This article includes a list of Bitdefender GravityZone Cloud Security's core features as well as the optional add-ons you can enable and disable, which come at an extra cost.
- By default, Disk Encryption, Email Security, and Exchange Security are all enabled during the trial period and should be disabled if you don't wish to incur charges for these, once the trial period ends. However, Advanced Threat Security is disabled by default. Learn how to enable and disable Bitdefender add-ons
- Bitdefender Patch Management and Virtual Devices add-ons are not supported at this time.
GravityZone Cloud MSP Security
Bitdefender GravityZone Cloud MSP Security includes the following core features:
- Antimalware: Based on signature scanning and heuristic analysis (e.g., B-HAVE, ATC).
- Advanced Threat Control: This works as a malware/network attack defense.
- Advanced Anti-Exploit: Catches the latest exploits in real-time and mitigates memory corruption vulnerabilities that can evade other security solutions.
- Risk Management: Helps identify and remediate many network and operating system risks on the endpoint level.
- Firewall: Helps to protect endpoints from inbound and outbound unauthorized connection attempts.
- Network Protection (with Content Control and Network Attack Defense): Focused on detecting network attacks designed to gain access to endpoints through specific attacks (e.g., brute force, network exploits).
- Device Control: Helps by preventing sensitive data leakage and malware infections via external devices attached to endpoints such as USB flash drives, Bluetooth devices, CD/DVD, etc.
- Web Filtering: Helps to schedule web access while blocking or allowing certain web categories or URLs.
- Ransomware Mitigation: Ability to restore files encrypted in a ransomware attack from tamper-proof copies. You can find the Ransomware Mitigation settings under the Antimalware > On-execute policy section.
Complement Bitdefender GravityZone Cloud MSP Security with the following add-ons:
- Disk Encryption
- Email Security
- Exchange Security
- ATS (Advanced Threat Security)
- EDR (Endpoint Detection and Response)
- EDR Standalone
- XDR (eXtended Detection and Response)
- MDR Foundations
- Integrity Monitoring
- The MDR Foundations add-on will apply to all endpoints within the Bitdefender 'company' when enabled. Learn more
- Disk Encryption, Email Security, and Exchange Security are all enabled during the trial period. Disable these add-ons during your trial if you don't want to incur charges for these add-ons once your trial ends.
- Advanced Threat Security is disabled by default.
- The Patch Management and Virtual Devices add-ons are not available after the trial period ends.
Learn more about Bitdefender add-ons
GravityZone Full Disk Encryption is a solution delivered by Bitdefender that helps companies comply with data regulations and prevent the loss of sensitive information in case of lost or stolen devices.
The Full Disk Encryption gives you simple remote management of the encryption keys. This solution provides centralized handling of BitLocker (on Windows), FileVault and the diskutil command-line utility (both on macOS), taking advantage of the native device encryption and ensuring optimal compatibility and performance.
To access a list of the most frequently asked questions about Gravity Zone Full Disk Encryption including the supported Operating Systems, the type of disks encrypted, or prerequisites, please refer to this article
- Troubleshooting Full Disk Encryption on Microsoft Surface devices
- Enabling Intel PTT on Windows Machines without TPM
Using a simple redirection of MX records and outbound "Smart Host" configuration, Bitdefender Email Security service provides multi-layered, advanced protection for your organization's inbound and outbound email traffic.
Email Security includes the following features:
- Policy Engine is an out-of-the-box system to control email delivery and filter messages through a comprehensive rule builder.
- Connection Rules monitors connection attempts to and from mailboxes.
- Email Authentication supports SPF, DKIM, and DMARC.
- User Synchronization manages Active Directory users and groups.
- Mailbox Synchronization synchronizes Microsoft Azure Active Directory.
- Anti-spam technologies detect spam and sophisticated targeted phishing attacks.
- Antimalware uses security content and behavior to detect malware.
- Quarantine uses a company-wide policy.
- Safe and Deny Lists configures individual and company-wide lists.
- Executive Tracking List detects users’ real names within the header and envelope address fields to protect against impersonation attacks.
- Disclaimer adds an HTML text disclaimer to outbound emails.
- Reports and Charts provide detailed visibility of mail flow, triggered rules, and taken actions.
- Scheduled Reports link reports to schedules and sends alerts to recipients.
For a more in-depth look at the Email Security add-on, please check this comprehensive user guide from Bitdefender.
- How to Configure DKIM (Email Security)
- How to block emails from spoofed senders in GravityZone
- How to block senders based on email header in GravityZone
Exchange Security provides anti-spam and antimalware for mail servers, ensuring a secure messaging and collaboration environment with minimal resource consumption. This includes multi-layer protection against spam and phishing to determine whether email messages are spam or threat vectors. Learn more
Advanced Threat Security
Advanced Threat Security (HyperDetect and Sandbox Analyzer) includes tunable machine learning and cloud.
HyperDetect features local machine learning models and advanced heuristics trained to spot hacking tools, exploits, and malware obfuscation techniques to block sophisticated threats before execution. It also detects delivery techniques and sites that host exploit kits and blocks suspicious web traffic.
Sandbox Analyzer analyzes suspicious files in depth, detonates payloads in a contained virtual environment hosted by Bitdefender, analyzes their behavior, and reports malicious intent.
Relevant Bitdefender troubleshooting articles:
- Sandbox Analyzer Installation Error Codes
- Error Codes for Image Management in GravityZone Sandbox Analyzer
- Sandbox Analyzer LogCollector for Troubleshooting
- Using Golden Image Tester for GravityZone Sandbox Analyzer
- Detonation Error Codes in GravityZone Sandbox Analyzer
Endpoint Detection and Response (EDR)
Endpoint Detection and Response (EDR) looks for anomalies and offers early visibility into advanced attacks, indicators of compromise (IOCs), one-click threat investigation, and incident response workflows.
You can find the entire list of kernel versions and Linux distributions that support the EDR Sensor here
- EDR requires HyperDetect and Sandbox Analyzer (Advanced Threat Security) so these services will be enabled as well.
- When EDR is enabled, Advanced Threat Security will be greyed out and selected by default.
Endpoint Detection and Response (EDR) Standalone
Advanced Endpoint Detection and Response (EDR) for Windows and Mac computers, focused solely on EDR capabilities (without the need to purchase as part of a security package); so fear not if you're already buddied up with an endpoint security solution from a different vendor! There's always room in the party for Bitdefender EDR Standalone.
Extended Detection and Response (XDR)
Bitdefender GravityZone XDR swoops across your organization's tech landscape, covering your physical and connected devices, virtual and cloud platforms, and hosted workloads! With a keen eye for mischief, it sniffs out digital invaders within your infrastructure and applications, catching them red-handed. On top of that, it guides your team to respond rapidly, making your digital world a safer place. The following XDR add-ons are available:
- Identity Sensors: Safeguarding user identities by detecting and responding to suspicious activities and unauthorized access attempts in real time.
- Productivity Sensors: Monitoring user productivity software to identify any unusual or suspicious behaviors that might indicate a security threat.
- Network Sensors: Focusing on the traffic and activities in your network, ensuring any anomalies or potential threats are swiftly detected and dealt with.
- Cloud Sensors: Focusing on your cloud-based resources and data, helping you respond to threats before they can cause serious damage.
Managed Detection and Response (MDR) Foundations
Perfect for cybersecurity insurance providers! Imagine having your own team of cyber-ninjas, on call 24x7 — that's exactly what Bitdefender MDR gives you (and it's backed by eXtended Detection & Response (XDR)). Bitdefender MDR is a master mixer, blending elements from your endpoint, network, cloud, identity, and productivity app data into a thrilling cocktail of security analytics. This is all jazzed up with a Security Operations Center (SOC), which is a manned control hub, staffed by security gurus hailing from global intelligence agencies, adding that extra dash of flair to your cybersecurity.
Maintain compliance and regulatory security standards by monitoring the integrity of files, registries, directories, installed programs, and user rights throughout your company. Deploy easily, configure quickly, and let Bitdefender's all-encompassing approach handle anomaly detection, automatic responses, event classification, and performance improvements. Goodbye, alarm saturation, and say hello to effective security monitoring!
7-day retention plan: This is the default, base plan that provides 7-day data retention. Check out the following data retention add-ons to store your events in Bitdefender:
90-day retention plan: Suitable for quarterly audits, helping you maintain compliance and system integrity for a quarter.
180-day retention plan: A mid-year check-up for your systems, perfect for bi-annual audits or system checks.
365-day retention plan: A comprehensive year-long plan — ideal if you're seeking continuous, long-term monitoring of your systems.