Good segmentation of the internal networks is a security best practice that organizations struggle to achieve. Most security events begin with the workstation, where the user is interacting with the online world. If a user clicks on the wrong link, to proliferation of Ransomware or the lateral east-west spread of malware across the internal network, OPAQ’s software-defined network segmentation is a groundbreaking approach that provides unparalleled visibility and control over workstations and servers. It enables organizations to provide users with access to the resources they need while reducing attack surface and locking down attack vectors.

Endpoint Inventory, MDR, and Response from the OPAQ Cloud

Managed Detection and Response services need powerful capabilities on the endpoint to provide the visibility needed to investigate threats and rapidly contain them. OPAQ Endpoint Protection goes beyond typical Endpoint Detection and Response (EDR) solutions, adding continuous HW/SW asset inventory, software-defined network segmentation and instantaneous quarantine capabilities — all essential functions required to increase visibility and reduce attack surface area and response time.

OPAQ Endpoint Protection gives you the ability to:

  • Continually inventory all devices communicating on your network
  • Gain visibility into east/west traffic and investigate incidents
  • Limit attack surface by segmenting the network and preventing threat propagation
  • Take action to quarantine suspicious hosts using the cloud workbench

Features of OPAQ Endpoint Protection

  • Automatic host hardware and software asset inventory 
  • Instant responsive security operations metrics and reporting 
  • Endpoint dashboard and host analysis 

Features of Endpoint Protection

Host Hardware and Software Asset Inventory

• Automatically discover hardware and software across your network

• Identify IoT, BYOD, and other unmanaged devices

• Quickly and easily report on asset details – see everything in a single view

Endpoint Dashboard and Host Analysis

• Real-time topology views enable you to see which assets are communicating with each other

• One-click drill-down capability can zero in on individual hosts, users, process names, and TCP/IP services

• Contain known or suspicious infected hosts with a click of a button

Software-Defined Network Segmentation

• Define policies that prevent lateral east-west spread of malicious threats throughout your network

• Users on the same local network segment can be granted access to different resources depending upon their job function

• Enforce access control based on user identity, device state and multi-factor authentication

• Seamless integration with OPAQ’s FWaaS for comprehensive policy enforcement