Intelligent Detection Gives Tnsight Into the Nature of Threats

Core to Endpoint Secure is Sangfor’s artificially intelligent malware/APT detection engine, Engine Zero.

Engine Zero achieves high detection and low false positive rates by accurately identifying the “DNA” of unknown malware/ransomware based on continuously learning artificial intelligence using multiple techniques such as evolving neural networks and heuristics. This gives the user insight into the nature of pending threats while more effectively identifying and blocking 0-day and other unknown threats. Engine Zero, in combination with Neural-X, a powerful cloud based threat intelligence platform, enhances deep learning by training thousands of nodes within multiple multi-dimensional algorithmic detection models.

Endpoint Secure combines with the power of Sangfor’s already stellar network security product offerings, to greatly enhance the defensive abilities of the organization. The Endpoint Secure Protect agent host firewall capability prevents the east-west spread of malicious activity by blocking suspicious or unauthorized network communications. Endpoint Secure integrates with Sangfor NGAF to stop both exfiltration to Command & Control servers and access to phishing sites at the perimeter by signaling the NGAF which hosts are currently exhibiting unusual or malicious behavior. Additional micro-segmentation functionality to limit access across network boundaries is available via integration with Sangfor Internet Access Management (IAM). Endpoint Secure can manage and monitor 10’s of thousands of endpoint assets via on-premise console or integration with Platform-X, Sangfor’s revolutionary cloud-based integrated management system.

Quickly and Intelligently Deal with Threats in a Timely Manner

Endpoint Secure was designed to make responding to security incidents and stopping breaches simple, effective and timely. With high accuracy of identifying unknown threats, Endpoint Secure can quickly respond using One-Click based on the threat content of the detected event. Different from more traditional solutions for isolating malicious files at the endpoint, Endpoint Secure provides multiple mechanisms to mitigate threats based on files, machines and groups. Isolation response includes: endpoint host isolation, service group isolation, file trust, file isolation, file deletion, and file recovery. However, endpoint isolation may not be adequate alone so Endpoint Secure can coordinate with other Sangfor security products for a more robust response. For example, integration with the Sangfor NGAF will provide three-dimensional protection capability (host, network, perimeter), helping users to quickly block threats, prevent exfiltration to C&C servers, and shorten the discovery and remediation time of threats in the user environment.

Additional microsegmentation functionality to limit access across network boundaries is available via integration with Sangfor Internet Access Management (IAM).

Endpoint Secure leverages the innovative Sangfor Platform-X cloud-based analytics and security management system which provides real-time awareness of global threats and how those threats affect the local situation based on data received from Sangfor’s global threat intelligence network. Endpoint Secure utilizes Platform-X’s drill-down capability providing a better view of threat data while simplifying security operations management of tens of thousands of Endpoint Secure Protect agents.

Integrated Management, Comprehensive Identification of Terminal Assets

Only when the organizational unit has mastered the status of its own assets and the security status of its own business can it respond to risks with ease. Sangfor Endpoint Secure use a unified management console, fully compatible with host and server based agents, multiple operating system, many types of asset strategy integration (managing 10’s of thousands of distributed agents, supplemented by cloud-based threat intelligence, This ensures that the endpoint has more comprehensive protection capabilities, while making large-scale asset management simple and easy to understand.