One…
A key benefit of our Xshield Enterprise Microsegmentation Platform™ is pervasive microsegmentation. By that we mean that Xshield protects all asset types in your enterprise landscape from lateral movement attacks: IT, IoT, and OT, in the data center, in containers, and in the cloud. Without microsegmentation, attackers could exploit an initial breach to traverse your enterprise landscape until they locate your high-value assets and steal data or encrypt systems for ransom.
Xshield’s unified administrator console manages multiple types of zero-trust policy enforcement points for servers, user workstations, cloud workloads, Kubernetes containers, Internet-of-Things, Operational Technology, and even legacy OS devices. This way, there are no weak spots in your enterprise microsegmentation strategy. After all, it doesn’t matter if you’ve locked the gate; if it’s not connected to a contiguous fence, the attackers will just walk around it.
To give you this pervasive protection, we use both agentless and agent-based policy enforcement. Our agentless gatekeeper controls traffic for Operational Technology and IoT devices, our agentless service mesh integration does so for Kubernetes containers, and we use agentless native cloud controls for hyperscaler-deployed applications.
For data center servers and user workstations, our lightweight Xshield agent configures rules on the native firewalls in Windows, Linux, and macOS.
…plus one…
But what if the desktop management team at your organization doesn’t want to install a new agent on their servers and workstations? And even if they would, in many organizations it takes weeks—or even months—to qualify and get sign-off for any new agent software installation.
We have a solution for this so-called “agent fatigue”. Xshield is integrated with the leading EDR solutions, such as CrowdStrike, SentinelOne, and Microsoft Defender for Endpoint, one of which you probably have already installed in your environment. Our integration with the EDR system lets us use their agents to visualize the network traffic and assets. It takes only minutes to connect our SaaS-based management system to your existing EDR system. This saves you the time and effort of installing and maintaining another agent on your endpoints.
…equals three.
Another advantage of adding our microsegmentation capabilities to your existing EDR installation is that we help your EDR do better what it already does so well. Xshield’s traffic controls stop the lateral attack tactics, techniques, and procedures (TTPs) that are tracked in the MITRE TTP knowledge base, which is integrated right into the Xshield console. So, it drastically cuts down the attack surface and blast radius available to an attacker. This reduces the number of alerts from the EDR system, by as much as 10 to 1, reducing alert fatigue for your SOC engineers.
Let’s have a discussion about how our integration with EDR systems can help you easily add the critical capability to stop lateral movement attacks to your total cyber defense strategy. Our expert solution teams are ready to help.
