Harfanglab EPP

Automate threat blocking, 
improve alerts prioritisation and 
focus on critical tasks.

EPP1
Automatically protect your assets
EPP2
Reduce the burden on analysts
EPP3
Maintain full visibility of your cyber environment

HarfangLab EPP protects your endpoints (workstations and servers) and automatically blocks threats when detected.

Integrated within the agent, HarfangLab’s EPP – available with HarfangLab’s EDR – can deliver endpoint security even when disconnected from the central console.

Quarantine notifications educate users about cybersecurity risks, while blocking alerts sent to the console provide IT and cybersecurity teams with optimal visibility into threats affecting the IT environment.

Signature-based antivirus detection and blocking
File scanning
Local firewall for filtering network traffic
Single console for centralised data management and correlation

Automatically block threats

epp4
check
An antivirus to automatically block known threats

The HarfangLab EPP antivirus can analyse and emulate the opening of files with various extensions to evaluate their legitimacy.

It can then identify their signature, thanks to our partner Ikarus‘ antiviral database, and block them if they pose a security risk.

Scans can be performed on demand directly by information system users via the central console.

 

+ The extra mile

With the automatic blocking of known threats, analysts can focus on leveraging the data provided by the EDR for deeper investigation.

A unified alert from both tools signals that this security event requires prioritised attention.

epp5
check
A firewall for securing network traffic

The features included in HarfangLab’s EPP’s firewall are crafted to secure network traffic. Incoming and outgoing data is filtered using whitelists and blacklists that can be easily managed from the HarfangLab console.

  • Open or limit IPs, network protocols, ports and more,
  • Segmentation by individual or group of endpoints or network policy profiles

An EPP (Endpoint Protection Platform) is a security tool designed to provide broad threat protection, including features like antivirus, firewall and USB port protection. It can automatically block threats when it detects malicious files, unauthorised network connections, the connection of USB devices, etc. EPPs can also alert you to abnormal activity.

HarfangLab’s EPP is available as part of the HarfangLab Guard plan, which includes both an EDR and an EPP.

The memory and CPU usage of HarfangLab’s EPP are tied to the specific tasks demanded of it, but they remain minimal. This efficiency is largely thanks to the use of the Rust programming language and ongoing optimisation efforts, ensuring the agent remains lightweight and has no noticeable impact on IT users.

All OS are supported: Windows, Linux and macOS. Our detailed documentation is available for more information.

HarfangLab EDR can be deployed both in the Cloud and on On-Premises infrastructure, offering the same functionalities in either environment.

Regardless of the deployment method, agents are installed directly on the endpoints and communicate with the console to share telemetry data and receive threat detection and blocking policies.

Updates require no endpoint reboots and, for On-Premises deployments, can be managed either remotely or on site.