Managed Endpoint Security

ANTI-MALWARE2.png

Technical Features

Next Gen Anti Malware, installs as an agent on your persistent workloads and it does all of the below, and sometimes even washes your dishes:

  • Plugs itself between critical system processes and user space processes to protect from exploits.

  • Detects bad files, processes, network connections based on an always updating database of signatures.

  • Creates a restriction policy that limits who can execute what from where.

  • Collects telemetry (system, file, network, process, user operations - everything really)  from the endpoint to learn normal behavior patterns to detect and alert for or block anomalies.

  • Puts all collected telemetry into a data lake, retain it, and then use it for retrospective analysis, threat hunting and reporting. 

  • Creates rich visualization and correlation of events to help for root cause analysis.

Our Service

We will fully manage the Endpoint Security service, from its inception to its removal, including:

  • High Level Design - to ensure the service fits in your overall infrastructure design - this includes scope coverage, feature selection, licensing, and the process wrap around the service.

  • Low Level Design - to ensure all details for the successful implementation of the service are captured - list of covered systems, protection configurations, authorized exceptions.

  • Implementation - we will plan and drive the implementation efforts to match the availability of your sysadmin teams and to get this done according to your schedule. 

  • 24/7 Operations - Monitoring, Incident Management, Service Request Fulfillment, Change Management, Patching and Upgrades. 

  • Configuration and security policy auditing - where we will ensure the system configuration and policy are up to your requirements and are reviewed regularly. 

  • Retirement of configuration and full service decommissioning. 

Benefit

  • You employ best of breed technology vendors - such as Palo Alto Networks, CheckPoint, Cisco.

  • You have access to a pool of experienced and certified engineers that will design and deploy endpoint security deployments and policies according to industry best practices.

  • You choose what and how is protected, using our expert advice.

  • We offer a standard operations bundle for all deployment types.

Our Approach

We make it simple for you, while providing the flexibility you need. In case of a new deployment:

  • We assign an expert to participate in the design phase to capture all requirements and design the right solution for you.

  • We can resell licenses or you can buy them yourselves, whichever makes sense financially for you.

  • We work with your existing IT team and tools to plan and deploy the software on all target endpoints, together with any necessary infrastructure.

  • We will deploy the security policies according to the agreed design.

  • We will integrate the service with any log collection and/or security event monitoring system you have. 

In case of looking to outsource the management of an existing service:

  • We will assign an expert to discover the environment, the design of the service.

  • We will do an initial health and security check-up to understand and align you and us on the state of the service.

  • We will then move on to operate the service according to the tier of your choosing.

Operations Bundles

The service include the following:

  • One major upgrade per year.

  • Installation of critical security patches .

  • Annual policy review and tuning.

  • 24/7 Monitoring of system audit logs 

  • Unlimited IT incident handling.

  • Monthly Report for service statistics including, requests, incidents, changes, and relevant service statistics, such as blocked threats, # of protected systems, # of systems up-to date, etc.

Daily Review - Critical

Suitable for most environments. Critical alerts are reviewed on a daily basis to ensure threats are blocked and false positives are detected and remediated in a timely manner.

Critical Incidents

Additional Service Options

Introduce new feature

We will design and integrate any previously unused or newly released features, according to your schedules and considering your change management process. We will then operate them as part of the standard operations bundles.

Major Upgrade

If you want to have it first, you may need to do more than 1 major upgrade per year. We've got you covered!

Policy Audit

In case you need more frequent policy audits. We've got you covered!

Detailed and real-time incident response

This is not actually part of the Endpoint security service. Check out our Managed Detection and Response service for more details!

Contact us to learn more

Leave your details below and one of the team will be in contact to discuss your individual needs

Thank you! We will get back in touch shortly!