Stay Informed

Our Security Bulletin with topical white papers and product updates will keep you in the know.



Read our Privacy Policy before you subscribe.

Downloads
Security Expertise

Talk with one of our experts to learn how quickly and easily we can secure your fixed and mobile endpoints. Contact us today!

 

In over 12 years of deployments our solutions have never been hacked or suffered any other vulnerabilities.

Check the NIST database to find out if your security solution can make the same claim.

Blue Ridge/Secure EdgeGuard

Managed Security Service

The growing number of remote and mobile workers places an increasing cost and management burden on IT and Security organizations. The cost for supporting mobile end-users is high; as much as ten times higher for those with administrative privileges according to leading industry research firms. Companies cannot fully realize the productivity gains associated with remote and mobile access because of concerns about malware outbreaks, data leaks from laptops, and internal attacks on mission critical servers.

Blue Ridge/Secure EdgeGuard managed security service allows organizations to regain control of fixed, remote, and mobile endpoints quickly and cost-effectively. With Blue Ridge/Secure EdgeGuard in place, organizations can realize all of the benefits of a distributed workforce while remaining confident that their mission critical servers and data are safe from unauthorized access and attacks.

The EdgeGuard service locks-down endpoints to reduce risks of attack, lowers operational costs and frees end-users from security management tasks. It also prevents end-users from making system changes exposing them to malware attacks or worse. EdgeGuard can prevent end-users, even with administrator privileges, from circumventing endpoint security policies that:

  • Ensure client security software is continuously running to prevent malware outbreaks
  • Contain at-risk applications that may be exploited, leaking sensitive data or launching attacks on enterprise servers
  • Identify pirated software that might trigger copyright liabilities
  • Enforce endpoint settings to prevent end-users from altering system configurations
  • Automatically and remotely correct vulnerabilities
  • Quarantine at-risk endpoints from the enterprise while allowing access to vendor-specific remediation servers
  • Enforce location-aware policies to mitigate different risks in different situations

Endpoint security is implemented using industry accepted and corporate best-practices. Blue Ridge has designed EdgeGuard so that it can be deployed in phases, providing fast time to value, while delivering increased management capability. The three implementation phases are:

  • Quick NAC—ensure client security software is continuously running optimally
  • Discovery and Audit—methodically identify risks and monitor them
  • Policy Enforcement—enforce policies developed after Quick NAC deployment

 

Maximize Client Security Software Effectiveness

Malware clean-ups can cost hundreds to thousands of dollars per endpoint. One laptop can spread infected code to many other enterprise endpoints and event attack mission critical servers within the enterprise. It is reported that over half of all malware infections could have been prevented had traditional anti-virus, anti-spyware, and personal firewall client software been running and fully up-to-date. However, administrators frequently find these programs disabled, out-of-date, and malfunctioning. Most commonly, the anti-virus and anti-spyware agents are found to conduct full-scans too infrequently, because they are not configured correctly or the endpoint is turned off at the time of a scheduled full-scan.

EdgeGuard ensures that endpoints on and off the enterprise have enabled:

  • required client security software
  • real-time scanning
  • up-to-date signature files (i.e., malware fingerprints)
  • most current agent software
  • frequent full scans

Endpoints without their defenses fully optimized are at risk of becoming infected or may already have become infected. EdgeGuard can remediate these endpoint defenses automatically. In cases when it cannot, EdgeGuard can quarantine the at-risk endpoint from the enterprise and still allow access to vendor-specific remediation resources.

Top of page

 

Locking Down Mobile Endpoints

There are many configuration settings within the Windows registry database that when set correctly reduce risks to the enterprise by controlling various endpoint behaviors. Unfortunately, most organizations lack the means to monitor and enforce such settings when endpoints are off-enterprise and typically do not enforce such settings when endpoints are on-enterprise.

EdgeGuard enables continuous monitoring and enforcement of the registry settings that reduce risks from unauthorized endpoint access. These risks include compromised data, hijacking of the endpoint itself, compromised data communications between end-users and web servers or SSL VPN gateways, or attacks on enterprise servers by rootkit-based malware. Below are examples of harms that EdgeGuard can deter:

Common Risks EdgeGuard Risk Mitigation
Expose enterprise communications between endpoint and enterprise Disable 'ignore certificate validation error' capability that end-users unknowingly select when man-in-the-middle attacks occur on website or SSL VPN gateway sessions, usually occurs in wireless scenarios.
Compromise sensitive data on endpoints or hijack endpoints to attack the enterprise Disable 'auto-run' so if an end-user inserts an untrustworthy thumbdrive into the endpoint, malicious software does not automatically run.
Application buffer overflow attacks that might leak data or hijack endpoints Enable built-in CPU memory protection to reduce likelihood of an application vulnerability being exploited.
Un-patched Microsoft operating system components and applications expose enterprises to data leaks and endpoint hijacking. Enable automatic Windows update

Some settings can be perceived by end-users as an inconvenience. When IT personnel are determined to enforce such settings because the risks are unacceptable, EdgeGuard can enforce them when the endpoints are on or off the enterprise regardless of whether the end-user has administrative privileges.

Top of page

 

Smart Quarantine: At-Risk Endpoint Containment

Endpoint security policies are designed to mitigate risks such as data leaks, malware infestation/propagation, mission critical server outages, and endpoint hijacking (i.e., Bot insertion). When an endpoint is non-compliant, it is by definition at-risk of compromise and of becoming a threat to the rest of the enterprise.

EdgeGuard can quarantine an endpoint from the enterprise, even if the endpoint is employing a remote access VPN. The quarantine can however allow the endpoint limited access to vendor-specific resources on or off the enterprise that may be required to remediate the non-compliance.

EdgeGuard differs from other offerings in that its quarantine is also designed to protect the endpoint when it is in such a vulnerable state. Wherever the endpoint is located, EdgeGuard can block all Internet access, except for remediation resources.

Top of page

 

Application Control Reduces Enterprise Attack Surface and Support Costs

To simplify support and maintenance, endpoints are typically configured and deployed such that end-users have administrative privileges. Consequently, end-users with administrative privileges install numerous 3rd party applications that are frequently vulnerable to attack, exposing the entire enterprise to all of the usual risks from malware and hackers.

For example, many of the applications are purely recreational and negatively impact productivity. Some organizations have zero tolerance, whereas others allow them to run when the endpoints are off-enterprise. EdgeGuard application control is situation aware and can enforce policies based on user location, network type, etc.

EdgeGuard can prevent any application or service from starting regardless of whether an end-user has administrative privileges. Even when a determined end-user renames an application, EdgeGuard will not allow it to execute.

Most companies have deployed client security, remote management, and/or mandatory auditing software that must be running continuously. EdgeGuard can render these applications and services unstoppable, even when end-users have administrative privileges.

Policy requires Windows Defender anti-spyware running. EdgeGuard ensures that end-users with administrative privilege cannot terminate it.

Top of page