Ericom Shield is an advanced, remote browser isolation solution designed to add another layer to your defensive posture. It isolates malware, ransomware and other threats to prevent harm by keeping everything off of the endpoints. This solution transparently secures internet usage while reducing risk to an organization, alleviating operational burdens. It can be deployed on-premises, in public or private clouds, or as a hybrid.
We liked the support for a wide array of browsers, which left us free to choose whichever one we desired. Considering it is a clientless product, we had some problems and were expecting a more streamlined experience. However, we were impressed with the overall simplicity behind the concept of this solution.
For Ericom detection is not enough so it focused on isolation, claiming to stop 100 percent of malware from the web from ever reaching the endpoint. While this protection is limited to web-based solutions the product fills a niche in an often overlooked area.
Ericom leverages an agile development approach with updates issued to the dashboard every month.
Each website is executed in an isolated browser, confined within a new and disposable Linux container that takes local cookies and moves them into that session for easy remote login. Containers are held remotely from organizational networks. When a site is deemed safe, it is rendered to endpoint browsers for secure and seamless browsing experiences. Upon cessation of the browsing session, that container and subsequent executable code are destroyed to ensure the malware can’t persist. These containers make extensive use of Docker and Kubernetes.
Algorithms built into the solution help protect against common phishing attempts through the analysis of requested target pages. For any suspected high phishing probability, the solution carries out a customizable policy defined by an organization’s security team.
Any files to be downloaded over the course of a browser session are scanned and cleaned with a pre-integrated, content disarm and reconstruction (CDR) process before being passed to the user’s device. The tool will sanitize any endpoint that becomes infected.
Various reporting options are available and allow selecting certain timeframes for detailed views into what happened and when. These reports adhere to GDPR and privacy rules. From an audit trail perspective, information on events is being traced to show what occurred.
This product functions differently compared to the other products we saw and focuses on the attack vector of the Internet. A tool called Analyzer can test the connection between an end user and the remote browser. This functions like a speed test, except it tests from the endpoint to the remote browser.
Tested by Tom Weil