ABOUT SECUREIT PRO

 

SecureIT Pro is a business security solution built from ground-up to deliver security services to physical endpoints, virtual machines in private, public cloud and Exchange mail servers. SecureIT Pro is one product with a unified management console available in the cloud, or as one virtual appliance to be installed on-premise and it provides a single point for deploying, enforcing and managing security policies for any number of endpoints and of any type, in any location. SecureIT Pro delivers multiple layers of security for endpoints, including Microsoft Exchange mail servers: antimalware with behavioral monitoring, zero day threat protection, application control and sandboxing, firewall, device control, content control, anti-phishing and antispam.

 

Security for Endpoints

 

Protects unobtrusively any number of Windows, Linux and Mac OS X laptops, desktops and servers by using top-ranked antimalware technologies. Additionally, Windows systems benefit of even more enhanced security with a two-way firewall, intrusion detection, web access control and filtering, sensitive data protection, application and device control. Low system usage ensures performance improvements, while integration with Microsoft Active Directory makes it easy to automatically apply protection to unmanaged desktops and servers. The solution provides an alternative to legacy antimalware systems by combining industry-acclaimed security technologies with the simplicity of deployment and management through the powerful SecureIT Pro Control Center. Proactive heuristics are employed to classify malicious processes based on their behavior, detecting new threats in real time.

 

SecureIT Pro Architecture

 

The unique architecture of SecureIT Pro allows the solution to scale with ease and secure any number of systems. SecureIT Pro can be configured to use multiple virtual appliances and multiple instances of specific roles (Database, Communication Server, Update Server and Web Console) to ensure reliability and scalability. Each role instance can be installed on a different appliance. Built-in role balancers ensure that the SecureIT Pro deployment protects even the largest corporate networks without causing slowdowns or bottlenecks. Existing load balancing software or hardware can also be used instead of the built-in balancers if present in the network. Delivered in a virtual container, SecureIT Pro can be imported to run on any virtualization platform, including VMware, Citrix, Microsoft Hyper-V. Integration with VMware vCenter, Citrix XenServer and Microsoft Active Directory reduces the effort of deploying protection for physical and for virtual endpoints.

 

Web Console (Control Center)

 

Security solutions are managed within SecureIT Pro from a single point of management, Control Center web console, which provides easier management About SecureIT Pro 4 and access to overall security posture, global security threats, and control over all security modules protecting virtual or physical desktops, servers. Control Center is capable of addressing the needs of even the largest organizations. Control Center integrates with the existing system management and monitoring systems to make it simple to automatically apply protection to unmanaged desktops, or servers that appear on the Microsoft Active Directory, VMware vCenter or Citrix XenServer or that are simply detected in the network.

 

Endpoint Security Tools

 

SecureIT Pro ensures physical and virtual machines protection with Endpoint Security Tools, an intelligent environment- aware security agent capable to automatically self-configure according to the end point type. Endpoint Security Tools can be deployed on any machine, either virtual or physical, providing a flexible scanning system, being an ideal choice for mixed environments (physical, virtual and cloud). In addition to file system protection, Endpoint Security Tools also includes mail server protection for Microsoft Exchange Servers. Endpoint Security Tools uses one single policy template for physical and virtual machines, and one installation kit source for any environment (physical or virtual). Endpoint Security Tools is also available for Linux physical endpoints (servers and desktops).

 

Protection Modules

 

The following protection modules are available with Endpoint Security Tools:

  • Antimalware
  • Advanced Threat Control
  • Firewall
  • Content Control
  • Application Control
  • Device Control
  • Power User

 

Anti-Malware

 

The anti-malware protection module is based on signature scanning and heuristic analysis (B-HAVE) against: viruses, worms, trojans, spyware, adware, keyloggers, rootkits and other types of malicious software.

  • Anti-malware scanning technology relies on the following protection layers: First, a traditional scanning method is employed where scanned content is matched against the signature The signature database contains byte patterns specific to known threats and is regularly updated.

 

Advanced Threat Control

 

For threats that elude even the heuristic engine, a third layer of protection is present in the form of Advanced Threat Control (ATC). Advanced Threat Control continuously monitors running processes and grades suspicious behaviors such as attempts to: disguise the type of process, execute code in another process’s space (hijack process memory for privilege escalation), replicate, drop files, hide from process enumeration applications, etc. Each suspicious behavior raises the process rating. When a threshold is reached, an alarm is triggered.

 

  • Important: This module is available only for supported Windows desktop and server operating systems, except:
    • Windows XP (64-bit) Windows Server 2003/Windows Server 2003 R2 (32-bit, 64-bit)

 

Firewall

 

The Firewall controls applications’ access to the network and to the Internet. Access is automatically allowed for a comprehensive database of known, legitimate applications. Furthermore, the firewall can protect the system against port scans, restrict ICS and warn when new nodes join a Wi-Fi connection.

  • Important: This module is available only for supported Windows workstations, except legacy operating

 

Content Control

 

The Content Control module helps enforce company policies for allowed traffic, web access, data protection and applications control. Administrators can define traffic scan options and exclusions, schedule web access while blocking or allowing certain web categories or URLs, configure data protection rules and define permissions for the use of specific applications.

  • Important: This module is available only for supported Windows workstations, except legacy operating

 

Application Control

 

The Application Control module prevents malware, zero-day attacks and enhances security without impacting productivity. Application Control enforces flexible application whitelisting policies that identify and prevent the installation and execution of any unwanted, untrusted or malicious applications.

  • Important: This module is available only for supported Windows desktop and server operating systems, except:
    • Windows Vista Windows Server 2008 ● Windows legacy operating systems.

 

Device Control

 

The Device Control module allows preventing the sensitive data leakage and malware infections via external devices attached to endpoints by applying blocking rules and exceptions via policy to a vast range of device types (such as USB Flash Drives, Bluetooth Devices, CD/DVD-Players, Storage Devices, etc.).

  • Important: This module is available only for supported Windows desktop and server operating systems, except legacy

 

Power User

 

Control Center administrators can grant Power User rights to endpoint users via policy settings. The Power User module enables administration rights at user level, allowing the endpoint user to access and modify security settings via a local console. Control Center is being notified when an endpoint is in Power User mode and the Control Center administrator can always overwrite local security settings.

 

Exchange Protection Role

 

Endpoint Security Tools with Exchange role can be installed on Microsoft Exchange Servers with the purpose of protecting the Exchange users from email-borne threats. Endpoint Security Tools with Exchange role protects both the server machine and the Microsoft Exchange Solution.

 

Endpoint Security for Mac

 

Endpoint Security for Mac is a powerful antimalware scanner, which can detect and remove all kinds of malware, including viruses, spyware, Trojan horses, keyloggers, worms and adware on Intel-based Macintosh workstations and laptops with Mac OS X version 10.8.5 or later. Endpoint Security for Mac includes only the Antimalware module, while the scanning technology available is Local Scan, with all signatures and engines stored locally

 

vShield

 

vShield is a light agent for VMware virtualized environments that are integrated with vShield Endpoint. The security agent installs on virtual machines protected by Security Server, to allow you to take advantage of the additional functionality it provides:

  • Allows you to run Memory and Process Scan tasks on the
  • Informs the user about the detected infections and actions taken on
  • Adds more options for antimalware scan