BUFFERZONE
Safe Browsing & Endpoint Isolation
Introducing BUFFERZONE
- BUFFERZONE protects organizations from a wide range of threats with patented containment, CDR – bridging and intelligence technologies.
Instead of blocking, BUFFERZONE isolates potentially malicious content from web browsers, email, communication apps like WhatsApp, Line, WeChat, Zoom and removable storage.
Malicious content is isolated into a virtual container that keeps the application separate from real memory, registry, files and network resources of the computer.
BUFFERZONE maximizes user productivity with seamless, unrestricted access to information and applications.
It empowers IT with a simple, lightweight, and cost-effective solution for up to thousands of endpoints within and beyond the corporate network and according to security best practices.
Browsing sessions that access external, untrusted content such as unknown internet sites are kept in a virtual container, protecting trusted resources from any potential threats.
Email message and attachments from untrusted sources are similarly contained.
The SafeBridge® technology allows safe extraction from the container using CDR technologies.
Why BUFFERZONE?

An ounce of prevention is worth a point of cure
Even the best detection technology cannot return the data, money or reputation lost in a breach.
Though a layered approach addressing the entire attack cycle is a must, prevention still has the highest ROI.
BUFFERZONE provides a better way to reduce the attack surface, and to protect the employee endpoints, the most vulnerable part of an organization.
Zero-Day Exploits, Ransomware, Drive-by Downloads, Malvertising
Conventional endpoint security like antivirus and HIPS is essential, but not sufficient.
Any solution that looks for known signatures and behaviors will miss the newest threat.
Businesses need an additional layer of protection that can isolate the new threat… efore the damage is done.
Endpoints – the biggest attack surface

Traditional Defenses are Flawed
Detection cannot be 100% accurate
Levels of false alerts and alarms are high
Antivirus now catches just 45% of cyberattacks
Emails, attachments, downloads and removeable storage remains high on the attack vector list
You can try to restrict users’ access to the internet. But…
They will not be happy…
When they need it, IT will open access
There are still removable media, email attachments…
Business continuity will be impacted
BUFFERPOINT Advanced Endpoint Security is the Solution
You cannot detect all threats. But you can contain them with BUFFERZONE.

Contains data & executables from external sources
Protects against known and unknown malware
Stops weaponized docs and file less attacks
Increases user productivity with unrestricted access to information
Reduces alerts and false alarms
CDR (Content Disarm & Reconstruction) enables full business continuit
Capture & Analyze Forensic Data
BUFFERZONE Protects Against
BUFFERZONE Features
Safe Browsing
Web browser runs inside the virtual container
Drive-by malware is isolated in the container
Downloaded documents and media open inside the container
Organizational proxy can restrict internet access to protected devices
DLP upload blocker: Prevents file uploads from protected endpoints
Zone management: Automatic by site list or opt-in by proxy block / network separation

Trusted versus Untrusted Sites

Zone Management
Browser containment (IE, Chrome) zone management options:
Site list: List of trusted URLs; browsing sessions to all other sites are contained.
Zone switch is automatic, requiring no user intervention.
Optional: Neutral sites, accessed in any current zone.Proxy control: Upon trying to connect to the internet, organizational proxy blocks; BUFFERZONE prompts to opt-in.
Sessions are digitally signed by BUFFERZONE and the proxy allows only BUFFERZONE contained sessions.Network separation: Configure trusted IP ranges; BUFFERZONE prompts to opt-in.
BUFFERZONE Passport
User tries to connect to the internet – how would you know the user is protected by BUFFERZONE?
BUFFERZONE Passport is controlling the user’s access to the internet by issuing one of the following “Passports”:
Static password
Dynamic password (updates every 5 seconds)
BUFFERZONE Passport – How it works

External Digital Storage

Open any external sources safely inside the container
USB memory, CD/DVD, mobile phones
Shared Network Folders
Any file is opened inside a container
Blocks auto-run
SafeBridge®
CDR (Content Disarm & Reconstruction)
Disarms Office, PDF, images, HTML, XML, ZIP archives, audio, etc.
Two available levels:
Basic – on host
Advanced – Hardened server for detonating files. Highest level of security
Use cases
Share among users
Upload to organizational sites
Edit in unsupported application
About BUFFERZONE
BUFFERZONE endpoint security solutions protect enterprises from advanced threats, including zero-day, drive-by downloads, phishing scams and APTs. With cutting-edge containment, bridging and intelligence, BUFFERZONE gives employees seamless access to internet applications, mail and removable storage – while keeping the enterprise safe. For more information, please visit the company at https://bufferzonesecurity.com/.