Review: Digital Guardian offers ready-to-deploy endpoint security

Advanced threats are increasingly assaulting endpoints. Here's how the Digital Guardian Threat Aware Data Protection Platform tackles the problem.

endpoint protection

In recent years, advanced threats have been increasingly targeting endpoints. This makes sense because endpoint security has traditionally been the realm of signature-based antivirus, technology that has proven to be inadequate protection against targeted and highly advanced malware campaigns.

The cybersecurity industry has stepped up with centrally-managed endpoint protection programs, either as standalone platforms or as part of a larger security deployment. These work well, and CSO has reviewed several solutions in this category, including Minerva and Promisec, but they continue to evolve, with the newest idea being endpoint security as a service. That is where the Digital Guardian Threat Aware Data Protection Platform comes in.

Right now, the platform exists as an on-premises solution with a central appliance, either physical or virtual, deploying agents out to server and client endpoints and devices running Windows, Mac OS or Linux. However, it is currently undergoing a transformation into the Digital Guardian Analytics and Reporting Cloud, which provides endpoint security as a service, bundled into a threat-aware protection platform that includes data discovery and classification, data loss prevention, cloud data protection and threat detection and response. We tested the service-based Digital Guardian program to see how it stacked up against traditional on-premises solutions.

With most endpoint security programs, protection is delivered through the creation of rules. Behavior that breaks the rules of the network is considered suspect, and is blocked, flagged or otherwise becomes the subject of a security alert. One of the biggest problems with this method is that security is only as good as the ruleset. Administrators either must carefully craft rules based on their own expertise or set a protection program into a learning mode for several weeks or months while it discovers good network behavior and crafts rules restricting everything else.

The Digital Guardian platform, by contrast, comes ready to use, pre-loaded with thousands of best practice rules based on years of experience working in the field. And after a quick data discovery process, those rules are tailored to the specific network that it is protecting. This is all done nearly instantaneously, so that when agents are deployed, they can immediately begin protecting endpoints with good security policies.

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.