Trellix (McAfee)
THE LIVING SECURITY APPROACH
Advanced Threat Detection
Advanced Threat Detection is a broad term for solutions that use certain types of analysis to increase the security of systems. Among other things, these solutions can analyse and evaluate downloads or other user activities from various systems risk-free in a sandbox.
Cloud Access Security Broker (CASB)
Cloud apps should be accessible as flexibly and easily as possible, preferably from any location with internet access and from any end device. However, it is precisely this simplicity of cloud access that often makes it easy for unauthorised third parties to access cloud data and misuse cloud apps. Among other things, cloud access security brokers ensure that network traffic between on-site devices and the cloud provider only takes place in accordance with the organisation’s predefined rules and policies. They are also useful because they provide insight into the use of cloud applications across multiple cloud platforms and can therefore recognise unintended use.
Data & Device Encryption
Data & device encryption refers to the encryption of data (such as folders, files, databases, etc.) and devices (such as hard drives, USB sticks, cloud storage, etc.). The aim of encryption is to subject the data to a mathematical transformation so that it is not possible for an attacker who gains possession of the data to extract the original data from the transformed data.
Data Loss Prevention (DLP)
“Data loss prevention” and “data leakage prevention” are usually used synonymously, but some specialists also differentiate between them in technical discussions: “Data loss prevention” is protection against the unwanted outflow of data that causes damage and is also noticed, while “data leakage prevention” stands for protection against the suspected but unmeasurable and sometimes undetectable passing on of information to unwanted recipients.
Database Security
Database security refers to the use of a wide range of information security controls to protect databases against threats to confidentiality, integrity and availability. It includes different types or categories of control, such as technical, procedural, administrative and physical.
Endpoint Security
Modern firewall systems now offer a much broader range of integrated features in addition to the conventional functions of a firewall; firewalls provide everything a security expert needs: Firewall, anti-virus, filter functions for web content and emails, application control and network functions (e.g. routing and load balancing) in just one appliance.
Network & System Management
We define Network & System Management solutions as products that can be used to centrally administer and monitor a wide range of systems used in the company. The primary goal of network and system management is to ensure that networks and systems function optimally and efficiently to fulfil a company’s business requirements while providing a secure environment for sensitive data and information.
Network IPS
Intrusion prevention systems (IPS for short) are intrusion detection systems (IDS for short) that go beyond the mere generation of events to provide functions that can also block a detected attack. Network IPS includes all solutions that can provide centralised protection for the company network.
Risk Management & Reporting
Risk Management & Reporting can be used to uncover and visualise risks in the corporate network in order to derive countermeasures.
Security Policy Orchestration
Modern corporate networks consist of a wide variety of security components whose centralised management is the goal of security policy orchestration. This includes solutions for the centralised administration of heterogeneous networks or software-defined networks.
E-Mail Security
Email security refers to solutions for protecting emails against spam, viruses and malware. These are usually placed in the network as a gateway solution.
Security Information & Event Management (SIEM)
Security Information and Event Management (SIEM) is an approach to security management that aims to provide a holistic view of the security of an organisation’s IT. The SIEM system is based on the principle that relevant data about a company’s security is collected in different places and that it is much easier to recognise trends and patterns that deviate from the usual pattern if all this data can be viewed in one central location. SIEM combines the functions of Security Information Management (SIM) and Security Event Management (SEM) in one security management system.
Threat & Attack Management
Under Threat & Attack Management, we offer products for the centralised and automated analysis and handling of security problems. In contrast to SIEM, these solutions can not only recognise trends and deviations, but also take active action against threats.
Web Security
Web security solutions protect end devices from infections and implement company guidelines by using the following technologies: URL filtering, blacklisting, whitelisting, detection and filtering of malicious content, application control of known applications such as Skype.