End device protection (EDR / EPP / NGAV)

Nowadays, endpoint security systems are comprehensive solutions to secure users and devices on the network. In such systems, there is a prevention component, blocking attacks from the outside, and a threat detection and response component, which protects endpoints from what has already entered our network. Modern endpoint protection systems also have device management features, which is extremely useful when an administrator has a large fleet of endpoints.

What is EDR?

An EDR system is a technology that continuously monitors endpoints for threats and performs automated actions to maintain security. Endpoints are multiple physical devices connected to a network, such as cell phones, computers, laptops, virtual machines and smart network devices.

The EDR system is the backbone of protection for any IT environment, ensuring that end devices are protected from malicious (malware) software that has gotten past the preventive security component (NGAV or Antivirus).

What is the NGAV? What functions does it have?

An integral part of endpoint device protection systems, the NGAV solution is an extension of the antivirus system we all know - that is, the next-generation antivirus. In addition to the standard signature functions of malware protection, NGAV uses behavioral analysis and machine learning (ML) algorithms, which makes it detect malware that has never been used before, in addition to known malware variants. This is because NGAV, unlike a classic antivirus, does not rely solely on signatures, instead scanning processes and matching them against a base of known malware.

How does the EDR solution work?

When threats somehow infiltrate our network, bypassing Antivirus or NGAV, that's when EDR comes into play, collecting large amounts of data from all endpoint devices, then analyzing them for anomalies and potential threats using artificial intelligence (AI) and machine learning (ML) algorithms. The increased visibility into endpoint processes, allows for rapid response in the event of an attack, and provides many opportunities for security automation.

Potential risks to endpoints

Threats are constantly evolving, with thousands of new versions of malware being created every day - so implementing additional layers of security to protect endpoints is essential. Potential threats to endpoints include zero-day malware, phishing attacks and other types of malware created by artificial intelligence.

What does an endpoint protection system consist of?

We already know what the key components of an endpoint device protection system are. In summary, endpoint security solutions typically consist of the following components:

• Endpoint Detection and Response (EDR).
• Next Generation Antivirus (NGAV).
• Unified end device management (UEM)
• Update Management - Patch Management
• Integration with infrastructure 

Stovaris will help you protect your terminal equipment

We offer a wide range of solutions for protecting your end devices. Combined with our Firewalls and detection and response systems, your network will be enhanced with state-of-the-art security. Contact us to start building a comprehensive network protection system today.

This group of products is based on the company's solutions:

Sangfor