Ahnlab Epp Management

AhnLab EDR

Enhanced Response
with Holistic Visibility

AhnLab EDR is an endpoint detection and response solution that provides actionable insights and holistic visibility for enhanced response.

3) AhnLab EPP Patch Management: 패치 관리 솔루션 4) AhnLab EPP Security Assessment: 취약 시스템(PC) 점검 및 조치 솔루션 5) AhnLab EDR (Endpoint Detection & Response). AhnLab EPP Management AhnLab EPP Agent (V3 + EDR) EDR License.백신(AV), EDR 및그외엔드포인트안 솔루션운영을위한.개별에이전트, 개별매니지먼트콘솔필요.EDR 전용장비구매및구축필요.백신추가사용시개별설치및관리필요 EDR Management EDR Agent AV Management Anti-virus (AV) Agent. Integrated single management platform V3 Internet Security V3 Endpoint Security V3 Net for Unix/Linux V3 Net for Windows V3 Mobile Security EPS EPP AhnLab 10 Endpoint Protection Complete protection to ensure a trusted business environment AhnLab delivers a variety of proven, world-class antivirus products for desktops and server, and thereby. AhnLab EPP Privacy Management 엔드포인트 보안 플랫폼 AhnLab EPP 기반의 AhnLab EPP Privacy Management를 통해 개인정보보호 관련 규정에 명시된 기술적 보호 조치를 쉽고 간편하게 수행할 수 있습니다.

AhnLab EDR is an Endpoint Detection and Response (EDR) solution that continuously monitors endpoints for comprehensive threat detection, analysis, and response.

New and unknown malware, including ransomware, and malware variants are intensifying at an alarming pace - but organizations do not have adequate response measures in place and rely on traditional endpoint security measures.

To mitigate the risks and strengthen your resiliency in security incidents, EDR technology is necessary. AhnLab EDR provides a total process of information detection, analysis, response, and prediction at endpoints. The response process enables holistic visibility into threats with continuous monitoring and recording of every activity in endpoints, analyzing the flow and enabling stronger response.

Ahnlab Epp Management Solutions

Resources
[White Paper] A Simple Guide to Understanding EDR
Download

AhnLab EDR provides optimized response and endpoint visibility against threats via adaptive management.

Enhanced Threat Visibility

AhnLab EDR collects, saves, and analyzes all endpoint activities and behavioral data using an exclusive behavior analysis engine. It categorizes and classifies the collected data into actionable insights to enable prompt response. AhnLab EDR enables easy-to-understand, intuitive monitoring of endpoint threats through the process tree.


Optimized Response via Adaptive Management

Based on AhnLab EPP – a unified security management platform – AhnLab EDR provides optimized response via a single agent. Through AhnLab EPP, AhnLab EDR operates with other endpoint solutions with no additional agent installation required. AhnLab EDR also provides flexible interoperation with third-party solutions are provided, thereby strengthening threat intelligence. Through AhnLab's adaptive management system, a stronger and faster user-oriented response is made possible.

With enhanced threat visibility, AhnLab EDR provides optimized response for advanced threats in various environment. AhnLab EDR provides the following benefits:

1. Enhanced Response via Holistic Threat Visibility

Ahnlab
  • - Provides detailed analysis, such as the type of threat, point of entry, and target user
  • - Collects all OS-based behavioral data concerning processes, files, registries, networks, and systems
  • - Identifies threats via its exclusive behavior analysis engine and event timeline analysis
  • - Offers a watchlist of suspicious behaviors, such as injection, system setting change, network connection, and ransomware behavior

2. Actionable Insights for Prompt Response

  • - Classifies the data into actionable insights, such as behavior type and severity
  • - Uses intuitive process tree for quick identification of threats
  • - Organization’s security team can actively respond to threat through proactive management
  • - Provides detailed information, such as recommended response actions, reference links, and threat information mapped to MITRE ATT&CK techniques and tactics

3. Connected and Robust Protection

  • - Connecting policy and security measures with other endpoint security solutions available –based on AhnLab EPP
  • - Flexible interoperation with third-party solutions

4. Cost-Effective Deployment and Minimal Management Burden

  • - Run on single agent and at-a-glance management console– based on AhnLab EPP
  • - Vast range of functions can be monitored and controlled via a single interface
  • - No additional agent needed and can run simply by adding a license

AhnLab EDR is easy to deploy via the AhnLab EPP Agent and requires no additional agent installation or kernel driver for EDR operation.

AhnLab EDR Details
System Support
OS
  • · Windows XP SP3 / Vista / 7 / 8(8.1) / 10

  • · Windows Server 2003(+SP2, +R2) / 2008(+R2) / 2012(+R2) / 2016 / 2019

  • * 64-bit is supported for the above OS

LanguageKorean, English, Chinese(simplified), Japanese

※ Recommended server specifications vary according to your environment. For more information, please contact us at global.sales@ahnlab.com

AhnLab EPS

Optimized Protection
for Fixed Function Systems​

Advanced cyber atta​cks targeting critical infrastructures and organizations of high-value have increased over the past several years. AhnLab EPS provides the control and management tools you need to protect your critical infrastructures from malicious threats.

Utilizing a lightweight agent, AhnLab EPS ensures system availability of various fixed function systems, such as Industrial Control Systems (ICS), Point of Sale (POS) Terminals, KIOSKs, and ATMs.

Business continuity and advanced endpoint protection is also ensured by AhnLab EPS with AhnLab’s exclusive whitelisting technology.​


Resources​

[Insights] How to Ensure System Availability ​ Read More >​

In critical infrastructures, it is important to quickly detect any existing threats to ensure a seamless operation or service. But most often, frequent security updates and patches can in​terfere with the operation, taking up a lot of time and system resources.

AhnLab EPS provides stable operation and optimized security for various environments. Through its advanced whitelisting technology, AhnLab EPS delivers cost-effective protection while also ensuring business continuity with simple and easy management.

Simple, Easy Operation and Management

- Allows simple administration and implementation

- Provides application control based on intelligent whitelisting technology

- Enables easy management by only allowing authorized applications to be executed

- Ensures operational continuity with minimal use of system resources with a lightweight

Ensures Productivity and Business Continuity

- Prevents malware-induced security breaches

- Provides system stability without requiring signature or patch updates

- Minimizes the use of system resources with a lightweight agent, thus providing optimized protection for fixed function systems

Cost Efficient

- Reduces system and data restoration costs by preventing malware damages

- Reduces time and costs required for system security and maintenance

AhnLab ICM is a centralized security monitoring and management solution that simplifies the management of multiple AhnLab EPS servers by centralizing the data received from each server.

AhnLab ICM collects and visualizes the data received from multiple AhnLab EPS servers, enabling users to quickly identify and respond to security issues found in devices connected to multiple servers.

AhnLab ICM allows businesses to efficiently monitor multiple systems through an intuitive user interface. The centralized management solution also provides businesses with reporting and notification services to reduce the TCO (Total Cost of Ownership).

Key Features

  • 1. Identify Risk Faster with Enhanced Visibility
    - Provides an intuitive dashboard that visualizes the status of multiple AhnLab EPS servers
    - Supports user-defined dashboard and detailed view of dashboard items
    - Enables status check/search on AhnLab EPS servers and agents connected to the server
  • 2. Reduce IT Workload with Centralized Security Policy
    - Allows simple application of AhnLab EPS main policies
    : Features include a search for exception list, delete all, search for disabled policies regarding malware
    - Provides search for history and results regarding the delivery of AhnLab EPS policies·commands distributed by AhnLab ICM
  • 3. Protect Efficiently with Simplified Security Management and Operation
    - Supports integration via EPSIC update without the migration of all servers (AhnLab EPS 2.1 or higher)
    - Provides software type/export setting to SIEM system in CEF, LEEF, Syslog format
    - Manages the latest downloads of malware scanning engines
    : Engine update server path must be set to AhnLab ICM in servers higher than AhnLab EPS 2.1

Operating Environment

AhnLab ICM Web Console

Category

System Requirements

CPU

Intel Core i5-6500 3.2GHz 4Core or more

Memory

4GB or more

Web Browser

Internet Explorer 11

※ More dashboard items are provided if Chrome 82 is available.

Supported Languages

Korean, English, Chinese (Simplified)

AhnLab ICM Web Console

Category

System Requirements

OS

RHEL 8

Ahnlab Epp Management Group

※ Recommended hardware specifications for servers required in the installation of AhnLab ICM may vary depending on the client's environment.

AhnLab EPS is provided in both Server-Client Type (Managed Type) and Standalone Type for various environments.

Ahnlab Epp Patch Management

System Requirements

Hardware

- CPU: IntelⓇXeonⓇProcessor E5 Family (8 or more, 3GHz or more, 8MB Cache or more)

- Memory : 16GB

- HDD

• OS: 300GB x 2 (RAID 1) or more

• DATA: 1TB or more (RAID type recommended)​

OS

RHEL 7.6(64bit)​

Console Browser

Internet Explorer 8.0 or higher

System Requirements​

Hardware

- CPU ​: Pentium 133MHz or more

OS

* Embedded OS​

- Windows XP​ Embedded

- Windows Embedded Standard 2009

- Windows Embedded Standard 7

- Windows Embedded POSReady 2009

- Windows Embedded POSReady 7

- Windows Embedded 8.1 Industry (Pro, Enterprise)

* Client OS

- Windows 2000 Professional

- Windows XP (Professional)

- Windows Vista (Enterprise, Ultimate)

- Windows 7 (Professional, Enterprise, Ultimate)

- Windows 8, 8.1 (Professional, Enterprise)

- Windows 10 (Professional, Enterprise)

- Windows 10 loT Enterprise

* Server OS

- Windows 2000 (Server / Advanced Server)​

- Windows Server 2003 (Standard, Enterprise)

- Windows Server 2008 (Standard, Enterprise)

- Windows Server 2012 (Essentials, Standard)

- Windows Server 2016 (Essentials, Standard)

- Windows Server 2019 (Essentials, Standard)

System Requirements​​​

Hardware

- CPU : Intel Family (32/64 bit)​

- Memory : 1GB or more​​​

- HDD : 500MB or more​​​

OS​

- CentOS​​: 3.3 ~ 8.1

-​ Red Hat Enterprise: 3.3 ~ 8.1

- Ubuntu 18.04

System Requirements​​​​

Hardware​

- CPU : Pentium 233MHz or more ​

- ​Memory : 64MB or more​​

- HDD ​: 1.5GB or more​​

OS

* Embedded OS​

- Windows Embedded Standard 2009

- Windows Embedded Standard 7

- Windows Embedded POSReady 2009

- Windows Embedded POSReady 7

- Windows Embedded 8.1 Industry (Pro, Enterprise)

* Client OS

- Windows XP SP3 (Professional)

- Windows Vista (Enterprise, Ultimate)

- Windows 7 (Professional, Enterprise, Ultimate)

- Windows 8, 8.1 (Professional, Enterprise)

- Windows 10 (Professional, Enterprise)

* Server OS

- Windows Server 2008 (Standard, Enterprise)

- Windows Server 2012 (Essentials, Standard)

- Windows Server 2016 (Essentials, Standard)