely (rather than on-site) and save valuable time of Enterprises and Small and Medium Businesses (SMBs).

eScan’s EPP is equipped with features for real time event capturing, notifications and alerts that allows the administrator to control suspicious activity on the endpoints. It has features for web protection and application control that facilitates filtering of websites and applications based on pre-defined categories to prevent any unproductive usage, thus enhancing employee productivity.

The comprehensive Software and Hardware Asset Management feature of eScan’s EPP captures detailed inventory records of managed endpoints. This feature will help the administrator in keeping a track and control over IT assets maintained by enterprises.

eScan is equipped with tools to capture live events from managed endpoints and publish it on eScan management console. These events are automatically categorized on the basis of event severity, computer selection, asset changes or policy violation. It provides real-time event management that provides a holistic view of an enterprise network security aimed towards enhancing business continuity. The administrator is notified via email on occurrence of any violation. In case if malware count on any computer is higher than the defined limit, an email notification helps in monitoring and controlling the security.

eScan is equipped with advanced features to protect and track critical data stored on managed endpoints or shared within network. Some of the key features are File and Folder Protection, File Rights for local and remote access permissions, Tracking flow of confidential information from end-points to external networks, eBackup with file encryption, and Shadow Copy. All these features allow the administrator to secure and permit authorized access to the data stored on the endpoints in the network. Alternatively, administrators can also track flow of data from creation, modification, deletion to transfer of the same to local, network or cloud resources. Real time events are captured and customized reports can be generated for auditing.

eScan is equipped with technologies to track user behavior at end-points related to use of applications, resources, login/logoff and cloud usage. With eScan Management console, the administrator can deploy policy for a single system in the network by defining policy criteria for a particular IP Address/ User / Machine name. eScan is also equipped with File Activity Monitoring, Session Activity Log, Real-time event management through Client Live Updater, AD Synchronization, and Customized Setup.

Features at a Glance

With unified management, enterprises do not have to worry about the security of diverse endpoints across hybrid networks. eScan EPP provides a client that is administered via a centralized management console on to the endpoints with Windows, Mac, Linux, and Android Platforms in the network. This simplifies security administration and provides operational efficiencies such as centralized deployment, reporting and licensing module.

eScan EPP helps in monitoring and securing critical data to prevent any kind of data leak or data theft from managed endpoints in the network. It allows the administrator to whitelist or blacklist USB and other storage devices, allow or block access to devices such as webcams, CD-ROMs, Composite devices, Bluetooth devices, SD Cards or Imaging devices. Authorized access to such devices can be provided using One Time Password without violating policy deployed to the group. A sub-feature under device control enables to send notifications to the administrator when any data (which is not read-only) on the client system’s hard disk is copied to the USB.

eScan EPP allows creating list of applications that the administrator wishes to block from installation or execution on endpoints in the network. This helps in improving the productivity of the employee by blocking the execution of unproductive applications, Instant Messengers and gaming applications. It also allows or blocks fake and malicious applications in the network.

Administrators can define and deploy the policy through Management Console on to the endpoints. It also allows to whitelist applications or define time restrictions for allowing or blocking execution of applications on endpoints.

Considering that in today’s scenario, there is always a possibility of data breach and data theft via network printers or chances of printouts being left unattended at printing devices, eScan EPP allows administrators to keep track of printing activities that takes place through managed endpoints either through network printers or through PDF writers. Such events are captured and published on the Management Console in Print Activity Report.

Following logs are maintained and can be exported to PDF, Excel or HTML formats

  • Number of copies printed
  • Document name of the printed file
  • Date on which print was taken (client machine)
  • Machine name
  • Username of the computer and its IP address

eScan EPP is equipped with two way firewall that is designed to prevent unauthorized access to a computer or network that is connected to the internet. It enforces a boundary between two or more networks by implementing access policies (rules). Administrators can set rules to control incoming network traffic to and from managed end-points. The firewall checks the rules and analyzes the network packets and filters it. If the packets fulfill the criteria to be allowed as defined in the rules, they are allowed to pass through or else discarded. Administrator can customize the pre-defined rules or define new rules as per security needs.

It is important to keep an eye on the IT assets of the endpoints connected to the enterprise network. This feature helps to track and control the changes in the endpoints made by users for any unauthorized software or hardware which could be a potential threat to the network. It provides the software licensing details for Microsoft Products and allows the administrator to filter reports on any desired criteria.

Whenever there is any change in the hardware configuration, or any new software is installed on the managed endpoints, the administrator is notified. Captured information can be exported to PDF, Excel or HTML formats.

There is a need for a real-time protection to endpoints from objectionable content and security threats, such as ransomware, viruses, spyware, adware, key loggers, rootkits, botnets, hackers, spam, and phishing. eScan Cloud Security ensures a prompt response and an advanced level of detection that provides superior protection.

It ensures real-time protection against advanced malwares such as worms and Trojans by blocking the threat before it damages endpoints. It automatically analyzes, classifies, detects and quarantines 99% of new malwares discovered every day in real-time.

Web pages with links to malicious applications pose biggest risks to enterprises that results in compromising critical data, damage or expose sensitive information. These links appear to be safe but are designed to cause damage to the enterprise data. In other words, the web is increasingly being used to quickly distribute malware and evade traditional security programs.

eScan EPP will block malicious websites/URLs that could be unknowingly serving malware. Malware URL Filter strengthens endpoints and helps to effectively mitigate loopholes through which unknown malware enters into end-points & networks via the cloud.

eScan EPP enables you to share the security configuration and monitoring responsibilities for the enterprises among sub-administrators using eScan management console. This feature facilitates the administrator to assign sub-administrators with pre-defined roles, each with its own set of rights, permissions and groups. One or more senior administrators can have full configuration privileges for all endpoints while junior administrators can have few configuring or monitoring authorities as defined by the senior administrator in management console.

This feature is helpful to detect the misuse of the computer at a specific time when authorized user is not using the endpoint. Remote activity can be tracked down to the user through remote logon details captured in the report. eScan Management Console monitors and logs the session activity of the managed computers. It will display a report of the network endpoints startup/ shutdown/logon/logoff/remote session.

The log report also captures following details:

  • Login or remote sessions
  • Computer name
  • Group name
  • IP address
  • Description of the activity

It also allows the administrator to filter the report on desired criteria. Generated reports can be exported in PDF, Excel or HTML formats.

eScan monitors and logs the file activity of the managed endpoints. It will display a report of the files created, copied, modified, or deleted for the administrator to trace the file activities on all the managed endpoints. Additionally, unauthorized access of critical files can be tracked down to the user through the details captured in the report.

Taking regular backup of critical files stored on the managed endpoints is very important, as it can be lost or damaged due to issues such as virus outbreak, modification by a ransomware or another user. eScan will allow the administrator to take backup of important files and folders. It will also allow to schedule the backup process at a desired time and path to save the backup files locally or on an external hard drive or USB storage device. Administrators can create backup jobs by adding files and folders to schedule the backup process by creating tasks. The backed up data is stored in an encrypted format in a folder secured by eScan’s real-time protection.

eScan allows you to create customized client setup with pre-defined Policy Template. This allows you to implement group policies to the endpoints automatically when this customized eScan Client is installed on the endpoint manually or remotely. The major benefit of this feature is that even if the endpoint does not connect to the eScan server, the Policy template will be applied on to the endpoint through customized eScan Client installed on the endpoint. On installing this customized setup, the endpoint will be automatically moved to the pre-assigned group.

eScan’s password protection restricts user access from violating a security policy deployed in a network. For example, the administrator has deployed a security policy to block all USB devices, but someone wants to access it for a genuine reason, such as making a sales presentation residing on a USB pen drive. Administrator can give access to the user without violating the current security policy using OTP for a desired period of time on that endpoint. This will disable the module for the defined time period without violating existing policy.

This option will allow the administrator to check the vulnerability of the software installed on endpoints in the network for any kind of weakness that can be used by the attacker to gain access to the information stored on the endpoints. Using Vulnerability Scanner module of eScan, you can easily update the listed software with the more secured version of the same.

eScan checks the endpoints for missing patches on the OS by matching the installed patches with the released patch list. The missing critical Windows update patches are then downloaded and installed on the computer where eScan is running.

eScan employs combination of technologies to prevent spam. eScan’s Anti-spam filter scans content of received emails. It filters all junk and spam emails by using advanced technologies like NILP (Non – Intrusive Learning Pattern) and DIRC (Domain and IP Reputation Check) and sends warnings to recipient or the sender. It also provides options to customize the rules for filtering SPAM as per the organization’s requirement. It also helps to filter out zero-hour spam.

Enterprises empower employees by allowing use of mobile devices in the form of Company Owned Devices (COD) or implementing Bring Your Own Device (BYOD) policy for work operations. This enhances employee productivity and allows seamless business operations. eScan’s Enterprise Mobility Management (EMM) solution provides a comprehensive approach in safe guarding critical apps and enterprise data accessed or residing in mobile devices. It ensures that corporate data is secured from data loss, malware or unauthorized access.

eScan’s EMM is one of the most powerful security solutions available today to help organizations tide over the challenges of mobile devices (BYOD/COD) in their enterprise networks from a Unified Management Console.

These features are offered under following Categories

  • Mobile Threat Defense
  • Mobile Content Management
  • Mobile Asset Management
  • Mobile Application Management
  • Mobile Productivity Management
  • Mobile Identity

Contact Us to Find Out More Today!