{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"products":{"reference-bonus":{"ru":"Предложить бонус за референс","_type":"localeString","en":"Offer a reference bonus"},"configurator":{"en":"Configurator","ru":"Конфигуратор","_type":"localeString"},"i-sell-it":{"ru":"I sell it","_type":"localeString","en":"I sell it"},"i-use-it":{"ru":"I use it","_type":"localeString","en":"I use it"},"roi-calculator":{"_type":"localeString","en":"ROI-calculator","ru":"ROI-калькулятор"},"selling":{"ru":"Продают","_type":"localeString","en":"Selling"},"using":{"ru":"Используют","_type":"localeString","en":"Using"},"sort-title-asc":{"en":"From A to Z","ru":"От А до Я","_type":"localeString"},"supplier-popover":{"en":"supplier","ru":"поставщик","_type":"localeString"},"implementation-popover":{"_type":"localeString","en":"deployment","ru":"внедрение"},"vendor-popover":{"_type":"localeString","en":"vendor","ru":"производитель"},"sort-title-desc":{"en":"From Z to A","ru":"от Я до А","_type":"localeString"},"sort-rating-asc":{"ru":"По возрастанию рейтинга","_type":"localeString","en":"Rating ascending"},"sort-rating-desc":{"_type":"localeString","en":"Rating descending","ru":"По убыванию рейтинга"},"sort-discount-asc":{"ru":"По возрастанию скидки","_type":"localeString","en":"Rebate ascending"},"sort-discount-desc":{"en":"Rebate descending","ru":"По убыванию скидки","_type":"localeString"},"i-use-it-popover":{"ru":"Внесите свое внедрение и получите бонус от ROI4CIO или поставщика.","_type":"localeString","en":"Make your introduction and get a bonus from ROI4CIO or the supplier."},"details":{"ru":"Детальнее","_type":"localeString","en":"Details"},"rebate-for-poc":{"ru":"Бонус 4 POC","_type":"localeString","en":"Bonus 4 POC"},"rebate":{"ru":"Бонус","_type":"localeString","en":"Bonus"},"vendor-verified":{"en":"Vendor verified","ru":"Поставщик потверждён","_type":"localeString"},"program-sends-data":{"_type":"localeString","en":"Program sends data"},"learn-more-btn":{"en":"Learn more","ru":"Узнать больше","_type":"localeString"},"categories-popover":{"en":"categories","ru":"категории","_type":"localeString"},"sort-popular-asc":{"en":"Popular ascending","ru":"По возростанию популярности","_type":"localeString"},"sort-popular-desc":{"ru":"По убыванию популярности","_type":"localeString","en":"Popular descending"},"no-results":{"_type":"localeString","en":"No results found. We didn't find any results with the filter you selected.","ru":"По вашему запросу ничего не найдено, попробуйте изменить запрос."},"login":{"_type":"localeString","en":"Login","de":"Einloggen","ru":"Войти"},"register":{"de":"Registrieren","ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"auth-message":{"de":"Sie müssen sich registrieren oder anmelden","ru":"Вам нужно зарегистрироваться или войти.","_type":"localeString","en":"You need to register or login."},"add-to-comparison":{"ru":"Добавить в сравнение","_type":"localeString","en":"Add to comparison"},"added-to-comparison":{"ru":"Добавлено в сравнения","_type":"localeString","en":"Added to comparison"},"items-found":{"ru":"Продуктов найдено","_type":"localeString","en":"Products found"},"sort-sales-desc":{"en":"By sale","ru":"По продаже","_type":"localeString"},"sort-purchases-desc":{"ru":"По покупке","_type":"localeString","en":"By purchase"},"product-supplier":{"_type":"localeString","en":"Product supplier","ru":"Поставщик продукта"},"product-vendor":{"ru":"Производитель продукта","_type":"localeString","en":"Product producer"},"products-fetching-error":{"_type":"localeString","en":"An error has occurred. Please reload the page.","ru":"Произошла ошибка. Перезагрузите пожалуйста страницу."}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"en":"Sign out","ru":"Выйти","_type":"localeString"},"faq":{"en":"FAQ","de":"FAQ","ru":"FAQ","_type":"localeString"},"references":{"en":"Requests","de":"References","ru":"Мои запросы","_type":"localeString"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"en":"Comparison Matrix","ru":"Матрица сравнения","_type":"localeString"},"roi-calculators":{"en":"ROI calculators","ru":"ROI калькуляторы","_type":"localeString"},"b4r":{"en":"Bonus for reference","ru":"Бонус за референс","_type":"localeString"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"en":"Deals","ru":"Сделки","_type":"localeString"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"en":"Deletion","ru":"Удаление","_type":"localeString"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"en":"Make online presentations","_type":"localeString"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"en":"Our IT Catalogs","_type":"localeString"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"en":"IT catalogs","_type":"localeString"}},"footer":{"copyright":{"en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"de":"Infocenter","ru":"Инфоцентр","_type":"localeString","en":"Infocenter"},"tariffs":{"de":"Tarife","ru":"Тарифы","_type":"localeString","en":"Subscriptions"},"contact":{"de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString","en":"Contact us"},"marketplace":{"en":"Marketplace","de":"Marketplace","ru":"Marketplace","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"salestools":{"_type":"localeString","en":"Salestools","de":"Salestools","ru":"Salestools"},"automatization":{"ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung"},"roi_calcs":{"en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString"},"matrix":{"en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"_type":"localeString","en":"Agreement","ru":"Пользовательское соглашение "},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString"},"subscribe__email-placeholder":{"en":"username@gmail.com","ru":"username@gmail.com","_type":"localeString"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"en":"Home","ru":"Главная","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"en":"Company name","ru":"Компания","_type":"localeString"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"en":"Your rate","ru":"Ваша оценка","_type":"localeString"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"en":"Site under maintenance","ru":"На сайте проводятся технические работы","_type":"localeString"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}},"filters":{"from":{"en":"from","ru":"от","_type":"localeString"},"to":{"en":"to","ru":"до","_type":"localeString"},"filter-price-title":{"_type":"localeString","en":"Filter by price","ru":"Фильтр по цене"},"view-type-label":{"_type":"localeString","en":"View","ru":"Вид"},"sort-type-label":{"en":"Sorting","ru":"Сортировка","_type":"localeString"},"category":{"ru":"Категория","_type":"localeString","en":"Category"},"follow":{"ru":"Следить","_type":"localeString","en":"Follow"},"add-product":{"_type":"localeString","en":"Add Product","ru":"Добавить продукт"},"show-all":{"_type":"localeString","en":"Show all","ru":"Показать все"},"filter-toggle":{"en":"Filter","ru":"Фильтр","_type":"localeString"},"clear-button":{"en":"Сlear","ru":"Очистить","_type":"localeString"},"delivery-type-field":{"ru":"Тип поставки","_type":"localeString","en":"Delivery type"},"product-categories-field":{"en":"product categories","ru":"категориz продуктаhjle","_type":"localeString"},"providers-field":{"ru":"Поставщик, производитель","_type":"localeString","en":"Providers"},"business-tasks-field":{"en":"Business tasks","ru":"Бизнес задачи","_type":"localeString"},"problems-field":{"en":"Problems","ru":"Проблемы","_type":"localeString"},"with-discounts-checkbox":{"ru":"Со скидками","_type":"localeString","en":"With discounts"},"expert-price-checkbox":{"ru":"Конфигуратор","_type":"localeString","en":"Configurator"},"roi-calculator-checkbox":{"_type":"localeString","en":"ROI-calculator","ru":"ROI-калькулятор"},"apply-filter-button":{"en":"Apply filter","ru":"Применить фильтр","_type":"localeString"},"sorting-toggle":{"ru":"Сортировка","_type":"localeString","en":"Sorting"},"show-all-button":{"en":"Show all","ru":"Показать все","_type":"localeString"},"suggest-product-button":{"en":"Suggest product","ru":"Предложить продукт","_type":"localeString"},"with-projects-label":{"ru":"С внедрениями","_type":"localeString","en":"With deployments"},"bonus-4-reference":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus 4 Reference"},"product-categories":{"_type":"localeString","en":"Product Categories","ru":"Категории продуктов"},"countries":{"ru":"Страны","_type":"localeString","en":"Countries"},"seller":{"_type":"localeString","en":"Seller","ru":"Продавец"},"vendors":{"ru":"Производители продуктов пользователя","_type":"localeString","en":"User products vendors"},"suppliers":{"ru":"Поставщики пользователя","_type":"localeString","en":"User suppliers"},"business-process":{"ru":"Проблемы","_type":"localeString","en":"Problems"},"business-objectives":{"ru":"Бизнес задачи","_type":"localeString","en":"Business tasks"},"branch":{"_type":"localeString","en":" Branch","ru":"Отрасль"},"users":{"ru":"Пользователи","_type":"localeString","en":"Users"},"status":{"ru":"Статус","_type":"localeString","en":"Status"},"info-source":{"ru":"Информационный ресурс","_type":"localeString","en":"Info source"},"with-reference-checkbox":{"ru":"С референсами","_type":"localeString","en":"With reference"},"show-deal-checkbox":{"en":"Show deal with noname","ru":"Показывать сделки с noname","_type":"localeString"},"roi-checkbox":{"_type":"localeString","en":"ROI","ru":"ROI"},"problems":{"_type":"localeString","en":"Problems","ru":"Проблемы"},"find":{"ru":"Выполнить поиск","_type":"localeString","en":"Find"},"deal-date":{"_type":"localeString","en":"Date","ru":"Дата"},"try-button":{"ru":"Попробовать AI (Beta)","_type":"localeString","en":"Try AI (Beta)"},"hide":{"_type":"localeString","en":"Hide","ru":"Скрыть"},"company-size":{"ru":"Размер компании","_type":"localeString","en":"Company size"},"add-company":{"ru":"Добавить компанию","_type":"localeString","en":"Add company"},"add-implementation":{"_type":"localeString","en":"Add deployment","ru":"Добавить внедрение"},"sort-title-asc":{"ru":"От А до Я","_type":"localeString","en":"From A to Z"},"sort-title-desc":{"ru":"От Я до А","_type":"localeString","en":"From Z to A"},"sellers-field":{"ru":"Поставщики, Производители","_type":"localeString","en":"Sellers"},"supply-types":{"ru":"Тип поставки","_type":"localeString","en":"Supply type"},"with-comments-checkbox":{"ru":"С комментариями","_type":"localeString","en":"With comments"},"supplier":{"en":"Supplier","ru":"Поставщик","_type":"localeString"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"user":{"ru":"Пользователь","_type":"localeString","en":"User"},"company-type":{"ru":"Тип компании","_type":"localeString","en":"Company type"},"partners-field":{"ru":" Партнеры","_type":"localeString","en":"Partners"},"customers":{"ru":"Покупатели","_type":"localeString","en":"Customers"},"product-supplier":{"_type":"localeString","en":"Product supplier","ru":"Поставщик продукта"},"product-vendor":{"ru":"Производитель продукта","_type":"localeString","en":"Product vendor"},"implementation-date":{"en":"Deployment date","ru":"Дата внедрения","_type":"localeString"},"canceled":{"ru":"Отменено","_type":"localeString","en":"Canceled"},"deal-canceled":{"ru":"Сделка отменена","_type":"localeString","en":"Deal canceled"},"deal-closed":{"ru":"Сделка закрыта","_type":"localeString","en":"Deal closed"},"deal-in-progress":{"ru":"Сделка в процессе","_type":"localeString","en":"Deal in progress"},"deal-is-planned":{"ru":"Сделка планируется","_type":"localeString","en":"Deal is planned"},"finished":{"ru":"Завершено","_type":"localeString","en":"Finished"},"in-process":{"_type":"localeString","en":"In Process","ru":"Ведется"},"planned":{"ru":"Планируется","_type":"localeString","en":"Planned"},"proof-of-concept":{"ru":"Пилотный проект","_type":"localeString","en":"Proof of concept"},"stopped":{"_type":"localeString","en":"Stopped","ru":"Остановлено"},"competencies":{"_type":"localeString","en":"Competencies","ru":"Компетенции"}}},"translationsStatus":{"products":"success","filters":"success"},"sections":{"products-text-block":{"label":"catalog-products-text-block","body":{"ru":[{"children":[{"_key":"28241882db7a0","_type":"span","marks":[],"text":"Каталог продуктов ROI4CIO - это база данных программного обеспечения, оборудования и ИТ-услуг для бизнеса. С помощью фильтров, подбирайте ИТ-продукты по категории, поставщику или производителю, бизнес-задачам, проблемам, наличию ROI калькулятора или калькулятора цены. Находите подходящие решения для бизнеса, воспользовавшись нейросетевым поиском, основанным на результатах внедрения софта в других компаниях."}],"_type":"block","style":"normal","_key":"28241882db7a","markDefs":[]}],"_type":"localeBlock","en":[{"children":[{"_type":"span","marks":[],"text":"The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks and problems. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.","_key":"8bebcfb349550"}],"_type":"block","style":"normal","_key":"8bebcfb34955","markDefs":[]}]}}},"sectionsStatus":{"products-text-block":"success"},"pageMetaData":{"products":{"title":{"ru":"ROI4CIO: Продукты","_type":"localeString","en":"ROI4CIO: Products"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"name":"og:type","content":"website"}],"translatable_meta":[{"translations":{"_type":"localeString","en":"Products","ru":"Продукты"},"name":"og:title"},{"name":"description","translations":{"ru":"Лучшие приложения и it услуги для бизнеса. Выбор по видам программного обеспечения, бизнес-задачам и проблемам. Расчет стоимости лицензионного ПО, ROI","_type":"localeString","en":"Description"}},{"name":"og:description","translations":{"en":"The best applications and it services for business. Choice by type of software, business tasks and problems. Calculation of the cost of licensed software, ROI","ru":"Лучшие приложения и it услуги для бизнеса. Выбор по видам программного обеспечения, бизнес-задачам и проблемам. Расчет стоимости лицензионного ПО, ROI","_type":"localeString"}},{"name":"keywords","translations":{"_type":"localeString","en":"keyword","ru":"каталог, программное обеспечение, софт, ит услуги"}},{"translations":{"en":"Products","ru":"Продукты","_type":"localeString"},"name":"title"}]}},"pageMetaDataStatus":{"products":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{"forcepoint-advanced-malware-detection":{"id":954,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Advanced Malware Detection","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-advanced-malware-detection","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors.\r\n<strong>Unmatched Accuracy</strong>\r\nForcepoint Advanced Malware Detection technology is unmatched in security efficacy. Even highly evasive threats are revealed through Deep Content Inspection of activity at multiple levels, dormant code, and other indicators often overlooked by traditional sandbox technologies.\r\n<strong>Zero-False Positives</strong>\r\nEliminate the distraction of False Positive results with AMD. This means your incident response team can spend its limited time responding to actual threats, not chasing down false positives and searching for indicators of compromise (IOCs).\r\n<strong>Global Threat Intelligence</strong>\r\nForcepoint sends threat intelligence updates containing the characteristics, behaviors and associated IOCs of every malicious object curated and analyzed within the global service. This allows for faster identification of previously-seen threats, new threats that reuse objects, and streamlines the analysis, detection and response to previously unseen threats.\r\n<strong>DEEP CONTENT INSPECTION – A STEP BEYOND SANDBOXING</strong>\r\nAs with sandboxing, Forcepoint Advanced Malware Detection provides a simulated environment for malware execution; that is where any similarity ends.\r\n<strong>A Complete Environment</strong>\r\nTraditional sandboxes have visibility down to the operating system level only. Forcepoint offers a unique isolation and inspection environment that simulates an entire host including the CPU, system memory and all devices. Deep Content Inspection interacts with malware to observe all the actions it might take within this complete environment, and even identifies ‘dormant code’ for special analysis.\r\n<strong>Malware Interaction</strong>\r\nSandbox-only solutions provide a relatively static environment, limiting the malicious ‘behavior’ they may uncover. Because Forcepoint Advanced Malware Detection interacts with malware, it observes every action that it might take, even when those actions are delegated to the operating system or other programs. In addition, this tool identifies potentially malicious ‘dormant code’ that the malware does not execute.\r\n<strong>Extensive Malware Detail Exposure</strong>\r\nA comprehensive solution must do more than just stop advanced malware. Correlated incident information prioritizes the most significant threats in your network without combing through massive log files. Full attack chain visibility enables your incident response team to quickly understand the nature of the attack, making your scarce security resources more efficient.\r\n<strong>MALWARE DETECTION ACROSS CHANNELS</strong>\r\nThreat actors will find and exploit any available point of entry. Forcepoint Advanced Malware Detection integrates with other defenses, complimenting their own security capabilities to frustrate attacker efforts across multiple channels. The resulting shared intelligence improves overall visibility and strengthens each point of defense.\r\nForcepoint Web Security is a (cloud or hybrid deployed) Secure Web Gateway that stops advanced threats from getting in and sensitive data from getting out – whether an organization’s users are in the office, working from home or on the road. Forcepoint Advanced Malware Detection integrates with Web Security as an additional defense against zero-day and other advanced, evasive malware.\r\nIts cutting-edge classification engine, global threat intelligence, advanced malware detection and enterprise-class DLP work together to make strong security easy to deploy. It delivers real-time web protection for increasingly mobile workforces and can share policies and context with Email Security to thwart advanced, coordinated web and email attacks with complete inbound and outbound defenses.\r\nForcepoint Email Security stops spam and phishing emails that introduce ransomware and other advanced threats before they can infect systems with malware. Forcepoint Advanced Malware Detection integrates with Email Security as an additional defense against zero-day and other advanced, evasive malware.\r\nThe comprehensive defenses of Forcepoint Email Security integrate: highly effective analytics, URL Wrapping, Phishing education, and advanced malware detection for inbound protection—as well as integrated DLP as an outbound control and email encryption for secure communications.\r\nOperating on the security industry’s most secure cloud infrastructure, Forcepoint Email Security delivers unparalleled phishing, malware and DLP protection for Microsoft Office 365 and other popular email systems.\r\nForcepoint Next Generation Firewall (NGFW) connects and protects people and their data throughout offices, branches, and the cloud – all with the greatest efficiency, availability and security. It applies multiple scanning techniques to files found in network traffic, allowing administrators to tailor granular levels of security to the specific needs of each connection. Forcepoint Advanced Malware Detection integrates with Forcepoint NGFW as an additional defense against zero-day and other advanced, evasive malware.\r\nForcepoint NGFW can deploy, monitor, and update thousands of firewalls, VPNs and IPSs from a single console – cutting network operating expenses up to 50%. It eliminates downtime with high-availability clustering and Multi-Link networking, block attacks, and manages encrypted traffic without hurting performance. As the pioneer in Advanced Evasion Technique (AET) defenses and proxy technologies for mission-critical applications, Forcepoint NGFW gives you security without compromise.\r\nForcepoint CASB delivers visibility and control over cloud applications and helps eliminate the security and compliance blind spots created in a cloud-first world. It quickly discovers unsanctioned cloud applications and assesses their associated risks, as well as the ability to control how sanctioned cloud applications such as Office 365, Google Suite, Salesforce, Box, Dropbox and others are used in order to prevent the loss of critical intellectual property.\r\nWith Forcepoint CASB, organizations can truly embrace the Cloud by ensuring that their users are not engaging in risky behaviors - without slowing them down.\r\n ","shortDescription":"Forcepoint Advanced Malware Detection - detecting and stoping the most evasive, Advanced Malware Threats","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Advanced Malware Detection","keywords":"Forcepoint, malware, with, Malware, advanced, security, threats, Advanced","description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors","og:title":"Forcepoint Advanced Malware Detection","og:description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":955,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":73,"title":"Network Sandboxing"}],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-casb-cloud-access-security-broker":{"id":942,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint CASB (Cloud Access Security Broker)","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-casb-cloud-access-security-broker","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Discover Shadow IT & Risk \r\nUnsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncovering what cloud apps are used by employees and their risk profiles.\r\nPrevent Leaks of Sensitive Data\r\nInspect files and cloud content in real-time to prevent the malicious or unintentional leakage of confidential information. Identify and analyze sensitive or regulated data stored in cloud file-sync services to understand sharing permissions exposure and ensure compliance with regulations such as PCI, SOX, and HIPAA.\r\nControl BYOD Access\r\nMinimize the risk of data proliferation to unmanaged or untrusted devices by enforcing device-based access rules. Prevent the downloading or syncing of data to unmanaged devices while allowing online access only to cloud data.\r\nDetect & Block Cyber Attacks\r\nForcepoint CASB monitors all user activity and analyzes usage patterns to rapidly detect anomalies that can indicate an account takeover. The dashboard provides a wealth of cloud analytics, highlighting suspicious activities and attempts to compromise accounts.\r\nForcepoint CASB provides visibility and control over sanctioned and unsanctioned cloud apps to enable their safe and productive use.\r\nDiscover Shadow IT & Risk\r\nUnsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncovering what cloud apps are used by employees and their risk profiles.\r\nPrevent Leaks of Sensitive Data\r\nInspect files and cloud content in real-time to prevent the malicious or unintentional leakage of confidential information. Identify and analyze sensitive or regulated data stored in cloud file-sync services to understand sharing permissions exposure and ensure compliance with regulations such as PCI, SOX, and HIPAA.\r\nControl BYOD Access\r\nMinimize the risk of data proliferation to unmanaged or untrusted devices by enforcing device-based access rules. Prevent the downloading or syncing of data to unmanaged devices while allowing online access only to cloud data.\r\nDetect & Block Cyber Attacks\r\nForcepoint CASB monitors all user activity and analyzes usage patterns to rapidly detect anomalies that can indicate an account takeover. The dashboard provides a wealth of cloud analytics, highlighting suspicious activities and attempts to compromise accounts.\r\nIdentify Security Gaps\r\nForcepoint CASB uses cloud APIs to analyze your cloud tenants, helping IT review users and admins to detect dormant accounts, external users, and ex-employees that might still have access to your cloud apps. In addition, Forcepoint CASB inspects your tenant security configurations to detect deficiencies and to recommend best-practice settings for effective cloud governance.\r\nOptimize Detection of Anomalies and Threats\r\nForcepoint CASB is the only cloud access security broker out there that protects enterprise data from theft and loss due to compromised, malicious, and careless users and that correlates activity anomalies with risky IP addresses.\r\n\r\nCLOUD GOVERNANCE\r\nCloud App Discovery\r\nUncovers cloud apps – sanctioned and unsanctioned – by inspecting data in user access logs across the enterprise. Also, Forcepoint CASB provides a searchable Cloud App Directory where customers can view details, including customized risk factors, for each cloud app discovered.\r\nCloud App Risk Scoring\r\nHarness the ability to categorize and prioritize each cloud app as high, medium, or low risk. Application risk scoring and weighting are based on several categories (Compliance, Security Settings, General Info, Data Leakage, Data Ownership, Account Termination Policy and Auditing), the consolidated results of which can help you prioritize your risk mitigation “to do” list.\r\nDetection of Compliance Gaps\r\nGain visibility into cloud app security settings and get notified when SaaS admins make critical configuration changes. Forcepoint CASB compares these settings against a set of industry best practices or compliance standards (e.g., HIPAA, PCI DSS, ISO, CSA) and highlights deficiencies that require immediate attention.\r\nData Governance\r\nScan corporate files and data stored in file-sharing services such as OneDrive, Box, Dropbox and Google Drive. See which ones are sensitive or contain regulated data so that you can initiate a remediation workflow, if necessary (e.g., alert) to meet your compliance requirements.\r\nCloud App Metrics\r\nAutomate the process of determining what cloud apps users are accessing and details the number of users, activity level, traffic volume and usage hours for each app.\r\nIdentification of Overspend\r\nReview the entitlements of your users. You could be overlooking potential areas of risk or possibly some cost savings opportunities.\r\nAUDIT & PROTECTION\r\nEnforce BYOD Access Rules to Prevent Data Proliferation\r\nPrevent data proliferation to unmanaged devices through auto-sync clients such as Outlook, OneDrive for Business and Box Sync. Forcepoint CASB distinguishes between managed and unmanaged devices so you can create granular device-based access rules to stop data proliferation.\r\nPrevent Data Leakage\r\nForcepoint CASB inspects content in real-time, scanning for keywords, phrases, regular expressions, and several other parameters, to ensure compliance with regulations such as PCI DSS, HIPAA, HITECH, GLBA and SOX by applying comprehensive data leak prevention (DLP) capabilities. Forcepoint CASB also includes an ICAP interface to integrate with 3rd-party DLP solutions.\r\nIdentify Access Anomalies and Threats\r\nForcepoint CASB strengthens cloud security by detecting access anomalies and issues that may indicate an external or insider threat targeting your data.\r\nMonitor User & Admin Activity\r\nCreate a clear and accurate picture of user activity attributes, including user ID, department, location, time, device, application actions and data objects accessed. Track, monitor, and report all administrative and privileged user activity, including data accesses, configuration changes and user permission modifications.","shortDescription":"Forcepoint CASB provides visibility and control over sanctioned and unsanctioned cloud apps to enable their safe and productive use.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint CASB (Cloud Access Security Broker)","keywords":"cloud, data, Forcepoint, CASB, risk, that, access, apps","description":"Discover Shadow IT & Risk \r\nUnsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncove","og:title":"Forcepoint CASB (Cloud Access Security Broker)","og:description":"Discover Shadow IT & Risk \r\nUnsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncove","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":943,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":95,"title":"Cloud Access Security Broker (CASB)"}],"testingArea":"","categories":[{"id":832,"title":"CASB - Cloud Access Security Broker","alias":"casb-cloud-access-security-broker","description":"A cloud access security broker (CASB) (sometimes pronounced cas-bee) is on-premises or cloud-based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies. A CASB can offer a variety of services, including but not limited to monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.\r\nA CASB may deliver security, the management or both. Broadly speaking, "security" is the prevention of high-risk events, whilst "management" is the monitoring and mitigation of high-risk events.\r\nCASBs that deliver security must be in the path of data access, between the user and the cloud. Architecturally, this might be achieved with proxy agents on each end-point device, or in agentless fashion without requiring any configuration on each device. Agentless CASB allows for rapid deployment and delivers security on all devices, company-managed or unmanaged BYOD. Agentless CASB also respects user privacy, inspecting only corporate data. Agent-based CASB is difficult to deploy and effective only on devices that are managed by the corporation. Agent-based CASB typically inspects both corporate and personal data.\r\nCASBs that deliver management may use APIs to inspect data and activity in the cloud to alert of risky events after the fact. Another management capability of a CASB is to inspect firewall or proxy logs for the usage of cloud applications.","materialsDescription":"<span style=\"font-weight: bold;\">What is CASB?</span> A Cloud Access Security Broker (CASB) is a policy enforcement point that secures data & apps in the cloud and on any device, anywhere.\r\n<span style=\"font-weight: bold;\">What is the difference between security and management?</span> Security is preventing risky events from happening, management is cleaning up after high-risk events.\r\n<span style=\"font-weight: bold;\">What is Shadow IT?</span> Cloud applications used by business users without IT oversight, also known as unmanaged apps.\r\n<span style=\"font-weight: bold;\">What are managed apps?</span> Cloud Applications that are managed by IT, e.g.Office 365.\r\n<span style=\"font-weight: bold;\">What are the types of CASB?</span> Three types of Cloud Access Security Broker\r\n<ul><li>a) API-only CASB offer basic management</li><li>b) multi-mode first-gen CASB offer management & security</li><li>c) Next-Gen CASB deliver management, security & Zero-Day protection.</li></ul>\r\n<span style=\"font-weight: bold;\">What is a forward proxy?</span> A proxy where traffic must be forwarded by the end-point Such proxies requires agents and configuration on client devices.\r\n<span style=\"font-weight: bold;\">What is a reverse proxy?</span> A proxy where traffic is automatically routed, requiring no agent or configuration on the end-point.\r\n<span style=\"font-weight: bold;\">What is AJAX-VM?</span> Acronym for "Adaptive Javascript and XML- Virtual Machine." AJAX-VM virtualizes cloud apps on the fly so they can be proxied without agents. Reverse-proxy CASB are brittle without AJAX-VM and break frequently with app changes.\r\n<span style=\"font-weight: bold;\">What are the types of CASB architecture?</span> There are three types of CASB architecture: API-only, forward proxy, and reverse proxy. Some CASB are API-only, others API and forward proxy. Next-Gen CASBs offer all three with AJAX-VM.\r\n<span style=\"font-weight: bold;\">What is CASB encryption?</span> Encryption/decryption of data prior to upload/download to a cloud application.\r\n <span style=\"font-weight: bold;\">What is searchable encryption?</span> An encryption system that combines full encryption with a clear-text index to enable search and sort without compromising encryption strength.\r\n<span style=\"font-weight: bold;\">What is tokenization?</span> Obfuscation by encoding each input string as a unique output string.\r\n<span style=\"font-weight: bold;\">What is agentless MDM?</span> Mobile security for BYOD that does not require agents. Easy to deploy and has no access to personal data or apps, thereby preserving user privacy.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_CASB.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-data-guard":{"id":3629,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Data Guard","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-data-guard","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"The need for secure collaboration and information sharing continues to increase between and within government agencies. To protect this sensitive data from the persistent threat of a cyber-attack, penetration and data loss, only the most secure methods should be utilized.\r\nThe sharing and movement of data are essential to the rapid, accurate and precise execution of our customers’ missions. Forcepoint Data Guard enables the bi-directional, automated transfer of highly complex data — including real-time streaming video — between multiple domains, and targets specific high assurance security requirements found in government environments.<br />\r\nForcepoint Data Guard is the ideal choice for customers that require the highest degree of sensitive data protection for national and mission security.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Advantage</span>\r\n<ul><li>Eliminates costly and time-consuming manual data transfers</li></ul>\r\n<ul><li>Delivers byte-level deep content inspection, data validation and filtering that can be tailored to customer-specific security policies, requirements and risks</li></ul>\r\n<ul><li>Enables real-time video streaming (MPEG2-TS)</li></ul>\r\n<ul><li>Supports TCP and UDP over IP and adaptability for custom interfaces</li></ul>\r\n<ul><li>Provides highly customizable data validation rules for maximum flexibility</li></ul>\r\n<ul><li>Streamlines the SIEM alert and monitoring process with rapid data transfer from lower-level networks to a single higher-level network</li></ul>\r\n<ul><li>Derived from the Common Criteria-evaluated, Red Hat Enterprise Linux 7 secure operating system with Security Enhanced Linux (SELinux) modules</li></ul>","shortDescription":"Forcepoint Data Guard - Secure data and file transfer between physically separated networks","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Data Guard","keywords":"","description":"The need for secure collaboration and information sharing continues to increase between and within government agencies. To protect this sensitive data from the persistent threat of a cyber-attack, penetration and data loss, only the most secure methods should ","og:title":"Forcepoint Data Guard","og:description":"The need for secure collaboration and information sharing continues to increase between and within government agencies. To protect this sensitive data from the persistent threat of a cyber-attack, penetration and data loss, only the most secure methods should ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":3630,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-dlp":{"id":1631,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint DLP","vendorVerified":0,"rating":"2.40","implementationsCount":2,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-dlp","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Forcepoint DLP accelerates your compliance efforts by combining pre-packaged coverage of global regulations with central control across your IT environment. Forcepoint DLP efficiently secures sensitive customer information and regulated data so you can confidently prove ongoing compliance. Forcepoint DLP provides critical capability addressing compliance with features such as: \r\n<ul> <li>Optical Character Recognition (OCR) identifies data imbedded in images while at rest or in motion (available with Forcepoint DLP – Network).</li> <li>Robust identification for Personally Identifiable Information (PII) offers data validation checks, real name detection, proximity analysis and context identifiers.</li> <li>Custom encryption identification exposes data hidden from discovery and applicable controls.</li> <li>Cumulative analysis for drip DLP detection (i.e., data that leaks out slowly over time).</li> <li>Integration with Microsoft Azure Information Protection analyzes encrypted files and applies appropriate DLP controls to the data.</li> </ul>\r\nForcepoint DLP applies advanced analytics to correlate seemingly unrelated DLP events into prioritized incidents. Incident Risk Ranking (IRR) provided with Forcepoint DLP fuses disparate DLP indicators into a framework of Bayesian belief networks to assess the likelihood of data risk scenarios, such as data theft and broken business processes. Forcepoint DLP includes advanced analytics and regulatory policy templates from a single point of control with every deployment. Enterprises choose the deployment options for their IT environment.","shortDescription":"Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":true,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint DLP","keywords":"Forcepoint, data, with, compliance, analytics, such, detection, advanced","description":"Forcepoint DLP accelerates your compliance efforts by combining pre-packaged coverage of global regulations with central control across your IT environment. Forcepoint DLP efficiently secures sensitive customer information and regulated data so you can confide","og:title":"Forcepoint DLP","og:description":"Forcepoint DLP accelerates your compliance efforts by combining pre-packaged coverage of global regulations with central control across your IT environment. Forcepoint DLP efficiently secures sensitive customer information and regulated data so you can confide","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":1527,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":83,"title":"Data Loss Prevention"}],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-email-security":{"id":938,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-email-security","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Security integrates powerful analytics and advanced malware sandboxing for inbound protection, content filtering for outbound data control and email encryption for secure communications.<br />Forcepoint Email Security Cloud’s proactive URL Wrapping and Phishing Education secure email wherever users need access, even on mobile devices. Our unrivaled cloud infrastructure delivers phishing, malware and DLP protection for Microsoft Office 365™ and other popular email systems.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Email Security advantage</span><br />\r\n<span style=\"font-style: italic;\">Real-time threat protection</span><br />\r\nReal-time threat protection uses a unique blend of detection technologies, including machine learning, sandboxing, and predictive analytics to effectively stop advanced threats such as ransomware.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Protection against highly evasive zero-day threats</span><br />\r\nGet advanced malware detection (sandboxing) with our full system emulation sandbox. Deep content inspection reveals highly evasive zero-day threat with no false positives.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Powerful encryption for additional protection</span><br />\r\nEncrypt sensitive email conversations and enhance mobile security by controlling sensitive attachments access by device.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Incident risk ranking to find the greatest risks</span><br />\r\nIncidents are correlated across multiple events to identify true cumulative risk trends and activity. A risk score is included to help security teams identify the greatest risks based on real-time activity.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Integrated data loss prevention</span><br />\r\nIntegrated industry-leading data loss prevention stops data infiltration and exfiltration capabilities.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Unique phishing education feature</span><br />\r\nUse Forcepoint Email Security’s unique phishing education features to help users adopt best practices and identify those who need additional training to improve their security awareness.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Complete out-of-the-box solution</span><br />\r\nForcepoint Email Security includes DLP, URL wrapping, and other capabilities that are considered premium "add-ons" or upgrades by many competitors, delivering the most comprehensive inbound and outbound defenses out of the box.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Deployment flexibility</span><br />\r\nHow you deploy our email security solution is up to you. Choose from a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments.","shortDescription":"Forcepoint Email Security identifies targeted attacks, high-risk users and insider threats, while empowering mobile workers and the safe adoption of new technologies like Office 365 and Box Enterprise","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":true,"bonus":100,"usingCount":20,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security","keywords":"Cloud, Forcepoint, Security, email, Email, attacks, threats, advanced","description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se","og:title":"Forcepoint Email Security","og:description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":939,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":38,"title":"Secure E-mail Gateway"}],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-email-security-cloud-forcepoint-web-security-cloud":{"id":1473,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","vendorVerified":0,"rating":"2.40","implementationsCount":2,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-email-security-cloud-forcepoint-web-security-cloud","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives you the security you need by protecting you against multi-stage advanced threats that exploit email to penetrate your IT environment.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Forcepoint Email Security applies real-time behavioral sandboxing, enterprise-grade DLP and other advanced defense technologies to prevent leaks of sensitive information, empowering your workers — in the office or on the road — as you safely adopt technologies like Microsoft Office 365. In addition, detect phishing and secure email wherever users need access, even on mobile devices, through features like Phishing Education and URL Wrapping.</span>\r\nYour business and data are under constant attack. Traditional filtering and antivirus products no longer provide sufficient protection, and many web security solutions can’t address advanced threats as they occur.\r\n\r\nForcepoint Web Security provides advanced, real-time threat defense to stop advanced threats and prevent data loss. It provides robust protection through context- and content-aware defenses, coupled with integrated Cloud Access Security Broker (CASB) functionality, to provide control and visibility for cloud applications on both on-premises and roaming users. The combination of industry-leading web protection, CASB functionality and enterprise DLP delivers protection at a value no other vendor can match.","shortDescription":"Forcepoint Email Security Cloud (formerly TRITON AP-EMAIL Cloud) - Protecting from spam, phishing & ransomware attacks wherever email is accessed","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","keywords":"Security, advanced, Forcepoint, protection, threats, like, Email, Cloud","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y","og:title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":1473,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-ngfw":{"id":952,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint NGFW","vendorVerified":1,"rating":"3.70","implementationsCount":3,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-ngfw","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"<span style=\"color: #616161;\">Forcepoint Next Generation Firewall (NGFW) connects and protects people and the data they use throughout the enterprise network – all with the greatest efficiency, availability and security. Trusted by thousands of customers around the world, Forcepoint network security solutions enable businesses, government agencies and other organizations to address critical issues efficiently and economically.<br /></span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Decrypt traffic while safeguarding privacy</span><br />Inspect attacks and stolen data hidden inside encrypted SSL/TLS traffic while still protecting users' privacy.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Extend your network into the cloud</span><br />Deploy applications safely in Amazon Web Services, Azure, and VMware. Segment different service layers and manage virtual NGFWs and IPSs the same way as physical appliances.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Control access to web content</span><br />Limit users' access to entire categories of websites containing inappropriate or unsafe content with URL intelligence that’s depended upon around the globe.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Protect high-assurance systems</span><br />Safeguard your most sensitive, mission-critical networks and applications with Forcepoint’s renowned Sidewinder proxy technology.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Regain control of shadow IT</span><br />Understand the risk associated with unsanctioned cloud apps so you can redirect users to more appropriate apps or block them altogether.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-weight: bold;\">Offer SD-WAN and NGFW security as an MSSP</span><br />Manage enterprise-grade connectivity and protection from your own multi-tenant systems, with a business model tailored to the needs of MSSPs.<br /></span>\r\n\r\n<span style=\"text-decoration: underline;\"><span style=\"font-weight: bold;\"><span style=\"color: #616161;\">Key features:</span></span></span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Modular appliances for every environment</span><br />Our broad range of appliances provide the right price-performance and form factor for each location; pluggable interface cards let you change networks with ease.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">High availability, mixed clustering</span><br />Active-active clustering lets you mix up to 16 different models of appliances for unrivaled scalability, longer lifecycles, and seamless updates without dropping packets.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Multi-link connectivity for SD-WAN</span><br />Broadband, wireless, and dedicated lines at each location can be centrally deployed and managed, providing full control over what traffic goes over each link with automated failover.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Automated, zero-downtime updates</span><br />Policy changes and software updates can be deployed to hundreds of firewalls and IPS devices around the world in minutes, not hours, without the need for service windows.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Policy-driven centralized management</span><br />Smart Policies describe your business processes in familiar terms and are automatically implemented throughout the network, managed in-house or via MSSP.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Actionable, interactive 360° visibility</span><br />Graphical dashboards and visualizations of network activity go beyond simple reporting, enabling admins to drill into events and respond to incidents faster.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Built-in NGFW, VPN, proxies, and more</span><br />Unparalleled security comes standard, from top-ranked Next Generation Firewall and IPS to rapid-setup VPNs and granular decryption, as well as our unique Sidewinder proxy technology.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Top-ranked anti-evasion defense</span><br />Multi-layer stream inspection defeats advanced attacks that traditional packet inspection can't detect—see for yourself in our Evader video series.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Human-centric endpoint context</span><br />Access policies can whitelist or blacklist specific endpoint apps, patch levels or AV status. Users' behaviors are consolidated into actionable dashboards.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Unified virtual and physical security</span><br />Native support for AWS, Azure, and VMware has the same capabilities, management, and high performance of our physical appliances.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">CASB and web security</span><br />Our reknowned URL filtering and industry-leading cloud services work together to protect your data and people as they use apps and web content.</span>\r\n<span style=\"color: #616161;\"><span style=\"font-style: italic;\">Anti-malware sandboxing</span><br />Forcepoint Advanced Malware Detection blocks previously undetected ransomware, zero-days, and other attacks before they steal sensitive data or damage your systems.</span>","shortDescription":"With Forcepoint NGFW, you can deploy and manage thousands of firewalls, IPSs, VPNs and SD-WANs – in minutes, all from a single console.","type":null,"isRoiCalculatorAvaliable":true,"isConfiguratorAvaliable":true,"bonus":100,"usingCount":9,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint NGFW","keywords":"Forcepoint, NGFW, your, network, security, that, data, with","description":"<span style=\"color: #616161;\">Forcepoint Next Generation Firewall (NGFW) connects and protects people and the data they use throughout the enterprise network – all with the greatest efficiency, availability and security. Trusted by thousands of customers aroun","og:title":"Forcepoint NGFW","og:description":"<span style=\"color: #616161;\">Forcepoint Next Generation Firewall (NGFW) connects and protects people and the data they use throughout the enterprise network – all with the greatest efficiency, availability and security. Trusted by thousands of customers aroun","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":953,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":13,"title":"NG Firewall"}],"testingArea":"","categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-secure-enterprise-sd-wan":{"id":3337,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Secure Enterprise SD-WAN","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-secure-enterprise-sd-wan","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Forcepoint’s network security products combine the latest in software-defined wide area networking (SD-WAN) with the industry’s top-rated next-generation firewall (NGFW) security, all managed at enterprise scale from a single policy-based console. It is used by organizations of all sizes in retail, hospitality, and financial services around the globe.\r\nForcepoint is depended upon by distributed organizations around the world to safely and efficiently connect and protect their remote stores, branches, and office buildings. Our SD-WAN technology enables sites to seamlessly use multiple connections from different ISPs, secure each of those links with the industry’s top-rated security, and manage all of it together from one console.\r\nWhether you’re a global organization that needs unified visibility and control, a growing business aspiring to have many locations, or a smaller organization that administers remote locations from a central office, Forcepoint’s enterprise-grade approach helps untangle unnecessary complexity to achieve new levels of operational efficiency.\r\n<span style=\"font-weight: bold;\">Zero-Touch Deployment</span>\r\nSave time and money by deploying Forcepoint to remote offices and branch locations without an on-site technician. Devices can automatically download their initial configuration from Forcepoint’s Installation Cloud, eliminating the need for manual setup.\r\n<span style=\"font-weight: bold;\">Smarter Policies & Updates</span>\r\nForcepoint’s Smart Policies express your business processes in familiar terms, such as users, applications, locations and more. Easy grouping replaces hardcoded values, enabling policies to be dynamically reused throughout your network. Administrators can quickly update and publish policies to all affected devices, globally with a single click.\r\n<span style=\"font-weight: bold;\">Faster Incident Response</span>\r\nForcepoint SMC makes it easy to visualize and analyze what’s happening throughout your network.Network admins can interactively drill into the corresponding data to rapidly investigate patterns and anomalies and turn insights into immediate actions.","shortDescription":"Forcepoint Secure Enterprise SD-WAN allows you to safely and efficiently extend your network from your data centers and headquarters out to your remote branch offices and into the cloud.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Secure Enterprise SD-WAN","keywords":"","description":"Forcepoint’s network security products combine the latest in software-defined wide area networking (SD-WAN) with the industry’s top-rated next-generation firewall (NGFW) security, all managed at enterprise scale from a single policy-based console. It is used b","og:title":"Forcepoint Secure Enterprise SD-WAN","og:description":"Forcepoint’s network security products combine the latest in software-defined wide area networking (SD-WAN) with the industry’s top-rated next-generation firewall (NGFW) security, all managed at enterprise scale from a single policy-based console. It is used b","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":3338,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":93,"title":"Software-Defined WAN (SD-WAN)"}],"testingArea":"","categories":[{"id":499,"title":"SDN Software-Defined Network","alias":"sdn-software-defined-network","description":" <span style=\"font-weight: bold; \">Software-defined networking (SDN)</span> technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.\r\nSDN encompasses several types of technologies, including functional separation, network virtualization and automation through programmability. SDN solution is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting. \r\nSDN technology attempts to centralize network intelligence in one network component by disassociating the forwarding process of network packets (<span style=\"font-weight: bold; \">data plane</span>) from the routing process (<span style=\"font-weight: bold; \">control plane</span>). The control plane consists of one or more controllers which are considered as the brain of SDN network where the whole intelligence is incorporated. Originally, software defined technology focused solely on separation of the network control plane from the data plane. While the control plane makes decisions about how packets should flow through the network, the data plane actually moves packets from place to place. \r\nIn a classic SDN scenario, a packet arrives at a network switch, and rules built into the switch's proprietary firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller. The switch - also known as a <span style=\"font-weight: bold; \">data plane device</span> - queries the controller for guidance as needed, and it provides the controller with information about traffic it handles. The switch sends every packet going to the same destination along the same path and treats all the packets the exact same way.\r\nSoftware defined networking solutions use an operation mode that is sometimes called adaptive or dynamic, in which a switch issues a route request to a controller for a packet that does not have a specific route. This process is separate from adaptive routing, which issues route requests through routers and algorithms based on the network topology, not through a controller.\r\nThe <span style=\"font-weight: bold;\">virtualization</span> aspect of SDN comes into play through a virtual overlay, which is a logically separate network on top of the physical network. Users can implement end-to-end overlays to abstract the underlying network and segment network traffic. This microsegmentation is especially useful for service providers and operators with multi-tenant cloud environments and cloud services, as they can provision a separate virtual network with specific policies for each tenant.","materialsDescription":"<h1 class=\"align-center\">Benefits of Software Defined Networking</h1>\r\nWith SDN software, an <span style=\"font-weight: bold; \">administrator can change any network switch's rules when necessary</span> - prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. This is especially helpful in a cloud computing multi-tenant architecture, because it enables the administrator to manage traffic loads in a flexible and more efficient manner. Essentially, this enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.\r\nOther benefits of SDN are <span style=\"font-weight: bold; \">network management</span> and <span style=\"font-weight: bold; \">end-to-end visibility.</span>A network administrator need only deal with one centralized controller to distribute policies to the connected switches, instead of configuring multiple individual devices. This capability is also a security advantage because the controller can monitor traffic and deploy security policies. If the controller deems traffic suspicious, for example, it can reroute or drop the packets.\r\nSoftware defined networking software also <span style=\"font-weight: bold; \">virtualizes hardware</span> and <span style=\"font-weight: bold; \">services </span>that were previously carried out by dedicated hardware, resulting in the touted benefits of a reduced hardware footprint and lower operational costs.\r\nAdditionally, SDN contributed to the emergence of <span style=\"font-weight: bold; \">software-defined wide area network (SD-WAN)</span> technology. SD-WAN employs the virtual overlay aspect of SDN technology, abstracting an organization's connectivity links throughout its WAN and creating a virtual network that can use whichever connection the controller deems fit to send traffic.\r\n<h1 class=\"align-center\">Are there any SDN security benefits?</h1>\r\nAs security issues become more complex at the edge of the network, it’s no wonder that network and security professionals are looking for new ways to approach network protection. Nowadays, it seems like SDN is going to be the answer. \r\n<ul><li><span style=\"font-weight: bold; \">Centralized Network Control </span></li></ul>\r\nIn a traditional network, devices (router/switches) make their own decisions locally about where and how best to send traffic. In terms of network security, SDN can be used to route data packets through a single firewall and make IDS and IPS data capture more efficient.\r\n<ul><li><span style=\"font-weight: bold; \">Simplify Configuration</span></li></ul>\r\nThe SDN makes it easier to automate configuration and improves the traceability of those configurations. The introduction of SDN network management allows dynamic programming and restructuring of network settings, which reduces the risk of DDoS attacks. It is also worth adding that SDN has automatic quarantine capabilities. \r\n<ul><li><span style=\"font-weight: bold; \">Creation of High-level Network Policies</span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \">Rather than physically configuring security solutions, SDN facilitates the central management of security policies to make network operator roles more efficient and flexible. Moreover, SDN helps to move away from current management approaches such as SNMP/CLI and build more effective policy management. </span>\r\n<ul><li><span style=\"font-weight: bold; \"><span style=\"color: rgb(97, 97, 97); \">Easy to use Application Programming Interfaces (APIs)</span></span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \">Cloud APIs are interfaces presented by software and play a vital role in SDN controllers and applications. Easy to use APIs help to manage network resources, improve the efficiency of IT resources, and aid integration with IT tools. Additionally, a number of good cloud security practices have been introduced recently. </span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SDN_Software_Defined_Network.png"},{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":34,"title":"ITSM - IT Service Management","alias":"itsm-it-service-management","description":"<span style=\"font-weight: bold; \">IT service management (ITSM)</span> is the process of designing, delivering, managing, and improving the IT services an organization provides to its end users. ITSM is focused on aligning IT processes and services with business objectives to help an organization grow.\r\nITSM positions IT services as the key means of delivering and obtaining value, where an internal or external IT service provider works with business customers, at the same time taking responsibility for the associated costs and risks. ITSM works across the whole lifecycle of a service, from the original strategy, through design, transition and into live operation.\r\nTo ensure sustainable quality of IT services, ITSM establishes a set of practices, or processes, constituting a service management system. There are industrial, national and international standards for IT service management solutions, setting up requirements and good practices for the management system. \r\nITSM system is based on a set of principles, such as focusing on value and continual improvement. It is not just a set of processes – it is a cultural mindset to ensure that the desired outcome for the business is achieved. \r\n<span style=\"font-weight: bold; \">ITIL (IT Infrastructure Library)</span> is a framework of best practices and recommendations for managing an organization's IT operations and services. IT service management processes, when built based on the ITIL framework, pave the way for better IT service operations management and improved business. To summarize, ITIL is a set of guidelines for effective IT service management best practices. ITIL has evolved beyond the delivery of services to providing end-to-end value delivery. The focus is now on the co-creation of value through service relationships. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">ITSM processes typically include five stages, all based on the ITIL framework:</span></p>\r\n<span style=\"font-weight: bold; \">ITSM strategy.</span> This stage forms the foundation or the framework of an organization's ITSM process building. It involves defining the services that the organization will offer, strategically planning processes, and recognizing and developing the required assets to keep processes moving. \r\n<span style=\"font-weight: bold; \">Service design.</span> This stage's main aim is planning and designing the IT services the organization offers to meet business demands. It involves creating and designing new services as well as assessing current services and making relevant improvements.\r\n<span style=\"font-weight: bold; \">Service transition.</span> Once the designs for IT services and their processes have been finalized, it's important to build them and test them out to ensure that processes flow. IT teams need to ensure that the designs don't disrupt services in any way, especially when existing IT service processes are upgraded or redesigned. This calls for change management, evaluation, and risk management. \r\n<span style=\"font-weight: bold; \">Service operation. </span>This phase involves implementing the tried and tested new or modified designs in a live environment. While in this stage, the processes have already been tested and the issues fixed, but new processes are bound to have hiccups—especially when customers start using the services. \r\n<span style=\"font-weight: bold;\">Continual service improvement (CSI).</span> Implementing IT processes successfully shouldn't be the final stage in any organization. There's always room for improvement and new development based on issues that pop up, customer needs and demands, and user feedback.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Benefits of efficient ITSM processes</h1>\r\nIrrespective of the size of business, every organization is involved in IT service management in some way. ITSM ensures that incidents, service requests, problems, changes, and IT assets—in addition to other aspects of IT services—are managed in a streamlined way.\r\nIT teams in your organization can employ various workflows and best practices in ITSM, as outlined in ITIL. Effective IT service management can have positive effects on an IT organization's overall function.\r\nHere are the 10 key benefits of ITSM:\r\n<ul><li> Lower costs for IT operations</li><li> Higher returns on IT investments</li><li> Minimal service outages</li><li> Ability to establish well-defined, repeatable, and manageable IT processes</li><li> Efficient analysis of IT problems to reduce repeat incidents</li><li> Improved efficiency of IT help desk teams</li><li> Well-defined roles and responsibilities</li><li> Clear expectations on service levels and service availability</li><li> Risk-free implementation of IT changes</li><li> Better transparency into IT processes and services</li></ul>\r\n<h1 class=\"align-center\">How to choose an ITSM tool?</h1>\r\nWith a competent IT service management goal in mind, it's important to invest in a service desk solution that caters to your business needs. It goes without saying, with more than 150 service desk tools to choose from, selecting the right one is easier said than done. Here are a few things to keep in mind when choosing an ITSM products:\r\n<span style=\"font-weight: bold; \">Identify key processes and their dependencies. </span>Based on business goals, decide which key ITSM processes need to be implemented and chart out the integrations that need to be established to achieve those goals. \r\n<span style=\"font-weight: bold; \">Consult with ITSM experts.</span> Participate in business expos, webinars, demos, etc., and educate yourself about the various options that are available in the market. Reports from expert analysts such as Gartner and Forrester are particularly useful as they include reviews of almost every solution, ranked based on multiple criteria.\r\n<span style=\"font-weight: bold; \">Choose a deployment option.</span> Every business has a different IT infrastructure model. Selecting an on-premises or software as a service (SaaS IT service management) tool depends on whether your business prefers to host its applications and data on its own servers or use a public or private cloud.\r\n<span style=\"font-weight: bold; \">Plan ahead for the future.</span> Although it's important to consider the "needs" primarily, you shouldn't rule out the secondary or luxury capabilities. If the ITSM tool doesn't have the potential to adapt to your needs as your organization grows, it can pull you back from progressing. Draw a clear picture of where your business is headed and choose an service ITSM that is flexible and technology-driven.\r\n<span style=\"font-weight: bold;\">Don't stop with the capabilities of the ITSM tool.</span> It might be tempting to assess an ITSM tool based on its capabilities and features but it's important to evaluate the vendor of the tool. A good IT support team, and a vendor that is endorsed for their customer-vendor relationship can take your IT services far. Check Gartner's magic quadrant and other analyst reports, along with product and support reviews to ensure that the said tool provides good customer support.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_ITSM.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-sureview-analytics":{"id":950,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Forcepoint_SureView_Analytics.jpg","logo":true,"scheme":false,"title":"Forcepoint SureView Analytics","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-sureview-analytics","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Security analysts in law enforcement, military and commercial settings spend too much time collecting and collating data across different public and private sources. Their time would be much better spent analyzing the real threats so they can respond rapidly and effectively .\r\nSureView Analytics delivers a dramatically different experience: By employing virtual data warehousing, federated search, powerful algorithms for automated information discovery and intuitive workflow tools, security analysts gain the ability to respond to cyber threats, fraud, other criminal activity and even terrorism as they’re happening — not hours, days or months later.\r\nThe Forcepoint Advantage\r\nVirtual Data Warehousing\r\nTraditional approaches to security analysis require organizations to set up data warehouses and ingest mass data — a process that taxes IT resources, triggers onerous compliance requirements, raises sticky questions of data ownership and drives up your total cost of ownership (TCO). By contrast, we avoid those pitfalls by using virtual data warehousing technology that accesses data at high speed without ever needing to copy or move it.\r\nThe result is a faster, more economical solution that is quicker and easier to set up, and that avoids putting long-term burdens on your IT and compliance resources.\r\nFederated Search\r\nThe federated search capabilities of SureView Analytics allow your analysts to quickly develop a centralized picture of threats by giving your team instant access to live data across websites, emails, social media, documents and internal or external databases (e.g., of crimes, parolees, or FBI-shared data). Besides being highly flexible and scalable, this technology eliminates the traditional need to wait on batch processes, meaning that analysis is based on near-real-time information rather than yesterday’s data. It also allows organizations to take advantage of investments they have already made on enterprise systems for a lower Total Cost of Ownership.\r\nAnalytical Workflows and Tools\r\nSureView Analytics has been designed from the ground up to be easy to use and to enable rapid collaboration across teams. Its sophisticated data visualization tools enable your analysts to interactively expose patterns, trends and anomalies hiding in large amounts of complex data:\r\nLink Analysis — Easily uncover clusters of information or key individuals and their relationship to suspicious events\r\nTemporal Analysis — Quickly recognize a change in behavioral patterns or unusual conduct needing further investigation\r\nGeospatial Analysis — Unearth an unknown relationship or the importance of information based on geographic correlations\r\nStatistical Analysis — Identify unexpected peaks in activities or values\r\nSureView Analytics also includes faceted and tactical searching for selective information discovery using visual search filters, as well as alerting functionality and an integrated intelligence database that supports secure information sharing.\r\n Now, our most important assets, people, have more time to focus on critical success tasks and objectives. The agency is now more agile and able to add data flows on demand. \r\nConfidential Government Customer\r\nForrester Total Economic Impact Study","shortDescription":"SureView Analytics\r\nRapidly Search and Analyze Large Amounts of Data to Detect Cyber and Real-World Threats","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint SureView Analytics","keywords":"data, information, that, Analytics, your, SureView, analysts, Analysis","description":"Security analysts in law enforcement, military and commercial settings spend too much time collecting and collating data across different public and private sources. Their time would be much better spent analyzing the real threats so they can respond rapidly a","og:title":"Forcepoint SureView Analytics","og:description":"Security analysts in law enforcement, military and commercial settings spend too much time collecting and collating data across different public and private sources. Their time would be much better spent analyzing the real threats so they can respond rapidly a","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Forcepoint_SureView_Analytics.jpg"},"eventUrl":"","translationId":951,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-trusted-thin-client":{"id":948,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Trusted Thin Client","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-trusted-thin-client","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"End users working with multiple secure systems have traditionally needed multiple desktop computers on a single desk to accomplish their missions. To remain effective, they need a simplified approach with a high level of security that performs efficiently.\r\nForcepoint Trusted Thin Client provides users with secure simultaneous access to information on any number of networks from a single endpoint device. Designed for enterprise deployments, Forcepoint Trusted Thin Client provides administrators with centralized management and monitoring, scalability to easily add networks and clients, and the flexibility to enable users in offices, in-theater and in the field.\r\nThe Forcepoint Advantage\r\nAccreditation\r\nForcepoint Trusted Thin Client is an approved access cross domain solution on the Unified Cross Domain Services Management Office (UCDSMO) Cross Domain Baseline.\r\nTop Secret/SCI and Below Interoperability (TSABI)\r\nSecret and Below Interoperability (SABI)\r\nAssessed and Authorized by authorities according to NIST guidelines in the US and Five-Eyes nations.\r\nAchieves secure simultaneous access to multiple networks/clouds from a single endpoint\r\nProvides a read-only endpoint preventing data from being stored locally. This prevents data from being transferred or copied to an external device\r\nIntegrates with common virtualization and consolidation technologies such as Citrix®, Microsoft®, and VMware®\r\nStreamlines administration through robust enterprise management capabilities\r\nAchieves significant ROI through lower ownership costs (infrastructure, office space, power consumption and administration)\r\nProvides secure multi-network access over untrusted networks with the Forcepoint Trusted Thin Client Remote deployment option\r\nSupports DoD and IC VDI initiatives such as DoD Joint Information Environment (JIE)\r\nDeployment Options\r\nBenefits\r\nMaximized security, usability and adaptability\r\nIncreased user productivity\r\nSignificant ROI through reductions in infrastructure, hardware, office space, power consumption, and administration\r\nStreamlined administration for the enterprise\r\nFlexibility to support environments with 2 networks or more than 20 networks","shortDescription":"Forcepoint Trusted Thin Client\r\nEnable Secure Simultaneous Access To Data On Multiple Networks","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Trusted Thin Client","keywords":"with, Forcepoint, networks, Trusted, Thin, Client, administration, secure","description":"End users working with multiple secure systems have traditionally needed multiple desktop computers on a single desk to accomplish their missions. To remain effective, they need a simplified approach with a high level of security that performs efficiently.\r\nFo","og:title":"Forcepoint Trusted Thin Client","og:description":"End users working with multiple secure systems have traditionally needed multiple desktop computers on a single desk to accomplish their missions. To remain effective, they need a simplified approach with a high level of security that performs efficiently.\r\nFo","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":949,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":531,"title":"Thin client","alias":"thin-client","description":" A thin client is a lightweight computer that has been optimized for establishing a remote connection with a server-based computing environment. The server does most of the work, which can include launching software programs, performing calculations, and storing data. This contrasts with a fat client or a conventional personal computer; the former is also intended for working in a client-server model but has significant local processing power, while the latter aims to perform its function mostly locally.\r\nThin clients occur as components of a broader computing infrastructure, where many clients share their computations with a server or server farm. The server-side infrastructure uses cloud computing software such as application virtualization, hosted shared desktop (HSD) or desktop virtualization (VDI). This combination forms what is known as a cloud-based system where desktop resources are centralized at one or more data centers. The benefits of centralization are hardware resource optimization, reduced software maintenance, and improved security.\r\n<ul><li>Example of hardware resource optimization: Cabling, bussing and I/O can be minimized while idle memory and processing power can be applied to user sessions that most need it.</li><li>Example of reduced software maintenance: Software patching and operating system (OS) migrations can be applied, tested and activated for all users in one instance to accelerate roll-out and improve administrative efficiency.</li><li>Example of improved security: Software assets are centralized and easily fire-walled, monitored and protected. Sensitive data is uncompromised in cases of desktop loss or theft.</li></ul>\r\nThin client hardware generally supports a keyboard, mouse, monitor, jacks for sound peripherals, and open ports for USB devices (e.g., printer, flash drive, webcam). Some thin clients include legacy serial or parallel ports to support older devices such as receipt printers, scales or time clocks. Thin client software typically consists of a graphical user interface (GUI), cloud access agents (e.g., RDP, ICA, PCoIP), a local web browser, terminal emulators (in some cases), and a basic set of local utilities.","materialsDescription":" <span style=\"font-weight: bold;\">What is a Thin Client?</span>\r\nA thin client is a computer with no hard drive or other moving parts that can lead to machine failure. Thin clients operate on a mainframe paradigm. All instructions and sessions come directly from a central, secure Windows server. Each thin client realizes its own session and operates independently from the other thin clients. Because thin clients have no hard drives, there is no loss of data if a local thin client gets damaged or has a local power failure.\r\n<span style=\"font-weight: bold;\">Why use a Thin Client instead of a regular PC?</span>\r\nThe main reason thin clients are better than PCs is that they offer "Lower Total Cost of Ownership". By reducing maintenance and install time, thin clients keep downtime to an absolute minimum. For example, to update 5 PCs you need to reinstall and configure all 5 PCs one at a time. With thin clients, you would simply make the update once on the server and all 5 thin clients would realize the update immediately.\r\n<span style=\"font-weight: bold;\">Where should I use a Thin Client?</span>\r\nThin clients can be used anywhere you would normally have a PC workstation. ACP has a number of partners who provide state of the art Thin Client hardware. These Thin Clients range from office-grade to light industrial, to heavy industrial including Class I Div 2.\r\nThin Clients are particularly favored in harsh conditions - most Thin Clients do not have cooling fans, are very small and easy to mount, and can be replaced within a minute or two.\r\n<span style=\"font-weight: bold;\">When should I use a Thin Client?</span>\r\nUse thin clients when you need to have one or several PC workstations that substantially "Lower Total Cost of Ownership" while remaining easy to install and support. Use thin clients when you have harsh factory conditions or when you don't have the time or money to hire an IT staff to keep your industrial or office systems up and running.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Thin_client.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-url-filtering":{"id":1614,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint URL Filtering","vendorVerified":0,"rating":"3.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-url-filtering","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), producing updated threat analytics for Forcepoint solutions at up to 3.2 updates per second.\r\nForcepoint URL Filtering blocks web threats to reduce malware infections, decrease help desk incidents and provide relief to valuable IT resources. Forcepoint URL Filtering is an easy-to-deploy, transparent filter and security solution that avoids the complexity of a proxy gateway. It’s equipped with more than 120 security and web filtering categories, hundreds of web application and protocol controls, and 60-plus reports with customization and role-based access.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Advantage</span><br />\r\n<span style=\"font-style: italic;\">Web filtering with ThreatSeeker threat intelligence</span><br />\r\nIdentify threats with over 10,000 analytics, machine learning and other advanced techniques maintained through real-time global threat intelligence with Forcepoint Web Security.<br />\r\n<span style=\"font-style: italic;\">Granular user behavior analysis and productivity reporting</span><br />\r\nMore than 60 reports with customization and role-based access.<br />\r\n<span style=\"font-style: italic;\">Customizable allowed/denied url filters</span><br />\r\nUtilize both timed and/or permanent web filters for managing access to websites.<br />\r\n<span style=\"font-style: italic;\">Industry-leading web security policy controls</span><br />\r\nMore than 120 security and content categories","shortDescription":"The Forcepoint URL Filtering solution blocks Web threats to reduce malware infections, decrease help desk incidents and free up valuable IT resources.","type":null,"isRoiCalculatorAvaliable":true,"isConfiguratorAvaliable":true,"bonus":100,"usingCount":5,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint URL Filtering","keywords":"Forcepoint, more, TRITON, security, than, role-based, unified, reporting","description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), pr","og:title":"Forcepoint URL Filtering","og:description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), pr","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":1588,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-user-and-entity-behavior-analytics-ueba":{"id":1667,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint User and Entity Behavior Analytics (UEBA)","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-user-and-entity-behavior-analytics-ueba","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"<span style=\"font-weight: bold; \">Identify Potential Sources of Data Exfiltration and Critical IP Loss</span> Determine users exhibiting risky behavior such as stockpiling and atypical data movement before critical IP leaves your organization. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Advanced Compromised Account Detection</span> By understanding attributes like typical access patterns, prevent bad actors from accessing your critical assets and systems with User and Entity Behavior Analytics (UEBA). <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Be a Partner to Human Resources</span> Analyze communications-based data sources to identify potential code-of-conduct infractions. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Get More Out of Your SIEM Investment</span> UEBA adds context and analytics to SIEM data and provides risk scoring to incidents organized by entity, allowing analysts to prioritize the highest risks. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Perform Context & Content-Rich Incident Response</span> Enable transparent comprehensive investigation with advanced analytics like machine learning and artificial intelligence that are tuned toward specific behavior risk. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Solve Challenges in Data Security and Regulatory Compliance</span> Analyze and detect patterns of human behavior in big data, delivering insights into enterprise risk where threats have surpassed the perimeter. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Automate DLP Policy Enforcement</span> Combine UEBA with Forcepoint DLP to utilize analytic risk scores to dynamically change DLP policies. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Transparency</span> Understandable analytics with simple explanation and context to make informed decisions about possible insider threats. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Configurability</span> There is no one-size-fits-all UEBA solution. Forcepoint allows customers to build their own use cases and develop their own analytics without the need of a data scientist. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Entity Timeline</span> View all historical activity during forensics stage with dynamic visualization. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Detect Seemingly Unrelated Threats</span> Single alerts lack context to data. UEBA uses natural language processing and sentiment analysis for a holistic view of the user. <span style=\"font-weight: bold; \"><br /></span> <span style=\"font-weight: bold; \">Varied Dataset Calculations</span> Data models informed by both structured data, such as SIEM logs, and unstructured data, such as email and chat, from your disparate security tools and third-party applications.","shortDescription":"Forcepoint User and Entity Behavior Analytics (UEBA) is AI-FUELED BEHAVIOR ANALYTICS TO IDENTIFY REAL ENTITY RISK","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint User and Entity Behavior Analytics (UEBA)","keywords":"","description":"<span style=\"font-weight: bold; \">Identify Potential Sources of Data Exfiltration and Critical IP Loss</span> Determine users exhibiting risky behavior such as stockpiling and atypical data movement before critical IP leaves your organization. <span style=\"fon","og:title":"Forcepoint User and Entity Behavior Analytics (UEBA)","og:description":"<span style=\"font-weight: bold; \">Identify Potential Sources of Data Exfiltration and Critical IP Loss</span> Determine users exhibiting risky behavior such as stockpiling and atypical data movement before critical IP leaves your organization. <span style=\"fon","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":1668,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":30,"title":"UEBA - User and Entity Behavior Analytics"}],"testingArea":"","categories":[{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-web-security":{"id":1630,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Web Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-web-security","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’t backhaul traffic or pay for appliances.\r\nForcepoint Web Security is built on a multi-tenant platform and deployed globally on the industry’s most secure cloud platform. And because every environment is different, Forcepoint Web Security can be deployed as a hybrid solution in combination with a Forcepoint Next Generation Firewall, providing protection for every user, everywhere.\r\n<span style=\"font-weight: bold;\">Highly secured and always available Forcepoint cloud</span>\r\nExtend web protection to roaming users with global coverage from the industry’s only certified global cloud infrastructure (ISO 27001, 27018, CSA STAR) for protecting every user from advanced threats.\r\n<span style=\"font-weight: bold;\">Empower the anytime, anywhere global workforce</span>\r\nForcepoint’s patent-pending Direct Connect Endpoint™ technology allows for unparalleled speed and connectivity for roaming users, eliminating latencies with a proxy-less endpoint.\r\n<span style=\"font-weight: bold;\">The features, API, and ports of a cloud security solution</span>\r\nForcepoint Web Security includes features typically found in as-a-service only cloud security product—but that’s just the start. Our enterprise-grade gateway appliance includes an SSL decryption mirror port and ingest API for additional threat feeds.\r\n<span style=\"font-weight: bold;\">Unrivaled threat protection with Forcepoint ACE</span>\r\nForcepoint’s Advanced Classification Engine (ACE) identifies threats with over 10,000 analytics, machine learning, behavioral baselines, and other advanced techniques maintained through real-time global threat intelligence.\r\n<span style=\"font-weight: bold;\">Superior real-time reporting—simplified</span>\r\nStreamline your workflow with easy-to-use drag-and-drop reporting, delivered in real-time through an interactive interface—all in a centralized system.\r\n<span style=\"font-weight: bold;\">Remove layers of latency</span>\r\nGo direct. Unlike other cloud solutions, Forcepoint has direct peering partners, critical to the security and productivity of a global workforce and its shared data.\r\n\r\n<span style=\"font-weight: bold;\">Key features:</span><span style=\"font-style: italic;\"></span>\r\n<span style=\"font-weight: bold;\">Integrated CASB functionality</span><br />Easily extend visibility and control to cloud applications, from shadow IT reporting to full control via inline (proxy) mode.\r\n<span style=\"font-weight: bold;\">Not just URL filtering</span>\r\nDon’t need your traffic forwarded to the cloud? Enable URL filtering in our leading Next Generation Firewall (NGFW), allowing for granular controls based on users and applications.\r\n<span style=\"font-weight: bold;\">Streamline compliance</span>\r\nMeet the highest certification standards across data privacy laws and residency requirements in different jurisdictions—while allowing users to keep doing good things.\r\n<span style=\"font-weight: bold;\">Expand internet access for roaming users</span>\r\nApply different policies when an employee connects from corporate and non-corporate locations with Forcepoint Web Security.\r\n<span style=\"font-weight: bold;\">Security and protection beyond the endpoint</span>\r\nExtend your existing policies to mobile devices and protect them from Advanced Threats, mobile malware, phishing attacks, spoofing, and more with Web Security.\r\n<span style=\"font-weight: bold;\">ThreatSeeker Intelligence</span>\r\nUnite over 900 million endpoints (including inputs from Facebook), and with Forcepoint ACE security defenses, analyze up to five billion requests per day. This is the core collective intelligence for all Forcepoint products—managed by Forcepoint Security Labs.\r\n<span style=\"font-weight: bold;\">Enterprise-grade DLP protection</span>\r\nForcepoint’s 9x Magic Quadrant leading DLP and integrated Incident Risk Ranking (IRR) can protect your data from people-based security incidents, including risk caused by accidental, compromised, and malicious insiders.\r\n<span style=\"font-weight: bold;\">Eliminate crippling false malware with AMD</span>\r\nCloud sandboxing allows you to optimize remediation efforts for incident response teams with comprehensive and actionable intelligence—providing 100% efficacy in malware detection.","shortDescription":"Forcepoint Web Security provides robust protection through content aware defenses and cloud app discovery and monitoring, reducing risks to sensitive data for both on premise and mobile users.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":true,"bonus":100,"usingCount":17,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security","keywords":"data, Forcepoint, theft, Security, your, content, within, include","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:title":"Forcepoint Web Security","og:description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":1561,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"forcepoint-web-security-cloud-formerly-triton-ap-web-cloud":{"id":947,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png","logo":true,"scheme":false,"title":"Forcepoint Web Security Cloud (formerly TRITON AP-WEB Cloud)","vendorVerified":0,"rating":"2.40","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":8,"alias":"forcepoint-web-security-cloud-formerly-triton-ap-web-cloud","companyTitle":"Forcepoint","companyTypes":["supplier","vendor"],"companyId":178,"companyAlias":"forcepoint","description":"ROBUST PROTECTION FOR USERS—WHEREVER THEY GO\r\nAdvanced threats involve sophisticated, multi-stage attacks with built-in techniques that evade detection while stealing your sensitive data. Insider threats—such as employee theft and internally accessed malware—are just as damaging as external threats.\r\nForcepoint Web Security Cloud provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco, and Zscaler. Forcepoint Web Security Cloud is built on a unified platform that enables Forcepoint products to work together, and protects data everywhere– in the Cloud, on the road, in the office – simplifying compliance and enabling better decision-making and more efficient security.\r\nADOPT INDUSTRY-LEADING PROTECTION AGAINST ADVANCED THREATS AND DATA THEFT\r\nAdvances in cloud technology have given organizations increased flexibility and rapid collaboration capabilities. In order to reap these benefits, your organization must streamline security with an intelligent, cloud-first solution that protects in real-time and that will enable your long term mission and protect your reputation.\r\nForcepoint Web Security Cloud provides in-line protection against advanced threats that use sophisticated detection evasion techniques to steal sensitive data, as well as insider threats such as employee theft and malware. Forcepoint Web Security Cloud is a proven leader in SaaS web content security, stopping more advanced, non-signature threats to your data than any other solution.\r\nEASY TO USE DASHBOARDS\r\nSee threat levels, productivity and bandwidth in an instant\r\nDrill-down for quick analysis\r\nEasy to use dashboards\r\nREPORTING\r\nOver 80 predefined reports\r\nCreate infinite custom reports by drag and drop of 70 attributes\r\nOptional extended reporting history for up to 18 months to support Regulatory & Compliance requirements\r\nReporting\r\nINTEGRATED CLOUD SANDBOX\r\nReal-time code analysis for Advanced Threat identification.\r\nSafe execution of suspicious code away from your network resources\r\nINTEGRATED THREAT INTELLIGENCE\r\nProvides input from over 155 countries into Forcepoint Cloud Web Security\r\nAverage update rate of 3.2 pieces of threat intelligence every second","shortDescription":"Forcepoint Web Security Cloud (formerly TRITON AP-WEB Cloud) delivering cloud security to protect users and data everywhere","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security Cloud (formerly TRITON AP-WEB Cloud)","keywords":"Cloud, your, Forcepoint, threats, Security, data, that, solution","description":"ROBUST PROTECTION FOR USERS—WHEREVER THEY GO\r\nAdvanced threats involve sophisticated, multi-stage attacks with built-in techniques that evade detection while stealing your sensitive data. Insider threats—such as employee theft and internally accessed malware—a","og:title":"Forcepoint Web Security Cloud (formerly TRITON AP-WEB Cloud)","og:description":"ROBUST PROTECTION FOR USERS—WHEREVER THEY GO\r\nAdvanced threats involve sophisticated, multi-stage attacks with built-in techniques that evade detection while stealing your sensitive data. Insider threats—such as employee theft and internally accessed malware—a","og:image":"https://old.roi4cio.com/fileadmin/user_upload/forcepoint_logo.png"},"eventUrl":"","translationId":947,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-active-response":{"id":3408,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg","logo":true,"scheme":false,"title":"McAfee Active Response","vendorVerified":1,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-active-response","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":"McAfee Active Response - Comprehensive endpoint detection and response.\r\n<span style=\"color: rgb(97, 97, 97); \">McAfee Active Response delivers continuous detection of and response to advanced security threats to help security practitioners monitor security posture, improve threat detection, and expand incident response capabilities through forward-looking discovery, detailed analysis, forensic investigation, comprehensive reporting, and prioritized alerts and actions.<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \">McAfee Active Response is proof of the effectiveness of the integrated McAfee security architecture, which is designed to resolve more threats faster and with fewer resources in a more complex world. McAfee Active Response gives you continuous visibility and powerful insights into your endpoints so you can identify breaches faster. And it provides you with the tools you need to correct issues faster and in the way that makes the most sense for your business. All of this power is managed via McAfee® ePolicy Orchestrator® (McAfee ePO™) software leveraging McAfee Data Exchange Layer—this provides unified scalability and extensibility without the need for incremental staff to administer the product.<br /><br /><span style=\"font-weight: bold;\">Key Advantages</span><br /></span>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Automated: Capture and monitor context and system state for changes that may be IoAs, as well as find dormant attack components, and send intelligence to analytics, operations, and forensic teams.</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Adaptable: When alerted, you can adjust to changes in attack methodologies; automate data collection, alerts, and responses to objects of interest; and customize your configuration to customer workflows.</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Continuous: Persistent collectors activate triggers on detection of attack events, alerting you and your systems to attack activity that you</span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \"><br /><br /><br /><br /></span>\r\n<br /><br />","shortDescription":"McAfee Active Response is a leading innovation in finding and responding to advanced threats.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Active Response","keywords":"","description":"McAfee Active Response - Comprehensive endpoint detection and response.\r\n<span style=\"color: rgb(97, 97, 97); \">McAfee Active Response delivers continuous detection of and response to advanced security threats to help security practitioners monitor security po","og:title":"McAfee Active Response","og:description":"McAfee Active Response - Comprehensive endpoint detection and response.\r\n<span style=\"color: rgb(97, 97, 97); \">McAfee Active Response delivers continuous detection of and response to advanced security threats to help security practitioners monitor security po","og:image":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg"},"eventUrl":"","translationId":3409,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-advanced-threat-defense":{"id":2160,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg","logo":true,"scheme":false,"title":"McAfee Advanced Threat Defense","vendorVerified":1,"rating":"2.00","implementationsCount":5,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-advanced-threat-defense","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and exposeevasive threats. Tight integration between security solutions — from network and endpoint to investigation — enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network.\r\nMcAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyze actual behavior. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behavior and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defense specifically looks for malicious indicators that have been identified through machine learning via a deep neural network. Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights.\r\nAdvanced capabilities support investigation McAfee Advanced Threat Defense offers numerous, advanced capabilities including:\r\n<ul> <li>Configurable operating system and application support: Tailor analysis images with select environment variables to validate threats and support investigation.</li> <li>User interactive mode: Enables analysts to interact directly with malware samples.</li> <li>Extensive unpacking capabilities: Reduces investigation time from days to minutes.</li> <li>Full logic path: Enables deeper sample analysis by forcing execution of additional logic paths that remain dormant in typical sandbox environments.</li> <li>Sample submission to multiple virtual environments: Speeds investigation by determining which environment variables are needed for file execution.</li> <li>Detailed reports: Provide critical information for investigation including MITRE ATT&CK mapping, disassembly output, memory dumps, graphical function call diagrams, embedded or dropped file information, user API logs, and PCAP information. Threat time lines help visualize attack execution steps.</li> <li>Bro Network Security Monitor integration: Deploy Bro sensor to a suspected network segment to monitor and capture traffic and forward files to McAfee Advance Threat Defense for inspection.</li> </ul>\r\nFlexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace.","shortDescription":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Advanced Threat Defense","keywords":"","description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection an","og:title":"McAfee Advanced Threat Defense","og:description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection an","og:image":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg"},"eventUrl":"","translationId":2161,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":73,"title":"Network Sandboxing"}],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-cloud-workload-security":{"id":3410,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg","logo":true,"scheme":false,"title":"McAfee Cloud Workload Security","vendorVerified":1,"rating":"0.00","implementationsCount":2,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-cloud-workload-security","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":" McAfee® Cloud Workload Security (McAfee® CWS) automates the discovery and defense of elastic workloads and containers to eliminate blind spots, deliver advanced threat defense, and simplify multicloud management. McAfee provides protection that makes it possible for a single, automated policy to effectively secure your workloads as they transition through your virtual private, public, and multicloud environments, enabling operational excellence for your cybersecurity teams.\r\n<span style=\"font-weight: bold; \">Automate discovery and deployment</span>\r\nContinuous workload discovery gives you a centralized perspective of all instances across your Amazon Web Services (AWS), Microsoft Azure, and VMware accounts, while automation templates ensure your workloads are protected from the start.\r\n<span style=\"font-weight: bold; \">Visualize and control network threats</span>\r\nTraditional perimeter-based security doesn’t work across hybrid workloads due to their amorphous and decentralized nature. Cloud-native network visualization, prioritized risk alerting, and micro-segmentation deliver awareness and control to prevent both lateral attacks in the data center and external threats\r\n<span style=\"font-weight: bold; \">Defend workloads against advanced attacks</span>\r\nIntegrated countermeasures spanning machine learning, application containment, virtual machine-optimized anti-malware, whitelisting, file integrity monitoring, and micro-segmentation, protect workloads from threats like ransomware and targeted attacks.\r\n<span style=\"font-weight: bold; \">Simplify cloud security management</span>\r\nA single-pane console consolidates security policy and management across physical endpoints, servers, virtual servers and desktops, and hybrid and multi-cloud environments. Isolation allows you to use micro-segmentation to quarantine workloads and containers with a single click.\r\n\r\n<span style=\"font-weight: bold; \">SECURITY BUILD FOR THE CLOUD</span>\r\n<span style=\"text-decoration: underline; \">Cloud and DevOps integration</span>\r\nMcAfee Cloud Workload Security works directly with AWS, Microsoft Azure, and VMware environments to provide continuous visibility, while delivering deployment automation through common DevOps tool support (Chef, Puppet, and shell scripts).\r\n<span style=\"text-decoration: underline; \">Optimized for virtual workloads</span>\r\nLeverage advanced host-based workload defense optimized specifically for virtual instances to avoid resource storms that can strain underlying infrastructure.<br /><br /><span style=\"text-decoration: underline; \">Cloud-native network control</span>\r\nWith increased awareness and control of your cloud workloads you can prevent both lateral attacks in the data center and external threats.<br /><br /><span style=\"text-decoration: underline; \">Cloud provider direct integration</span>\r\nAdditional capabilities are enabled through direct integration with cloud providers such as AWS. For example, AWS GuardDuty alerts integrate directly into McAfee ePO, displaying network connections, port probes, and DNS requests for EC2 instances.\r\n\r\nMcAfee Cloud Workload Security:\r\n<ul><li>McAfee Cloud Workload Security Basic</li></ul>\r\n<ul><li>McAfee Cloud Workload Security Essentials</li></ul>\r\n<ul><li>McAfee Cloud Workload Security Advanced</li></ul>","shortDescription":"McAfee Cloud Workload Security secures your hybrid infrastructure workloads","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":13,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Cloud Workload Security","keywords":"","description":" McAfee® Cloud Workload Security (McAfee® CWS) automates the discovery and defense of elastic workloads and containers to eliminate blind spots, deliver advanced threat defense, and simplify multicloud management. McAfee provides protection that makes it ","og:title":"McAfee Cloud Workload Security","og:description":" McAfee® Cloud Workload Security (McAfee® CWS) automates the discovery and defense of elastic workloads and containers to eliminate blind spots, deliver advanced threat defense, and simplify multicloud management. McAfee provides protection that makes it ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg"},"eventUrl":"","translationId":3411,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-complete-data-protection":{"id":3449,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg","logo":true,"scheme":false,"title":"McAfee Complete Data Protection","vendorVerified":1,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-complete-data-protection","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":"<span style=\"color: rgb(97, 97, 97); \">Secure your confidential data with an enterprise-grade security solution that is FIPS 140-2 and Common Criteria EAL2+ certified, and accelerated with the Intel® Advanced Encryption Standard—New Instructions (Intel AES-NI) set. McAfee Complete Data Protection uses drive encryption combined with strong access control via two-factor pre-boot authentication to prevent unauthorized access to confidential data on endpoints, including desktops, virtual desktop infrastructure (VDI) workstations, laptops, Microsoft Windows tablets, USB drives, and more.<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold;\">Key Features</span><br />■ Drive encryption<br />■ File and removable media protection<br />■ Management of native encryption<br /><br /><span style=\"font-weight: bold;\">Key Advantages</span><br />■ Stop data loss initiated by sophisticated malware that hijacks sensitive and personal information.<br />■ Secure data when it’s stored on desktops, laptops, tablets, and cloud storage.<br />■ Manage Apple FileVault and Microsoft BitLocker native encryption on endpoints directly from McAfee ePO software.<br />■ Communicate with and take control of your endpoints at the hardware level, whether they are powered off, disabled, or encrypted to halt desk-side visits and endless helpdesk calls due to security incidents, outbreaks, or forgotten encryption passwords.<br />■ Prove compliance with advanced reporting and auditing capabilities and monitor events and generate detailed reports that show auditors and other stakeholders your compliance with internal and regulatory privacy requirements.<br /></span>","shortDescription":"McAfee Complete Data Protection is a comprehensive endpoint encryption solution","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":15,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Complete Data Protection","keywords":"","description":"<span style=\"color: rgb(97, 97, 97); \">Secure your confidential data with an enterprise-grade security solution that is FIPS 140-2 and Common Criteria EAL2+ certified, and accelerated with the Intel® Advanced Encryption Standard—New Instructions (Intel AES-NI)","og:title":"McAfee Complete Data Protection","og:description":"<span style=\"color: rgb(97, 97, 97); \">Secure your confidential data with an enterprise-grade security solution that is FIPS 140-2 and Common Criteria EAL2+ certified, and accelerated with the Intel® Advanced Encryption Standard—New Instructions (Intel AES-NI)","og:image":"https://old.roi4cio.com/fileadmin/user_upload/McAfee__logo_.jpg"},"eventUrl":"","translationId":3450,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":43,"title":"Data Encryption","alias":"data-encryption","description":"<span style=\"font-weight: bold;\">Data encryption</span> translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. \r\nTwo main types of data encryption exist - <span style=\"font-weight: bold;\">asymmetric encryption</span>, also known as public-key encryption, and <span style=\"font-weight: bold;\">symmetric encryption</span>.<br />The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The outdated data encryption standard (DES) has been replaced by modern encryption algorithms that play a critical role in the security of IT systems and communications.\r\nThese algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation. Authentication allows for the verification of a message’s origin, and integrity provides proof that a message’s contents have not changed since it was sent. Additionally, non-repudiation ensures that a message sender cannot deny sending the message.\r\nData protection software for data encryption can provide encryption of devices, email, and data itself. In many cases, these encryption functionalities are also met with control capabilities for devices, email, and data. \r\nCompanies and organizations face the challenge of protecting data and preventing data loss as employees use external devices, removable media, and web applications more often as a part of their daily business procedures. Sensitive data may no longer be under the company’s control and protection as employees copy data to removable devices or upload it to the cloud. As a result, the best data loss prevention solutions prevent data theft and the introduction of malware from removable and external devices as well as web and cloud applications. In order to do so, they must also ensure that devices and applications are used properly and that data is secured by auto-encryption even after it leaves the organization.\r\nEncryption software program encrypts data or files by working with one or more encryption algorithms. Security personnel use it to protect data from being viewed by unauthorized users.\r\nTypically, each data packet or file encrypted via data encryption programs requires a key to be decrypted to its original form. This key is generated by the software itself and shared between the data/file sender and receiver. Thus, even if the encrypted data is extracted or compromised, its original content cannot be retrieved without the encryption key. File encryption, email encryption, disk encryption and network encryption are widely used types of data encryption software.<br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is Encryption software?</span></h1>\r\nEncryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.There are many software products which provide encryption. Software encryption uses a cipher to obscure the content into ciphertext. One way to classify this type of software is by the type of cipher used. Ciphers can be divided into two categories: <span style=\"font-weight: bold;\">public key ciphers</span> (also known as asymmetric ciphers), and <span style=\"font-weight: bold;\">symmetric key ciphers</span>. Encryption software can be based on either public key or symmetric key encryption.\r\nAnother way to classify crypto software is to categorize its purpose. Using this approach, software encryption may be classified into software which encrypts "<span style=\"font-weight: bold;\">data in transit</span>" and software which encrypts "<span style=\"font-weight: bold;\">data at rest</span>". Data in transit generally uses public key ciphers, and data at rest generally uses symmetric key ciphers.\r\nSymmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encrypt real-time communications, such as audio and video information. The key is used to establish the initial state of a keystream generator, and the output of that generator is used to encrypt the plaintext. Block cipher algorithms split the plaintext into fixed-size blocks and encrypt one block at a time. For example, AES processes 16-byte blocks, while its predecessor DES encrypted blocks of eight bytes.<br />There is also a well-known case where PKI is used for data in transit of data at rest.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">How Data Encryption is used?</span></h1>\r\nThe purpose of data encryption is to deter malicious or negligent parties from accessing sensitive data. An important line of defense in a cybersecurity architecture, encryption makes using intercepted data as difficult as possible. It can be applied to all kinds of data protection needs ranging from classified government intel to personal credit card transactions. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme which theoretically can only be broken with large amounts of computing power.\r\nEncryption is an incredibly important tool for keeping your data safe. When your files are encrypted, they are completely unreadable without the correct encryption key. If someone steals your encrypted files, they won’t be able to do anything with them.\r\nThere different types of encryption: hardware and software. Both offer different advantages. So, what are these methods and why do they matter?\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Software Encryption</span></h1>\r\n<p class=\"align-left\">As the name implies, software encryption uses features of encryption software to encrypt your data. Cryptosoft typically relies on a password; give the right password, and your files will be decrypted, otherwise they remain locked. With encryption enabled, it is passed through a special algorithm that scrambles your data as it is written to disk. The same software then unscrambles data as it is read from the disk for an authenticated user.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Crypto programs is typically quite cheap to implement, making it very popular with developers. In addition, software-based encryption routines do not require any additional hardware.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Types of encryption software is only as secure as the rest of your computer or smartphone. If a hacker can crack your password, the encryption is immediately undone.<br />Software encryption tools also share the processing resources of your computer, which can cause the entire machine to slow down as data is encrypted/decrypted. You will also find that opening and closing encrypted files is much slower than normal because the process is relatively resource intensive, particularly for higher levels of encryption</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Hardware encryption</span></h1>\r\n<p class=\"align-left\">At the heart of hardware encryption is a separate processor dedicated to the task of authentication and encryption. Hardware encryption is increasingly common on mobile devices. <br />The encryption protection technology still relies on a special key to encrypt and decrypt data, but this is randomly generated by the encryption processor. Often times, hardware encryption devices replace traditional passwords with biometric logons (like fingerprints) or a PIN number that is entered on an attached keypad<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Hardware offers strong encryption, safer than software solutions because the encryption process is separate from the rest of the machine. This makes it much harder to intercept or break. </p>\r\n<p class=\"align-left\">The use of a dedicated processor also relieves the burden on the rest of your device, making the encryption and decryption process much faster.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Typically, hardware-based encrypted storage is much more expensive than a software encryption tools. <br />If the hardware decryption processor fails, it becomes extremely hard to access your information.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">The Data Recovery Challenge. </span>Encrypted data is a challenge to recover. Even by recovering the raw sectors from a failed drive, it is still encrypted, which means it is still unreadable. </p>\r\n<p class=\"align-left\">Hardware encrypted devices don’t typically have these additional recovery options. Many have a design to prevent decryption in the event of a component failure, stopping hackers from disassembling them. The fastest and most effective way to deal with data loss on an encrypted device is to ensure you have a complete backup stored somewhere safe. For your PC, this may mean copying data to another encrypted device. For other devices, like your smartphone, backing up to the Cloud provides a quick and simple economy copy that you can restore from. As an added bonus, most Cloud services now encrypt their users’ data too. <br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Encryption.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-complete-endpoint-protection-business-ceb":{"id":832,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/McAfee_Complete_EndPoint_Protection_-_Business__CEB_.png","logo":true,"scheme":false,"title":"McAfee Complete EndPoint Protection - Business (CEB)","vendorVerified":1,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-complete-endpoint-protection-business-ceb","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":"Core endpoint protection\r\nMcAfee Complete Endpoint Threat Protection includes anti-malware, firewall, device control, and email and web security.\r\nPowered by machine learning\r\nWith integrated machine learning and dynamic application containment, detect zero-day threats in near real time, and classify and halt them before they can execute on your systems.\r\nActionable forensic data\r\nEasy-to-read reports help you make the move from responding to outbreaks to investigating and hardening your defenses.\r\nAn adaptable security framework\r\nMcAfee Complete Endpoint Threat Protection is built using an extensible framework, so you can add other advanced threat defenses with ease as your security needs and the threat landscape evolve.\r\n\r\nIntegrated, advanced threat defenses built with productivity in mind\r\nAutomate advanced threat defenses\r\nStay ahead of threats with reputation analysis and machine learning that evolves to pinpoint and streamline responses to zero-day threats by automatically stopping and containing greyware, ransomware, and other advanced threats.\r\nReduce security complexity\r\nEliminate multiple security management consoles and user interfaces. One console provides a single pane of glass to manage your environment so you can rapidly ramp up deployments and leverage cross-platform policies for Windows, Mac, and Linux environments.\r\nBuild a flexible and collaborative security framework\r\nEnsure your defenses work together to defeat threats and provide actionable threat forensics. Our purpose-built framework connects multiple defenses and allows for easy adoption of new advanced security technologies as the threat landscape changes.\r\n\r\nSystem requirements\r\nMcAfee Complete Endpoint Threat Protection is a suite that is supported on Windows, Mac, and Linux systems. For complete technical specifications for all of the products included in this suite, please review the minimum system requirements.","shortDescription":"McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate and contain zero-day threats and sophisticated attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Complete EndPoint Protection - Business (CEB)","keywords":"security, threat, defenses, your, advanced, threats, McAfee, framework","description":"Core endpoint protection\r\nMcAfee Complete Endpoint Threat Protection includes anti-malware, firewall, device control, and email and web security.\r\nPowered by machine learning\r\nWith integrated machine learning and dynamic application containment, detect zero-da","og:title":"McAfee Complete EndPoint Protection - Business (CEB)","og:description":"Core endpoint protection\r\nMcAfee Complete Endpoint Threat Protection includes anti-malware, firewall, device control, and email and web security.\r\nPowered by machine learning\r\nWith integrated machine learning and dynamic application containment, detect zero-da","og:image":"https://old.roi4cio.com/fileadmin/user_upload/McAfee_Complete_EndPoint_Protection_-_Business__CEB_.png"},"eventUrl":"","translationId":833,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":41,"title":"Antispam","alias":"antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam.png"},{"id":25,"title":"Web filtering","alias":"web-filtering","description":" <span style=\"font-weight: bold; \">Web filtering</span> is a technology that stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web filters are made in different ways and deliver various solutions for individual, family, institutional or enterprise use.\r\nIn general, Web filters work in two distinct ways. They can <span style=\"font-weight: bold; \">block content</span> as determined by quality of the site, by consulting known lists which document and categorize popular pages across all genres of content. Or, they can <span style=\"font-weight: bold; \">evaluate the content</span> of the page live and block it accordingly. Many Web filter tools work off of a constantly updated URL database that shows which websites and domains are associated with hosting malware, phishing, viruses or other tools for harmful activities.\r\n<span style=\"font-weight: bold;\">Web Filtering Types.</span> <span style=\"font-style: italic;\">Blacklist & Whitelist Filters:</span>when using blacklists, an administrator (which might be a parent) manually enters all websites that are deemed inappropriate into the program, and those sites are subsequently blocked. Whitelists are used in exactly the same way, only in reverse – i.e. URLs are manually entered onto a whitelist, and all other websites are then off-limits.\r\n<span style=\"font-style: italic; \">Keyword And Content Filters: </span>this type of filtering is in many ways similar to black and whitelist filtering, though with a slightly broader scope. Keyword and content filters will filter out websites that contain specific keywords or predefined content (such as pornography, for example).\r\nSome website filtering software also provides reporting so that the installer can see what kind of traffic is being filtered and who has requested it. Some products provide soft blocking (in which a warning page is sent to the user instead of the requested page while still allowing access to the page) and an override capability that allows an administrator to unlock a page. \r\n<span style=\"font-weight: bold; \">Web Filtering Software for Business.</span> Most organizations have moved to cloud based-applications, making browsers a tool that employees use on a daily basis to access work. Browsers have become a conduit to not only the cloud, but also to immeasurable malware and distractions hosted on the web. In order to ensure that browsers do not bring in malicious traffic, web filtering software becomes necessary.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">What is Enterprise Web Filtering Software?</h1>\r\nAntivirus and antimalware software are required to detect malicious programs that has been downloaded, but it is now important for enterprise web filtering software to be installed. Content filtering software is an invaluable protection against a wide range of web-borne threats. Rather than allowing malware and ransomware to be downloaded, it prevents end users from visiting websites that contain these malicious threats.\r\nInternet filtering software is also one of the most effective ways to neutralize the threat from phishing. Phishing is a technique used by cybercriminals to gain access to sensitive user information. Phishers trick end users into revealing login credentials or downloading malicious software onto their computers.\r\nPhishing involves sophisticated social engineering techniques to fool end users into visiting malicious websites. If employees can be convinced to reveal sensitive information or download ransomware or malware, cybercriminals can easily bypass even the most sophisticated of cybersecurity defenses.\r\n<h1 class=\"align-center\">What is URL Filtering?</h1>\r\nURL filtering is a type of network filtering software that helps businesses control their users’ and guests’ ability to access certain content on the web. If you’ve ever gotten a “block” page while surfing the internet at the office, then your company is using web filtering.\r\nSome employers may only be concerned about blocking access to websites that are known to spread malware or steal information. Other businesses may block content they find inappropriate, such as adult websites or sites that promote violence, or content that violates compliance regulations. They may also choose to activate web protection software to block social media or video streaming sites to minimize drains on productivity and network bandwidth.\r\nTypically, URL filtering software is provided by a cybersecurity service, firewall, or router. Each of these may use a variety of threat intelligence sources to determine which websites fit into their chosen acceptable and unacceptable categories. That’s where highly reliable web reputation services are most valuable. Sources that have extensive web histories and real-time active crawling services will provide the most accurate content determinations.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"mcafee-complete-endpoint-threat-protection":{"id":538,"logoURL":"https://old.roi4cio.com/fileadmin/content/csm_McAfee.png","logo":true,"scheme":false,"title":"McAfee Complete Endpoint Threat Protection","vendorVerified":1,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"supplierPartnersCount":110,"alias":"mcafee-complete-endpoint-threat-protection","companyTitle":"McAfee","companyTypes":["vendor"],"companyId":184,"companyAlias":"mcafee","description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.</p>\r\n<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">Core endpoint protection, including anti-malware, firewall, device control, email and web security works together with machine learning and dynamic application containment to detect zero-day threats in near real time, and classify and halt them before they can execute on your systems. Actionable forensic data and easy-to-read reports keep you informed and help you make the move from responding to outbreaks, to investigating and hardening your defenses. And, because McAfee Complete Endpoint Threat Protection is built using an extensible framework, you can add other advanced threat defenses with ease as your security needs and the threat landscape evolve.</p>","shortDescription":"McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Complete Endpoint Threat Protection","keywords":"McAfee, Complete, defenses, your, Threat, Endpoint, Protection, zero-day","description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that ","og:title":"McAfee Complete Endpoint Threat Protection","og:description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that ","og:image":"https://old.roi4cio.com/fileadmin/content/csm_McAfee.png"},"eventUrl":"","translationId":595,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":41,"title":"Antispam","alias":"antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":25,"title":"Web filtering","alias":"web-filtering","description":" <span style=\"font-weight: bold; \">Web filtering</span> is a technology that stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web filters are made in different ways and deliver various solutions for individual, family, institutional or enterprise use.\r\nIn general, Web filters work in two distinct ways. They can <span style=\"font-weight: bold; \">block content</span> as determined by quality of the site, by consulting known lists which document and categorize popular pages across all genres of content. Or, they can <span style=\"font-weight: bold; \">evaluate the content</span> of the page live and block it accordingly. Many Web filter tools work off of a constantly updated URL database that shows which websites and domains are associated with hosting malware, phishing, viruses or other tools for harmful activities.\r\n<span style=\"font-weight: bold;\">Web Filtering Types.</span> <span style=\"font-style: italic;\">Blacklist & Whitelist Filters:</span>when using blacklists, an administrator (which might be a parent) manually enters all websites that are deemed inappropriate into the program, and those sites are subsequently blocked. Whitelists are used in exactly the same way, only in reverse – i.e. URLs are manually entered onto a whitelist, and all other websites are then off-limits.\r\n<span style=\"font-style: italic; \">Keyword And Content Filters: </span>this type of filtering is in many ways similar to black and whitelist filtering, though with a slightly broader scope. Keyword and content filters will filter out websites that contain specific keywords or predefined content (such as pornography, for example).\r\nSome website filtering software also provides reporting so that the installer can see what kind of traffic is being filtered and who has requested it. Some products provide soft blocking (in which a warning page is sent to the user instead of the requested page while still allowing access to the page) and an override capability that allows an administrator to unlock a page. \r\n<span style=\"font-weight: bold; \">Web Filtering Software for Business.</span> Most organizations have moved to cloud based-applications, making browsers a tool that employees use on a daily basis to access work. Browsers have become a conduit to not only the cloud, but also to immeasurable malware and distractions hosted on the web. In order to ensure that browsers do not bring in malicious traffic, web filtering software becomes necessary.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">What is Enterprise Web Filtering Software?</h1>\r\nAntivirus and antimalware software are required to detect malicious programs that has been downloaded, but it is now important for enterprise web filtering software to be installed. Content filtering software is an invaluable protection against a wide range of web-borne threats. Rather than allowing malware and ransomware to be downloaded, it prevents end users from visiting websites that contain these malicious threats.\r\nInternet filtering software is also one of the most effective ways to neutralize the threat from phishing. Phishing is a technique used by cybercriminals to gain access to sensitive user information. Phishers trick end users into revealing login credentials or downloading malicious software onto their computers.\r\nPhishing involves sophisticated social engineering techniques to fool end users into visiting malicious websites. If employees can be convinced to reveal sensitive information or download ransomware or malware, cybercriminals can easily bypass even the most sophisticated of cybersecurity defenses.\r\n<h1 class=\"align-center\">What is URL Filtering?</h1>\r\nURL filtering is a type of network filtering software that helps businesses control their users’ and guests’ ability to access certain content on the web. If you’ve ever gotten a “block” page while surfing the internet at the office, then your company is using web filtering.\r\nSome employers may only be concerned about blocking access to websites that are known to spread malware or steal information. Other businesses may block content they find inappropriate, such as adult websites or sites that promote violence, or content that violates compliance regulations. They may also choose to activate web protection software to block social media or video streaming sites to minimize drains on productivity and network bandwidth.\r\nTypically, URL filtering software is provided by a cybersecurity service, firewall, or router. Each of these may use a variety of threat intelligence sources to determine which websites fit into their chosen acceptable and unacceptable categories. That’s where highly reliable web reputation services are most valuable. Sources that have extensive web histories and real-time active crawling services will provide the most accurate content determinations.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}},"aliases":{"1":["forcepoint-advanced-malware-detection","forcepoint-casb-cloud-access-security-broker","forcepoint-data-guard","forcepoint-dlp","forcepoint-email-security","forcepoint-email-security-cloud-forcepoint-web-security-cloud","forcepoint-ngfw","forcepoint-secure-enterprise-sd-wan","forcepoint-sureview-analytics","forcepoint-trusted-thin-client","forcepoint-url-filtering","forcepoint-user-and-entity-behavior-analytics-ueba","forcepoint-web-security","forcepoint-web-security-cloud-formerly-triton-ap-web-cloud","mcafee-active-response","mcafee-advanced-threat-defense","mcafee-cloud-workload-security","mcafee-complete-data-protection","mcafee-complete-endpoint-protection-business-ceb","mcafee-complete-endpoint-threat-protection"]},"links":{"first":"http://apis.roi4cio.com/api/products?page=1","last":"http://apis.roi4cio.com/api/products?page=2","prev":null,"next":"http://apis.roi4cio.com/api/products?page=2"},"meta":{"current_page":1,"from":1,"last_page":2,"path":"http://apis.roi4cio.com/api/products","per_page":20,"to":20,"total":32},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{"13":{"id":13,"title":"NG Firewall"},"30":{"id":30,"title":"UEBA - User and Entity Behavior Analytics"},"38":{"id":38,"title":"Secure E-mail Gateway"},"73":{"id":73,"title":"Network Sandboxing"},"83":{"id":83,"title":"Data Loss Prevention"},"93":{"id":93,"title":"Software-Defined WAN (SD-WAN)"},"95":{"id":95,"title":"Cloud Access Security Broker (CASB)"}},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}