1. Issues such as the end of EDR support

EDR (Endpoint Detection and Response) plays an important role in cybersecurity for many companies, and is highly effective in the fields of endpoint monitoring and attack detection. However, there is a concern that security risks will increase suddenly if EDR support expires at an unexpected time (such as when an old OS needs to be used for a while due to schedule reasons such as equipment renewal).

Here, we will introduce a case study of the use of "microsegmentation," which can maintain security levels by reducing dependencies on things like OS support.

2. Differences between EDR and microsegmentation

EDR is a solution that monitors endpoint behavior and responds when an abnormality is detected. It constantly updates the latest attack information, and can eliminate the corresponding threat when an attack is confirmed. However, if support ends, you will not receive notifications of updated threat information, and the risk of the latest attacks being overlooked increases.

Microsegmentation is not a perimeter defense like traditional networks, but a technology that precisely controls communications for each device. This approach is characterized by the fact that it involves a simple operation of "controlling communications," so there are fewer cumbersome updates and the product support period is relatively long. It can effectively prevent various communications used in targeted attacks (malware downloads, lateral movement, etc.), and can also be used in situations where EDR support has expired, as mentioned above.

3. Can EDR and microsegmentation be used together?

As mentioned above, there are cases where microsegmentation can be effective when EDR support expires, but I would like to touch on the technical compatibility between the two.

To get straight to the point, the technical compatibility and synergy is "perfect." If we summarize the operational concepts of the two, EDR is "protecting when attacked (reactive response)," while microsegmentation is "building a defense line before an attack occurs (proactive response)." When applied to the NIST Cybersecurity Framework, it can be thought of as follows, making it an effective combination from the perspective of defense in depth.

4. "Guardicore" - a microsegmentation solution with strengths in security

We will introduce three features of Akamai's "Guardicore" as a specific microsegmentation product.

1. OS-independent proprietary firewall

Guardicore builds a unique firewall that is independent of the OS, so it is less dependent on OS support and can maintain a high level of security even if support for the OS or EDR has expired. Another advantage is that it supports a wide range of OSes.

Maintain a higher level of security with Akamai Guardicore even after OS and EDR support ends

2. Akamai's unique security features

It also incorporates Akamai's security knowledge and unique security features that utilize AI, allowing you to discover and address the latest security risks, achieving a higher level of security than conventional microsegmentation.

Akamai's unique security features

3. Simple and advanced control

Guardicore can easily label devices that control communications, and can display communication status simply even in environments with many devices. Because it can identify users and processes that use control devices, it can prevent "unexpected communications" caused by advanced cyber attacks in advance.

Labels allow easy visualization of communication status for segments and devices

5. For more detailed information and evaluations, please contact Macnica Solutions.

Macnica Solutions handles all Akamai products. With Guardicore, we will support our customers in utilizing the product by utilizing our knowledge of network security. If you are interested in Guardicore, please contact Macnica Solutions.

Inquiry/Document request