HarfangLab EPP
Endpoint Protection Platform

Automate threat blocking,
improve alerts prioritisation and
focus on critical tasks.

See our plans

Automatically protect your assets

Reduce the burden on analysts

Maintain full visibility of your cyber environment

HarfangLab EPP protects your endpoints (workstations and servers) and automatically blocks threats when detected.

Integrated within the agent, HarfangLab’s EPP – available with HarfangLab’s EDR – can deliver endpoint security even when disconnected from the central console. Its features effectively protect your servers and workstations against malware attacks and the various threats your organization faces.

Quarantine notifications educate users about cybersecurity risks, while blocking alerts sent to the console provide IT and cybersecurity teams with optimal visibility into threats affecting the IT environment.

Signature-based antivirus detection and blocking

Files and devices scan

Local firewall for filtering network traffic

Single console for centralised data management and correlation

Automatically block threats

An antivirus to automatically block known threats

The HarfangLab Endpoint Protection Platform (EPP) antivirus can analyse and perform file execution emulation to evaluate their legitimacy.

It can then identify their signature, thanks to our partner IKARUS‘ antiviral database, and block them if they pose a security risk.

+ The extra mile

With the real-time detection and automatic blocking of known threats, analysts can focus on leveraging the data provided by the EDR for deeper investigation.
Our platform also offers flexible management of scans, whether scheduled, automated or launched on demand.

A unified alert from both tools signals that this security event requires prioritised attention.

an-antivirus-that-automatically-blocks-threats-harfanglab

A platform with integrated firewall to secure network traffic

The features included in HarfangLab’s EPP’s firewall are crafted to secure network traffic. Incoming and outgoing data is easily filtered by setting up simple and precise firewall rules:

Opening or limitation by IPs, network protocols, ports…,
Segmentation by individual or group of endpoints or network policy profiles

Device Control for security and user autonomy

Device Control included in HarfangLab’s EPP:

monitors USB port activity
generates alerts
automatically blocks threats from external devices connected to endpoints.

Security policies can be fine-tuned by endpoint or endpoint groups, with the option of restricting use to approved devices or certain types of device only.

Only essential uses are authorized, for optimum security while preserving the autonomy of information system users.

What is an EPP?

An EPP (Endpoint Protection Platform) is a security tool designed to provide broad threat protection, including features like antivirus, firewall and USB port protection. It can automatically block threats when it detects malicious files, unauthorised network connections, the connection of USB devices, etc. EPPs can also alert you to abnormal activity.

The solution is installed directly on each endpoint. All endpoints (workstations and servers) are thus protected by a solution that can detect and block a wide variety of known threats: malware, viruses, Trojans, ransomware, spyware, keyloggers, rootkits, wipers, etc.

How can I benefit from the HarfangLab EPP?

HarfangLab’s EPP is available as part of the HarfangLab Guard plan, which includes both an EDR and an EPP.

Businesses, authorities and organizations in all sectors can benefit – via an MSSP (Managed Security Service Provider) partner where appropriate – from the virus and malware detection and protection capabilities offered by our solutions:

SaaS (public cloud)
On-Premises (private cloud)

depending on your organization’s prerequisites, the security requirements of your industry, and the sensitivity of your data. Request a demo to discover all the features of our EPP platform!

Are my endpoints protected against ransomware?

Ransomware is a major concern for many companies, authorities and government agencies, due to the direct and indirect costs involved.

Your employees’ devices are protected against ransomware with HarfangLab’s Guard offering, which includes the Ransomguard engine, a behavioral analysis engine designed to automatically detect and block all malicious behavior linked to a ransomware attack.

What impact does the HarfangLab EPP have on endpoints?

The memory and CPU usage of HarfangLab’s EPP are tied to the specific tasks demanded of it, but they remain minimal for your endpoints. This efficiency is largely thanks to the use of the RUST programming language and ongoing optimisation efforts, ensuring the agent remains lightweight and has no noticeable impact on IT users.

What operating systems does HarfangLab support?

All OS are supported: Windows, Linux and macOS. Our detailed documentation is available for more information.

How can HarfangLab EDR be deployed?

HarfangLab EDR can be deployed both in SaaS (public Cloud) and on On-Premises (piate Cloud) infrastructure, offering the same functionalities in either environment.

Regardless of the deployment method, agents are installed directly on the endpoints and communicate with the console to share telemetry data and receive threat detection and blocking policies.

Updates require no endpoint reboots and, for On-Premises deployments, can be managed either remotely or on site.

Is HarfangLab EPP compatible with third-party solutions?

You can easily integrate our security solution into your security operations center (SOC). Our platform facilitates this integration through various connectors with SIEM, SOAR, NDR, Threat Intelligence platforms and file analysis centers…

As part of the HarfangLab Guard offer, which combines our EDR and EPP solutions, benefit from centralized, optimized defense for your IT infrastructure. Compatibility with third-party technologies ensures optimal detection and protection.