HarfangLab EPPEndpoint Protection Platform
Automate threat blocking,
improve alerts prioritisation and
focus on critical tasks.
HarfangLab EPP protects your endpoints (workstations and servers) and automatically blocks threats when detected.
Integrated within the agent, HarfangLab’s EPP – available with HarfangLab’s EDR – can deliver endpoint security even when disconnected from the central console. Its features effectively protect your servers and workstations against malware attacks and the various threats your organization faces.
Quarantine notifications educate users about cybersecurity risks, while blocking alerts sent to the console provide IT and cybersecurity teams with optimal visibility into threats affecting the IT environment.
Automatically block threats
The HarfangLab Endpoint Protection Platform (EPP) antivirus can analyse and perform file execution emulation to evaluate their legitimacy.
It can then identify their signature, thanks to our partner IKARUS‘ antiviral database, and block them if they pose a security risk.
+ The extra mile
With the real-time detection and automatic blocking of known threats, analysts can focus on leveraging the data provided by the EDR for deeper investigation.
Our platform also offers flexible management of scans, whether scheduled, automated or launched on demand.
A unified alert from both tools signals that this security event requires prioritised attention.
The features included in HarfangLab’s EPP’s firewall are crafted to secure network traffic. Incoming and outgoing data is easily filtered by setting up simple and precise firewall rules:
- Opening or limitation by IPs, network protocols, ports…,
- Segmentation by individual or group of endpoints or network policy profiles
Device Control included in HarfangLab’s EPP:
- monitors USB port activity
- generates alerts
- automatically blocks threats from external devices connected to endpoints.
Security policies can be fine-tuned by endpoint or endpoint groups, with the option of restricting use to approved devices or certain types of device only.
Only essential uses are authorized, for optimum security while preserving the autonomy of information system users.
An EPP (Endpoint Protection Platform) is a security tool designed to provide broad threat protection, including features like antivirus, firewall and USB port protection. It can automatically block threats when it detects malicious files, unauthorised network connections, the connection of USB devices, etc. EPPs can also alert you to abnormal activity.
The solution is installed directly on each endpoint. All endpoints (workstations and servers) are thus protected by a solution that can detect and block a wide variety of known threats: malware, viruses, Trojans, ransomware, spyware, keyloggers, rootkits, wipers, etc.
HarfangLab’s EPP is available as part of the HarfangLab Guard plan, which includes both an EDR and an EPP.
Businesses, authorities and organizations in all sectors can benefit – via an MSSP (Managed Security Service Provider) partner where appropriate – from the virus and malware detection and protection capabilities offered by our solutions:
- SaaS (public cloud)
- On-Premises (private cloud)
depending on your organization’s prerequisites, the security requirements of your industry, and the sensitivity of your data. Request a demo to discover all the features of our EPP platform!
Ransomware is a major concern for many companies, authorities and government agencies, due to the direct and indirect costs involved.
Your employees’ devices are protected against ransomware with HarfangLab’s Guard offering, which includes the Ransomguard engine, a behavioral analysis engine designed to automatically detect and block all malicious behavior linked to a ransomware attack.
The memory and CPU usage of HarfangLab’s EPP are tied to the specific tasks demanded of it, but they remain minimal for your endpoints. This efficiency is largely thanks to the use of the RUST programming language and ongoing optimisation efforts, ensuring the agent remains lightweight and has no noticeable impact on IT users.
All OS are supported: Windows, Linux and macOS. Our detailed documentation is available for more information.
HarfangLab EDR can be deployed both in SaaS (public Cloud) and on On-Premises (piate Cloud) infrastructure, offering the same functionalities in either environment.
Regardless of the deployment method, agents are installed directly on the endpoints and communicate with the console to share telemetry data and receive threat detection and blocking policies.
Updates require no endpoint reboots and, for On-Premises deployments, can be managed either remotely or on site.
You can easily integrate our security solution into your security operations center (SOC). Our platform facilitates this integration through various connectors with SIEM, SOAR, NDR, Threat Intelligence platforms and file analysis centers…
As part of the HarfangLab Guard offer, which combines our EDR and EPP solutions, benefit from centralized, optimized defense for your IT infrastructure. Compatibility with third-party technologies ensures optimal detection and protection.
Find out more
Cybersecurity: why combine EDR and EPP
HarfangLab extends its protection with an EDR + EPP package. What are the technical advantages? What are the benefits for…
EDR vs. EPP: what are the differences and how do you make the right choice?
Understand how antivirus software, EPP and EDR work, and the resources that run them.
Enterprise antivirus
Enterprise firewall