BufferZone

Even the best detection technology cannot return the data, money or reputation that is lost in a breach. While a layered approach that addresses the entire attack cycle is a must, prevention still has the highest return on investment. BUFFERZONE provides a better way to reduce the attack surface and protect the most vulnerable part of the organization – employee endpoints. How it Works? The BUFFERZONE virtual container protects any application that you define as insecure including web browsers, email, Skype, FTP and even removable storage. BUFFERZONE is transparent to both the application and the end-user, yet completely seals off threats from the rest of the computer. Unlike conventional endpoint detection solutions that depend on signatures or behavioral profiles to detect malicious activity, BUFFERZONE simply isolates malware regardless of whether it is known or new, and prevents it from doing any harm. The BUFFERZONE Endpoint Security solution includes:

• Virtual Container: A secure, virtual environment for accessing content from any potentially risky source including internet browsers, removable media and e-mail.
• Secure Bridge: A configurable process for extracting data from the container to enable collaboration between people and systems while ensuring security and compliance.
• Endpoint Intelligence: Detailed reporting and integration with SIEM and Big Data analytics to identify targeted attacks.

Features: Virtual Containment On endpoints running the BUFFERZONE agent, access to external, untrusted sources such as the internet and the effects of such access are completely isolated inside a virtualized container. Potential threats are thus isolated from the endpoint’s native resources from which trusted organizational resources are accessed, making it impossible for threats to in any way harm the endpoint or the rest of the organization. A configurable, centralized policy determines application containment. Network Separation Endpoint-based network segmentation. Define separate firewall-type rules for contained and uncontained applications, preventing uncontained, trusted applications from accessing risky destinations such as the internet and preventing contained, untrusted applications from accessing sensitive, internal organizational network destinations. Email Attachment Containment Contains attachments from external, untrusted sources, protecting the endpoint and trusted organizational resources from the attachments. Emails arriving from outside the organization are saved normally (uncontained) on endpoints but are subsequently opened on any protected endpoint in a BUFFERZONE container. DLP Features Several BUFFERZONE features can contribute to an organizational data-loss prevention (DLP) strategy by blocking information from exiting the organization by various paths:

• Containment Features. Prevent uncontained applications, which can access organizational resources, from accessing the internet; and prevent contained applications, which can access the internet, from accessing organizational resources.
• Hidden Files. Set file locations, that may contain sensitive data, to be hidden from contained applications.
• Upload Blocker. When Upload Blocker is enabled, contained browsers can download to and upload from only a designated folder (by default: Downloads), which is isolated from uncontained programs. This prevents browsers from uploading any files to the internet other than contained files that were previously downloaded from the internet.

BUFFERZONE Management Server (BZMS) For centralized management, you can integrate BUFFERZONE with your existing endpoint management system; or, for fuller management capabilities, use the BUFFERZONE Management Server (BZMS) to manage organizational BUFFERZONE agents, gain visibility to relevant organizational endpoints, and serve and assign organizational policy by endpoint and/or user.