Harfanglab EPP
Automate threat blocking,
improve alerts prioritisation and
focus on critical tasks.
HarfangLab EPP protects your endpoints (workstations and servers) and automatically blocks threats when detected.
Integrated within the agent, HarfangLab’s EPP – available with HarfangLab’s EDR – can deliver endpoint security even when disconnected from the central console.
Quarantine notifications educate users about cybersecurity risks, while blocking alerts sent to the console provide IT and cybersecurity teams with optimal visibility into threats affecting the IT environment.
Automatically block threats
The HarfangLab EPP antivirus can analyse and emulate the opening of files with various extensions to evaluate their legitimacy.
It can then identify their signature, thanks to our partner Ikarus‘ antiviral database, and block them if they pose a security risk.
Scans can be performed on demand directly by information system users via the central console.
+ The extra mile
With the automatic blocking of known threats, analysts can focus on leveraging the data provided by the EDR for deeper investigation.
A unified alert from both tools signals that this security event requires prioritised attention.
The features included in HarfangLab’s EPP’s firewall are crafted to secure network traffic. Incoming and outgoing data is filtered using whitelists and blacklists that can be easily managed from the HarfangLab console.
- Open or limit IPs, network protocols, ports and more,
- Segmentation by individual or group of endpoints or network policy profiles
An EPP (Endpoint Protection Platform) is a security tool designed to provide broad threat protection, including features like antivirus, firewall and USB port protection. It can automatically block threats when it detects malicious files, unauthorised network connections, the connection of USB devices, etc. EPPs can also alert you to abnormal activity.
HarfangLab’s EPP is available as part of the HarfangLab Guard plan, which includes both an EDR and an EPP.
The memory and CPU usage of HarfangLab’s EPP are tied to the specific tasks demanded of it, but they remain minimal. This efficiency is largely thanks to the use of the Rust programming language and ongoing optimisation efforts, ensuring the agent remains lightweight and has no noticeable impact on IT users.
All OS are supported: Windows, Linux and macOS. Our detailed documentation is available for more information.
HarfangLab EDR can be deployed both in the Cloud and on On-Premises infrastructure, offering the same functionalities in either environment.
Regardless of the deployment method, agents are installed directly on the endpoints and communicate with the console to share telemetry data and receive threat detection and blocking policies.
Updates require no endpoint reboots and, for On-Premises deployments, can be managed either remotely or on site.
Find out more
Cybersecurity: why combine EDR and EPP
HarfangLab extends its protection with an EDR + EPP package. What are the technical advantages? What are the benefits for…
EDR vs. EPP: what are the differences and how do you make the right choice?
Understand how antivirus software, EPP and EDR work, and the resources that run them.