Forcepoint

MORE INFORMATION:

https://www.forcepoint.com/

Description of technology

Anti-malware Sandbox

Forcepoint Advanced Malware Detection - is a sandbox-class solution providing a simulated environment for running and analyzing malware. It works as a module integrated with Forcepoint CASB, NGFW, Web and Email Security solutions. Clients can easily activate the service in the cloud to take advantage of high availability, scalability and lower maintenance and implementation costs, or deploy AMD on premises. Forcepoint offers a unique isolation and malware inspection environment that simulates the user’s entire computer, including CPU, memory and all peripheral devices. Deep Content Inspection interacts with malware to observe all activities which malware may perform in this complete environment, even if these activities are delegated to the operating system or other programs. In addition, this tool identifies potentially malicious “dormant code”, which is not being executed yet by malware.

Cloud Security - Cloud Access Security Broker

Forcepoint Cloud Access Security Broker (CASB) - is a solution that responds to the rapid increase in cloud popularity and adoption, as well as the Cloud First and BYOD (Bring Your Own Device) initiatives. They have created new vulnerabilities in the area of security and compliance. Forcepoint CASB, which is an important component of Forcepoint’s human-oriented security strategy, helps to address those vulnerabilities. CASB provides insight into and control over the way in which employees use cloud applications, enabling companies to understand the pace of work and flow of data in the organization. Forcepoint CASB not only detects and evaluates the risk associated with the use of unauthorized cloud applications, but also controls how authorized applications such as Office 365, Google Suite, Salesforce, Box or Dropbox are used by employees, which helps to protect the organization’s data and intellectual property.

DLP

Forcepoint DLP - enables organizations to protect sensitive data and intellectual property, and achieve compliance with regulations such as GDPR. Protection is provided by identifying, monitoring and enforcing policies for data in transit, in use and at rest, both at the level of the network and user workstations. In this way, data are protected anytime and anywhere, also outside the organization’s network. The system precisely identifies protected data using built-in classifiers for popular data types such as PESEL, NIP, REGON or bank account and credit card numbers, and can learn specific data using digital fingerprints and machine learning mechanisms. In addition to content, the DLP system also takes into account the data context. With these features, organizations can protect data, secure important business processes, and reduce the number of false alerts generated by the system. Moreover, the work of administrators is supported by the Incident Risk Ranking mechanism which enables them to deal with the most important incidents first. The system also offers sophisticated data protection functions such as analysis of text in transmitted graphic files — OCR for data in transit and detection of incidents distributed over time, e.g. leakage of one record after another from the database — Drip DLP.

Email Gateway

Forcepoint Email Security - ensures security of e-mail, which is one of the most important communication means of any organization in the world. This solution not only recognizes and stops spam, thus protecting employee inboxes from being flooded with unwanted e-mails, but also identifies and protects against advanced, multi-stage threats that use e-mail to penetrate organizations’ IT environments. With the use of sandbox, Email Security stops threats not detected by standard security mechanisms. It provides data protection by enforcing DLP policies directly within the e-mail gateway. It allows for safe adoption of cloud solutions such as Microsoft Office 365. Employees are protected by such functions as Phishing Education and URL Wrapping. Email Security is available as an on-premise, cloud or hybrid solution. Components deployed on premises are available in the form of physical and virtual appliances. Basic functionalities can be expanded by using modules. All of this makes it a flexible solution that can be implemented in a manner and form expected by organizations and according to their needs.

Firewall

Forcepoint NGFW - is a next generation network firewall designed for distributed environments where optimizing the time necessary for administration, problem diagnosis and responding to incidents is the top priority. Unique functions such as policy hierarchies, continuous validation of the system prompts configuration and visualizations minimize the time of identifying and removing issues. An intuitive interface makes managing even hundreds of geographically dispersed devices easy and completely eliminates the risk of a critical configuration error. Forcepoint NGFW also offers a unique IPS engine designed to detect and block security bypassing attempts.

UEBA

Forcepoint UEBA - protects sensitive data by analyzing user behavior, detects compromised accounts and enforces continuous improvement of the organization’s internal security culture. Traditional tools do not provide full information and context about internal threats. This is a severe gap, especially important in the face of new regulations and security breaches that are being revealed around the world. Forcepoint UEBA integrates structured and unstructured data to provide full insight into users’ activities, patterns and long-term behavioral trends, identifying threats within the organization.

Web Gateway

Forcepoint Web Security - provides ongoing protection against advanced Web threats, both for stationary and mobile employees. The basic functionality of filtering user traffic in accordance with the policy defined by the administrator that blocks access to inappropriate content complements content scanning for threats and complex attacks. The solution makes it possible to inspect and manage encrypted HTTPS connections and uses the sandbox to identify threats not detected by standard security mechanisms. Another very important function is data protection by a DLP engine that runs directly as part of the Web Security without the need to provide content for analysis by the DLP system, which is often the case in the competition’s solutions. Build-in CASB (Cloud Access Security Broker) functions provide the organization with insight and control over the employees’ use of cloud applications. Web Security is available as an on-premise, cloud or hybrid solution. Components deployed on premises are available in the form of software as well as physical and virtual appliances. Basic functionalities can be expanded by using modules. All of this makes it a flexible solution that can be implemented in a manner and form expected by organizations and according to their needs.

Helpful files

Authorized trainings

Interested? Check our training offer.

Subscribe
Videoguides

Installation | Configuration | Use

Watch