UserGate Management Center C offers a single point of control allowing an administrator to centrally manage security settings, apply unified policies, and monitor UserGate physical and virtual appliances in use.
Endpoint Detection & Response (EDR) Software
In a corporate network, every device with a remote connection can become an entry point for intruders. Endpoint security is an important component of network security as more and more employees use mobile devices at work and are able to log into the corporate network through them.
Risk Factors:
- Mass remote access
- Increase in ransomware
- No communication between isolated security tools
- Increase in the number of exploits
- Slow response to cyber incidents in a busy network
Strategy
The most effective way to protect corporate networks from emerging threats is through a proactive security strategy that includes integrated monitoring, management, and advanced endpoint protection components.
Solution
UserGate Client is a UserGate SUMMA agent providing visibility into security events.
A UserGate Client instance connected to the UserGate SUMMA ecosystem of security components provides additional endpoint information and allows device control inside and outside the network perimeter providing extended threat detection and response (XDR).
Network Access Control Software
Control Secure Access to the Enterprise IT Infrastructure Using the Zero Trust Concept (ZTNA)
Zero Trust Network Access (ZTNA) is a concept for continuous validation of network presence legitimacy based on provided data, the context of access and use of company resources, event logging and response to changes and incidents/anomalies when gaining access to the network.
Risk Factors:
- The head of a company needs guaranteed and secure access to IT resources from anywhere
- A company has many employees who often go on business trips and work outside the office
- A company with a large staff of remote/hybrid employees
Strategy
- Limit the level of access to IT infrastructure
- Implement a tool providing reliable, secure and uninterrupted remote access
- Monitor the status of connected devices (this is possible due to the combination of EDR and NAC functions in UserGate Client)
Solution
UserGate Client can connect to secure corporate networks through its own built-in VPN client and support configuration sets for managing connections. UserGate Client can also tranfer the endpoint state information to UserGate Management Center in order to check compliance and provide access to IT infrastructure.
UserGate Client Features
- Reports the device’s status, software versions, and running applications to the UserGate SUMMA security component ecosystem
- Performs policy management for the applications used on the device
- Offers protection at the level of a host-based firewall
- Provides network access control based on compliance policies (Network Access Control, NAC)
- Provides secure remote connection (Virtual Private Network, VPN)
- Implements corporate network connection using the zero trust network access methodology (Zero Trust Network Access, ZTNA)
UserGate Client Benefits
- Important component of Zero Trust Network Access (ZTNA) implementation
- Deployed centrally across thousands of devices
- Collects logs and reports for the UserGate Log Analyzer SIEM system (Security Information and Event Management)
- Enables quick and secure connection to corporate networks via IPSec tunnels
- Stores information on network activity and user endpoint activity
Expertise
Using expertise packages from UserGate Monitoring and Response Center, you can detect indicators of compromise (IoC) on endpoints and block malicious activity in case of an incident.
Supply Options:
- As a software product consisting of a UserGate SUMMA security ecosystem agent
- On a Security as a Service basis
Applications of UserGate Client
Classic EDR (Endpoint Detection & Response)
EDR consists of UserGate Client agents installed on the endpoints and the backend part (UserGate Management Center + UserGate Log Analyzer). UserGate Client monitors the endpoints and transmits security event data to UserGate Log Analyzer.
UserGate Log Analyzer analyzes the received data and checks them against Indicator of Compromise (IoC) databases and other available information on compound threats. If the EDR system detects an event with signs of a cyber incident, it notifies security personnel about this.
Network Access Control (NAC)
A NAC setup consists of UserGate Client agents, a UserGate Management Center server, a UserGate Log Analyzer server, and a UserGate NGFW firewall. UserGate Management Center creates network access security rules based on endpoint device data (OS version, update availability, presence of specific software, etc.). UserGate NGFW receives information on the endpoint device’s conformance to the security policies and makes a decision on whether to grant access.
Endpoint Protection Outside Perimeter
UserGate Client can function as a node-level firewall. This makes it possible to keep the same level of endpoint device protection upon leaving the network perimeter. During any remote work, the ability to filter malicious and prohibited websites as well as protect network connections against various threats will remain.
Organizations with multiple branches, where a company-wide security policy must be applied to each device and lots of firewalls are used, require a single control center. UserGate Management Center E can manage a number of firewalls from a single point.