Summary of features
Version 2.0 of SES Evolution offers the following features.
SES Evolution 2.0 features
| Protection | |
|---|---|
| Memory overflow | Protects your pool from intrusion attempts and vulnerability exploitation. |
| Process hollowing | |
| Security token theft | |
| File system bypass | |
| Keylogging | |
| File access control | Controls all system resources and access to them. Allows applications to make changes, access these resources or blocks them. You can also simply monitor them. |
| Registry base access control | |
| Memory access control | |
| Execution control | |
| Driver loading detection | Detects rootkits that attempt to load or change drivers in the kernel. |
| Driver alteration detection | |
| Application firewall | Controls incoming and outgoing network communications for each application. |
| Wi-Fi access point control | Manages allowed Wi-Fi networks and prevents the Wi-Fi-LAN bridge from being set up. |
| Floppy disk or CD/DVD drive control, serial ports | Controls devices allowed in your pool through fully customizable rules. |
| Bluetooth device control | |
| USB device control | |
| USB decontamination air gap | Controls the USB keys and hard disks in your pool, manages trusted devices and blocks devices that have not been validated. |
| Configuration | |
|---|---|
| Management via agent groups | Organizes your pool according to your requirements through a simple but powerful system of agent groups. |
| Configuration deployment | Deploys new configurations in all agents with a single click in the administration console. |
| Stormshield security policy |
Protects your pool with a default policy that covers common threats and adds custom security rules to fully adapt the policy to your environment. |
| Context-based security policies | Adapts security to agents’ environment so that they apply different policies based on their location. |
| Policy management through rule sets | Pool security rules in your policies and manage exceptions easily. |
| Scheduled tasks | Runs commands on agents by configuring scripts from the administration console. |
| Agent modularity | Manages features installed on each agent from the administration console: uninstall unused features, delete incompatible versions and reduce the attack surface. |
| Challenges | Allows some operations to be performed securely through a question/response system. |
| Simultaneously connected administrators | Organizes your administrators by role to manage simultaneous access to various resources on the administration console. |
| Activity monitoring | |
|---|---|
| Dashboard | See the status of your pool in a glimpse with a simple dashboard. |
| Log tracking | Views events that agents raise, filtering them by priority, type, group, etc. |
| Attack analysis | Follows incidents and analyzes attacks in a dedicated panel that illustrates steps in charts and provides additional information to better understand each attack. |
| Agent monitoring | Tracks the pool’s agents in real time, checks their status and assigns them to groups |
| Syslog server export |
Exports all events in your SIEM system to include them in your other sources of security information (firewall, antivirus, etc.). |