회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

ZombieZERO EDR for Server

APT/Ransomware Response Solution on Server

ZombieZERO EDR for Server

ZombieZERO EDR for Server’s summary

ZombieZERO EDR for Server is installed on the Windows server and blocks the execution of new/variant malwares in advance through the Whitelist-based ‘Execution Holding’ function. And it analyzes/detects known and unknown malwares through the central analysis server (ZombieZERO Inspector) to make the system execute only secure file.

Main Features

> Blocking new/variant malware with Whitelist-based ‘Execution Holding’ function

: If the file is not registered on the Whitelist, the file’s execution is held and sent to Inspector (central analysis server) to be analyzed based on behavior.

> Malicious file is blocked and blacklisted. Normal file is added on Whitelist and executed in the server normally.

> Monitoring the detection / analysis status (dedicated UI)

> Malware detection / blocking through interworking with central analysis server (Inspector’s Sandbox)

> Network-related malware detection itself as well as SandBox linkage analysis

  • Spoof attack
  • EST attack
  • Flood attack (SYN Flood, UDP Flood, ICMP Flood, WEB Flood)
  • Reverse connection
  • Port scan (TCP port scan, UDP port scan, NULL port scan)
  • Host scan (IP scan / ARP scan)

Recommended specifications of installable server

> Installation capacity : about 20MB (EXE, INI file, etc.)

> Available for Windows Server 2008 / Windows Server 2008 R2 / Windows Server 2012 /
Windows Server 2012 R2 / Windows Server 2016 / Windows Server 2016 R2

System configuration diagram

npcore