Advanced Threat Detection
With an Advanced Threat Detection product run complementary to the firewall, dedicated resources are focused on scanning content holistically and efficiently – with multiple scanning engines. Predictive engines based on AI and Machine Learning are capable of even stopping the Zero-Day attacks due to their behaviour analysis approach.
If there still is a high uncertainty of what the executable will do – then Sandbox comes in. An environment outside the perimeter enables controlled detonation of the executable – identifying exactly what it does – without allowing it to make any impact.
This setup not only secures all traffic proxied through the main HQ firewall, it also scans traffic coming in from branch offices and remote workers via VPN. In an ideal setup the VPN client on the remote computer are setup to always connect and proxy all traffic. This allows the Advanced Threat Inspection product to protect the whole office – on-site, at remote sites and even the workers on the road.
Thorough inspection even of encrypted traffic with multiple scanning engines
Remote workers securely protected the same as in the office thanks to always-on VPN