An Introduction to Bitdefender and GravityZone

In a previous life I was once involved with projects that supported military weapon systems and security was a big part of that life as it is today as part of my role here at ComputerWorld as a consultant specialising in security solutions.

One of the things that perplexes me about the IT security landscape today is the sheer array of threats that exist and indeed the different aspects of those threats, some are based on software vulnerabilities, some are based on network attacks, some are email based, some are trying to get access to or steal your data and the list goes on. There are of course security solutions out there to address these threats but more often than not they require multiple different solutions which in turn each have their own administrative interface and may require their own client software to be deployed, the end result is the same though, it’s a load more work for us poor administrators!

Well there is some good news, the GravityZone solution from Bitdefender rolls many of these security products into a single solution and not only does it do that but it does it pretty well, don’t take my word for it check out this report from AV-Comparatives for some always-good independent opinion:

https://www.av-comparatives.org/advanced-endpoint-protection-test/

Now, as I want to do the GravityZone product justice and as I want to provide you the reader a good level of detail - but without turning this blog into war and peace (as I am sometimes guilty of) – then this will be an introduction that will be followed by a series of other articles exploring the features in more detail.

Who are Bitdefender?

BitDefender are now a global security technology company founded in Romania in 2001. They are now headquartered in both Bucharest, Romania and in Silicon Valley (Santa Clarita, California) and continue to grow boasting an impressive 80% Enterprise Business growth margin year over year.

Their pedigree from an AV/Security perspective is no less impressive and a number of other security software vendors actually OEM BD software technology in their own solutions meaning that, through over 135 OEM partners and under their own brand, they are protecting over 500 million endpoints in 150 different countries.

Not only do they have the largest deployment base out there but each machine protected by Bitdefender is also a sensor meaning that the strength of the whole network increases with each new endpoint - the lager the base, the faster the response to zero-day malware.

What does that sort of deployment base look like – a staggering 130K REQUESTS per second! Bitdefender’s Global Protective Network answers in milliseconds to billion queries per day, uses reflective models and advanced machine learning algorithms to extract malware patterns, ensuring real-time protection against threats. Centralized security infrastructure that permanently scans the internet for new threats and provides intelligence to the locally installed agents. Also, each agent sends alerts about possible malware, allowing their centralized services to correlate the information received from different agents to identify new threats.

The company started implementing this security model in 2011 and since then have managed to offer the best security and best performance to their customers through what is today probably the biggest global security network in the world.

In short, they have been doing what they are doing for a good while now and have gotten pretty good at it

BitDefender GravityZone Summary

GravityZone is the name of the Security Platform designed for Enterprise environments and is suitable for small environments of less than <50 end-points upto the largest enterprise environments out there with 100k+’s of end-points.

The solution can be on-premise or cloud based and both versions offer Microsoft AD integration to allow remote deployment to end-points, GravityZone has a single pane-of-glass management console for all the different aspects of end-point protection/security and it can be used to provide effective security on pretty much everything you would need it to in a modern datacentre or end-user environment.

The on-premise version of the software is very easy to deploy and configure and, since it is a self-contained linux virtual appliance for VMware, Hyper-V or XenServer, it does not have any external dependencies such as SQL servers or a Microsoft Server OS to install onto. The solution is highly scalable so can grow as your organisation and/or requirements do.

Conversely, the cloud-hosted version requires no setup or server resources since it is hosted in the BitDefender cloud.

The difference between the two hosting options are based upon functionality, with On-Premise providing support and protection for mobile devices and integration with VMware vCentre and XenServer alongside the AD integration.

How does GravityZone Provide Protection?

As I have mentioned previously to do the product justice I want to relate the features in more detail in subsequent posts but in short, GravityZone offers layered protection against the threats that Enterprise organisations face today. The graphic below shows all of the features but be aware that certain features are subject to additional licensing subscriptions – I’ll detail which in the later blog posts.

All of the features below are controlled centrally via policies from the main GravityZone administration console – the GravityZone Control Centre.

BitDefender have taken a layered approach to security:

  1. Hardening and Control – Taking steps to make it harder for infections to get a foothold.
  2. Pre-Execution Multi-Stage Detection – using multiple techniques to analyse and detect threats prior to the processes actually running on the end-point.
  3. Automatic action – in the event that a threat slips through automated actions stop the threat in its tracks, isolate it and can even begin remediation action.
  4. Visibility and Reporting – the final step is to provide visibility to the administrator of whats happening in the environment, good reporting and automated notifications of what’s going on.

I will explore these elements in more detail in upcoming blog posts.

Want to know why ComputerWorld recommend Bitdefender?