All purchasing from www.bitdefender.in are only for Indian region. Licenses cannot be supplied, activated or supported in others countries. close

GravityZone Security for Endpoints

Stop Advanced Threats with Layered Endpoint Security

Main Content

GravityZone Security for Endpoints

Essential and Effortless Protection to keep your business running

With its adaptive, layered architecture, Bitdefender GravityZone Security for Endpoints offers the best protection against sophisticated threats without compromising on performance.

Patented machine learning technologies combined with the ability to monitor behavior and detect attack techniques enable GravityZone to enable GravityZone to prevent, detect and block threats that both traditional endpoint and so-called “next-gen AV” defenses miss.

It then automatically takes actions to keep businesses running normally, including rolling back malicious changes.

Features and benefits

Add-on Module Endpoint Detection and Response (EDR)

Fast alert triage and incident investigation, using attack timeline and sandbox output, enable incident response teams to react fast and stop ongoing attacks.

Add-on Module HYPERDETECT™ BLOCKS ATTACKS
AT PRE‑EXECUTION

Bitdefender HyperDetect contains machine learning models and stealth attack detection technology. It forms an additional layer of security, specifically designed to detect advanced attacks and suspicious activities in the pre-execution stage. SEE MORE: HyperDetect Technical Brief

Add-on Module SANDBOX ANALYZER ENHANCES
TARGETED ATTACK DETECTION

Bitdefender Sandbox Analyzer provides pre-execution detection of advanced attacks by automatically sending files that require further analysis to cloud sandbox and taking remediation action based on the verdict. SEE MORE: Sandbox Analyzer Technical Brief

PROCESS INSPECTOR DETECTS AND
STOPS FILELESS ATTACKS

Bitdefender Process Inspector is a behavior anomaly detection technology that provides protection against never-before-seen threats in the on-execution stage. SEE MORE: Process Inspector Technical Brief

ENDPOINT CONTROL
AND HARDENING

Many features work together to reduce the attack surface: Patch Management, Full Disk Encryption, Web Threat Protection, Firewall, Application & Device Control.

ADVANCED ANTI‑EXPLOIT

The Bitdefender Memory Protection layer protects against known and unknown exploits targeting browser and application vulnerabilities in on-execution stage. SEE MORE: Memory Protection Technical Brief

Want to learn more?
Get the details on all features

DATASHEET

Detect and Prevent the Full Range of Sophisticated Threats and Unknown Malware

Endpoint Security HD defeats advanced threats and unknown malware, including ransomware, that evade traditional endpoint protection solutions. Advanced attacks such as PowerShell, script-based, fileless attacks and sophisticated malware can be detected and blocked before execution.

Detect and Stop Fileless Malware

Fileless malware attacks execute malicious code directly in memory. Since no file is present on the disk, AV solutions designed for file analysis are blind to this type of attack. Bitdefender leverages Advanced Anti-Exploit, HyperDetect™ and Process Inspector to detect, block and interrupt fileless attacks.

Stop Macro and Script-Based Attacks

In this case, attackers are trusted MS Office Macro that use Windows administration tools like PowerShell to run scripts and download malicious code to execute attacks. Since these are “trusted” Windows tools, most endpoint security products, including the pure Next-gen AV providers, don’t scrutinize scripts, like Powershell, WMI, Javascript interpretors etc. Bitdefender adds Command-Line Analyzer techniques to intercept and securitize scripts, alerting admins and blocking the script from running, if it carries out malicious commands.

Automate Threat Remediation, Containment and Response

Once a threat is detected, Endpoint Security HD instantly neutralizes it through actions including process termination, quarantine, removal and roll-back of malicious changes. It shares threat information in real time with GPN, Bitdefender’s cloud-based threat intelligence service, preventing similar attacks worldwide.

Improved Threat Context and Visibility

Bitdefender Endpoint Security HD’s unique capability to identify and report suspicious activities gives admins early warning of malicious behavior such as dubious operating system requests, evasive actions and connections to command and control centers.

Boost operational efficiency

Bitdefender’s single, integrated endpoint security agent eliminates agent fatigue. The modular design offers maximum flexibility and lets administrators set security policies. GravityZone automatically customizes the installation package and minimizes the agent footprint. Architected from the ground up post-virtualization and post-cloud security architectures, GravityZone provides a unified security management platform to protect physical, virtualized and cloud environments.

Endpoint Detection and Response (EDR)

Workflow and Visualization

GravityZone EDR workflow

Add-on Module

Advanced detection and response shows precisely how a potential threat works and its context in your environment.

MITRE attack techniques and indicators of compromise provide up to the minute insight into named threats and other malware that may be involved.

Easy to understand visual guides highlight critical attack paths, easing burdens on IT staff.

Integrated response recommendations indicate steps to remediate or reduce the attack surface.

GravityZone EDR workflow

HyperDetect™
Blocks Attacks at Pre‑execution

GravityZone Security for Endpoints incorporates HyperDetect, an advanced pre-execution add-on that uses specialized local machine models, behavior analysis techniques trained to spot hacking tools, exploits and malware obfuscation techniques. It effectively blocks attacks that both traditional endpoint and so-called “next-gen AV” defenses miss such as:

HyperDetect next-gen pre-execution layer

Add-on Module

Exploits

Powershell and other script based attacks

Phishing

File-less attacks

Ransomware

Unknown malware

HyperDetect next-gen pre-execution layer

Bitdefender layered next generation endpoint protection platform

Uses adaptive-layered architecture that includes endpoint controls, prevention, detection, remediation and visibility.

HARDENING

Patch Management

Patch Management

Keeps OSes and Applications up to date across the entire Windows install base.

Encryption

Encryption

Protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault).

Threat Protection

Threat Protection

Application Control

Device Control

Device Control

PREVENTION

Exploit Defense

Exploit Defense

Focuses on attack tools and techniques to detect both known and zero-day exploits that target popular software applications.

Fileless attack Defense

Fileless attack Defense

Local and Cloud Machine Learning

Local and Cloud Machine Learning

Email Security

Email Security

Malicious process monitoring

Malicious process monitoring

Tunable Machine Learning

Tunable Machine Learning

Network attack Defense

Network attack Defense

Firewall

Firewall

Automated Sandbox Analysis

Automated Sandbox Analysis

Sends suspicious files for detonation, analysis and provides a verdict in real time.

Automatic Disinfection & Removal

Automatic Disinfection & Removal

DETECTION AND RESPONSE

Threat and anomaly analytics and visualization

Threat and anomaly analytics and visualization

Anomaly detection

Anomaly detection

MITRE event tagging

MITRE event tagging

Root cause analysis

Root cause analysis

Incident detection and investigation

Incident detection and investigation

Manual sandbox investigation

Manual sandbox investigation

Remote command shell

Remote command shell

Network threat analytics NTSA

Network threat analytics NTSA*

REPORTING AND INTEGRATION

Dashboards & Reports

Dashboards & Reports

Notifications

Notifications

SIEM Integration

SIEM Integration

API Support

API Support

MDR

MDR*

Previous Next

Resources

GravityZone Enterprise Security Datasheet

GravityZone is built from the ground up for virtualization and cloud to deliver business securityservices to physical endpoints, mobile devices, virtual machines in private, public cloud and Exchange email servers.

DATASHEET

AV COMP REPORT on Elite March 2018

READ REPORT

WHITEPAPER ESG “AN ADAPTIVE AND LAYERED APPROACH TO ENDPOINT SECURITY”

READ WHITEPAPER

AV-TEST AWARDS BEST PROTECTION, BEST PERFORMANCE 2017

READ REPORT
Previous Next
VIEW ALLVIEW LESS
windows 8 security
Bitdefender AV Comparatives Gold
Opswat Certification
AV Test - 2017 Best Performance - Bitdefender

AV-TEST BEST PROTECTION 2017 ANNUAL AWARD

Bitdefender Endpoint Security received the highest score in AV-TEST’s Best Protection category, due to its capability to prevent and block all types of malware, including those never-before-seen. With more than six patents pertaining to machine-learning algorithms for detecting malware and other online threats, deep learning and anomaly-based detection techniques play a vital role in proactively fighting new and unknown threats.

Specs and FAQs

Requirements

Workstation/Tablet Operating System Requirements

Workstation OS:
Windows 10, Windows 8, 8.1, Windows 7, Windows Vista (SP1, SP2), Windows XP (SP3)
macOS Catalina (10.15), Mac OS High Sierra (10.13.x), Mac OS Sierra (10.12.x), OS X El Capitan (10.11.x), OS X Yosemite (10.10.5), OS X Mavericks (10.9.5), OS X Mountain Lion (10.8.5), macOS Mojave (10.14)

Windows tablet and embedded OS
Windows Embedded 8 Standard, Windows Embedded 8.1 Industry, Windows Embedded Standard 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7, Windows Embedded POSReady 2009, Windows Embedded Standard 2009, Windows XP Embedded with Service Pack 2, Windows XP Tablet PC Edition

Server Operating System Requirements

[Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012, Windows Server 2012 R2, Windows Small Business Server (SBS) 2011, Windows Small Business Server (SBS) 2008, Windows Server 2008 R2, Windows Server 2008, Windows Small Business Server (SBS) 2003, Windows Server 2003 R2, Windows Server 2003 with Service Pack 1, Windows Home Server)
Red Hat Enterprise Linux / CentOS 5.6 or higher , Ubuntu 12.04 LTS or higher, SUSE Linux Enterprise Server 11 or higher, OpenSUSE 11 or higher, Fedora 16 or higher, Debian 7.0 or higher

Workstation Hardware Requirements

Intel® Pentium compatible processor
1 GHz or faster for Microsoft Windows XP SP3, Windows XP SP2 64 bit and Windows 7 Enterprise (32 and 64 bit)
2 GHz or faster for Microsoft Windows Vista SP1 or higher (32 and 64 bit), Microsoft Windows 7 (32 and 64 bit), Microsoft Windows 7 SP1 (32 and 64bit), Windows 8, Windows 10
800 MHZ or faster for Microsoft Windows Embedded Standard 7 SP1, Microsoft Windows POSReady 7, Microsoft Windows POSReady 2009, Microsoft Windows Embedded Standard 2009, Microsoft Windows XP Embedded with Service Pack 2, Microsoft Windows XP Tablet PC Edition

Server Hardware Requirements

Minimum: 2.4 GHz single-core CPU
Recommended: 1.86 GHz or faster Intel Xeon multi-core CPU
Memory:
Minimum free RAM: 512 MB
Recommended free RAM: 1 GB
HDD space: 1.5 GB of free hard-disk space

Control Center Hardware Requirements

T CPU: 4 vCPU with 2 GHz each
Minimum RAM memory: 6 GB recommended
40 GB of free hard-disk space
Internet access for updates and communication with remote and mobile endpoints.
GravityZone Control Center is delivered as a virtual appliance and is available in the following formats:
- OVA (compatible with VMware vSphere, View)
- XVA (compatible with Citrix XenServer, XenDesktop, VDI-in-a-Box)
- VHD (compatible with Microsoft Hyper-V)
Support for other formats and virtualization platforms may be provided on request.

FAQs

What is Bitdefender GravityZone?

Bitdefender GravityZone is the new Bitdefender enterprise security solution for Medium to Very Large Organizations. It's redesigned from the ground up with a fresh, but proven private cloud computing architecture that takes full advantage of virtualized infrastructures. GravityZone leverages Bitdefender's acclaimed antimalware technologies and provides a centralized security management platform for physical, virtualized and mobile endpoints.

GravityZone is a business-agile solution that implements a holistic approach. Not just antivirus, but an enterprise-grade solution that helps organizations to attain their virtualization projects objectives and secure data, while preserving the systems' performance and users' productivity.

With built in redundancy and load balancing mechanism, it's capable to scale-out on-demand to protect from hundreds to hundreds of thousands of endpoints, and provides administrators with a single pane of glass into organization's security postures, global threats and dashboards for various roles within the organization.

What is the new Bitdefender GravityZone?

From platform architecture to security services, GravityZone emerges as a reinvented next-gen enterprise security solution built for the new IT landscape. The solution combines highly optimized virtualization aware security with leading detection technologies and a fresh, but proven, architecture.

Complex enterprise environments require tailored, integrated security solutions that support heterogeneous environments with a broad range of systems and usage scenarios. GravityZone has been designed to deliver optimized security for the new threats and risks of data exposures introduced by:

  • Exponential evolution of malware and professionalization, combined with;
  • Increased Internet penetration;
  • Exponential increase of data;
  • IT consumerization and convergence of devices and services;
  • Cloud computing and virtualization technologies.

All this has changed the IT landscape, the way information is delivered and consumed, how applications and services are provisioned.

GravityZone itself is implemented as a private cloud solution that runs on virtualized layers and it's packed to enable organizations to secure their IT assets, while helps to reduce administration burden, lower TCO and improve the return-on-investments. The solution removes the scalability limitation of legacy solutions based on client-server architecture and relational databases.

The improvement continues with security services, too. GravityZone extends and integrates security services to virtualized environments and mobile devices. So, as users are expecting the same experience when consuming information on a PC, Laptop, Tablet or Smartphone, the information security will be preserved, too, no matter if is accessed locally or remotely, from a workstation or a mobile device, if the company uses traditional or virtualized infrastructures.

GravityZone Enteprise Security comes with HyperDetect, a next-gen layer in pre-execution, that uses specialized local machine models, behavior analysis techniques trained to spot hacking tools, exploits and malware obfuscation techniques.

What do you mean by unified security for physical, virtualized and mobile environments?

GravityZone is unified by design and aims to be a solution that covers all security requirements. In current stage it unifies the main security services and provides a single point of management for physical, virtualized and mobile endpoints security. Future development will integrate new security services into GravityZone, like security for email and collaboration, and also will add services enhancements and support for other platforms.

Unlike other solutions that bolt-on modules to an aging architecture, importing different 3rd party technologies and trying to put them together, Bitdefender GravityZone has been architected from the ground up as a unified security management platform across physical, virtualized and mobile environments. It features a modular design that allows flexible and tailored security services, and role based administration.

The solution comprises of the following integrated components:

  • GravityZone Control Center - the management platform that provides the single point of security management across organization.
  • Security for Endpoints - protects Windows workstations and servers.
  • Security for Virtualized Environments - protects virtualized Windows and Linux guest systems, running on VMware, Citrix, Microsoft or any other virtualization platform
  • Security for Mobile Devices - enables secured BYOD adoption, with easy delivery and control of mobile devices security for effective administration.

GravityZone SVE service is mandatory or can I choose any security services?

GravityZone is 100% modularized. This means that you can choose what services you want to license, with the needed number of units per each one.

Even if GravityZone is delivered as virtual appliance, its deployment is not constrained by SVE service activation. However, if you already run or plan to deploy virtualization projects, we recommend you to implement Security for Virtualized Environments (SVE).

With GravityZone you will benefit of effective security and improved administration efficiency from two directions. On one side reduced administration burden due to centralized management and architecture benefits with simple turn-key deployment of GravityZone virtual appliance, built in redundancy and scalability mechanism, and on the other side is the optimized virtualization security services of SVE that will help you attain your business objectives of the virtualization projects and realize the full potential of your investments.

Does GravityZone support a mixed virtualized environment?

For example, there is a need to provide security for VMs running on VMware ESXi and Microsoft Hyper-V at the same time.

Yes, with Security for Virtualized Environments service of GravityZone you can manage all types of virtualization scenarios from a single point of management. GravityZone Control Center is integrated with VMware vCenter and Citrix XenCenter, and also supports many other virtualization platforms, like Microsoft Hyper-V, KVM, RedHat Enterprise Virtualization, or Oracle Virtualization.

Additional Protection Layers and Services

GRAVITYZONE INTEGRATED PATCH MANAGEMENT ADD-ON

Unpatched systems leave organizations susceptible to malware incidents, outbreaks, and data breaches. Keep your OS and Applications up to date across the entire Windows install base - workstations, physical servers and virtual servers with GravityZone Patch Management.

Learn More

GRAVITYZONE FULL DISK ENCRYPTION ADD-ON

Protects data for the entire endpoint hard drive by leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault). It takes advantage of the native device encryption to ensure full compatibility and maximized performance.

Datasheet

Professional Services

Our experts will help you install and configure your Bitdefender solution for the optimal protection and performance your business applications need. These services offer customers the benefit of expert guidance throughout the implementation process, ensuring a smooth and trouble-free start.
Skilled Bitdefender engineers will follow best practices and keep your business needs in mind while helping you install the security solution in your environment.

Datasheet
Previous Next

If you want to enjoy
GravityZone Security for Endpoints,
take a quick start here:

REQUEST DEMO

Still have questions?

Do you need help deciding which solution is right for you? The Bitdefender Sales Team is happy to be of service.

Get support