Call a Specialist Today! 800-886-5369

Forcepoint Threat Protection for Linux
Detect Potential Threats and Unauthorized Programs on Your Linux Systems


Forcepoint Products
Forcepoint Threat Protection for Linux
Forcepoint Threat Protection for Linux, 25 - 100 Users, 1 Year
- Pricing per user for quantities 25-100
#MI-A-CP12-N
Contact us for pricing!
Forcepoint Threat Protection for Linux, 101 - 250 Users, 1 Year
- Pricing per user for quantities 101-250
#MI-B-CP12-N
Our Price: $154.67
Forcepoint Threat Protection for Linux, 251 - 500 Users, 1 Year
- Pricing per user for quantities 251-500
#MI-C-CP12-N
Our Price: $146.93
Forcepoint Threat Protection for Linux, 501 - 1,000 Users, 1 Year
- Pricing per user for quantities 501-1,000
#MI-D-CP12-N
Our Price: $139.20

Click here to jump to more pricing!

Overview:

Environment Options

Endpoint
Endpoint

Gain the visibility you need for malware and other threats affecting your Linux-based servers so you can keep vital business processes flowing.

Linux is the platform of choice for cloud applications, Web infrastructure and other critical back-end services for many organizations. Undetected breaches of these systems can cost your organization dearly in terms of business downtime, reputation damage, reduced revenue and regulatory fines.

Threat Protection for Linux helps you detect risks within your Linux environment and understand what they are affecting so you can decide how to more effectively defeat them. It enables you to minimize attackers’ dwell time in your systems and get back to normal operations quickly and safely, avoiding downtime and reducing the chances of damage or leaks.

This solution is like an X-ray for your servers: it looks deep into the memory for each of your Linux systems — even if you have thousands of them distributed geographically — and then uses that information to detect any signs of trouble. Just like an X-ray shows a doctor where the trouble is, this solution helps your security team know exactly where to focus their efforts.

Threat Protection for Linux automates Linux memory forensics to verify the integrity of the kernel and processes on each server. It detects rootkits, backdoors, unauthorized processes and other signs of intrusions that may have penetrated all other defenses, and its memory forensics alerts can be easily integrated into any existing Security Incident Event Management (SIEM) system so that your team can carry out quick, in-depth investigation and response.

Increased usage of Linux

Linux is everywhere in the modern enterprise—in cloud deployments, web infrastructure, and many business-critical back-end services. A recent Linux Foundation report indicates that 80% of respondents planned to increase the number of Linux servers within their organizations over the next five years.

Escalated attack on Linux

As Linux is used more, it is increasingly attacked—at mass scale by cybercriminals and in targeted operations by motivated attackers. The past year has seen the discovery of more and bigger Linux malware campaigns than in any previous year. Yet as quickly as security researchers publish information and indicators for the malware, attackers update their tools and techniques.

Addressing the threats to Linux systems

Threat Protection for Linux addresses advanced Linux threats by providing a signature-less attack detection capability based on memory forensics and integrity verification. Memory forensics eliminates reliance on the operating system and other software on potentially compromised hosts, giving Threat Protection for Linux a trustworthy view of system state. Integrity verification means that Threat Protection for Linux ensures Linux systems are running unmodified software from known sources – making malware instantly visible.

Meeting the needs of Linux security teams

Linux system administrators and security teams require the ability to ascertain whether their systems are compromised or not. The most effective way to make such a determination is to understand what software systems are supposed to be running, and to verify they are running precisely that software and nothing else. Such a capability is invaluable for proactive detection of intrusion, determining the scope of a breach, and validating the success of remediation. With Threat Protection for Linux, Linux administrators and security teams can gain confidence in their systems’ security, be ready to respond to security incidents, reduce attacker dwell time, and improve the overall effectiveness of their operations.

Conclusion

The rising trend in malware campaigns and incidents targeting Linux systems, combined with the ability of modern Linux malware to avoid common security measures, make the advanced Linux threat detection and response capability of Threat Protection for Linux vital for any organization that depends upon the security of its Linux systems. Threat Protection for Linux provides unparalleled visibility and assurance of the software in memory on Linux servers and workstations, from the kernel to system services and applications. There is no more effective tool commercially available for detecting rootkits, backdoors, unauthorized processes, and other indicators of compromise on Linux systems.

Features and Benefits:

Benefits

  • Detects known and unknown Linux threats such as malware without relying on signatures that other solutions usually miss
  • Rapidly scans thousands of systems with hundreds of gigabytes of memory
  • Intelligently collects only the information needed to verify the integrity of a remote system's kernel and executable code in all processes, reducing time and expense
  • Has minimal impact on monitored systems
  • Leverages SSH infrastructure for network communication, eliminating the need for an always-running agent
  • Provides flexibility and ease of implementation to enable your IT security team to quickly assess and interpret results

Features

  • Compatible with Linux distributions of kernel version 2.6 and higher for 32- and 64-bit x86 systems
  • Configurable scanning engine for automated scans of remote systems
  • Integrates with enterprise security information event management (SIEM) systems
  • Extensive collection of reference software for both kernels and applications
  • Easy-to-use GUI
  • Output in JSON structured data format

Deployment:

Threat Protection for Linux Architecture
Threat Protection for Linux Architecture

Documentation:

Download the Forcepoint Threat Protection for Linux Datasheet (.PDF)

Price Note:

Forcepoint Threat Protection for Linux, 25 - 100 Users, 1 Year
- Pricing per user for quantities 25-100
#MI-A-CP12-N
Contact us for pricing!
Forcepoint Threat Protection for Linux, 101 - 250 Users, 1 Year
- Pricing per user for quantities 101-250
#MI-B-CP12-N
Our Price: $154.67
Forcepoint Threat Protection for Linux, 251 - 500 Users, 1 Year
- Pricing per user for quantities 251-500
#MI-C-CP12-N
Our Price: $146.93
Forcepoint Threat Protection for Linux, 501 - 1,000 Users, 1 Year
- Pricing per user for quantities 501-1,000
#MI-D-CP12-N
Our Price: $139.20

For more than 1,000 users, please use our Quote Request Form!