Bitdefender Cloud Security and paid add-ons

This article includes a list of Bitdefender GravityZone Cloud Security's core features as well as the optional add-ons you can enable and disable, which come at an extra cost. These include:

• Disk Encryption
• Email Security
• Exchange Security
• Advanced Threat Security 
• Endpoint Detection and Response (EDR) 

By default, Disk Encryption, Email Security, and Exchange Security are all enabled during the trial period and should be disabled if you don't wish to incur charges for these, once the trial period ends. However, Advanced Threat Security is disabled by default. Learn how to enable and disable Bitdefender add-ons

Note: Bitdefender Patch Management and Virtual Devices add-ons are not supported at this time.

Core Features

• Antimalware – Based on signature scanning and heuristic analysis (B-HAVE , ATC).
• Advanced Threat Control – This works as a malware/network attack defense.
• Advanced Anti Exploit – Catches the latest exploits in real time and mitigates memory corruption vulnerabilities that can evade other security solutions.
• Risk Management – Helps to identify and remediate a large number of network and operating system risks on the endpoint level.
• Firewall – Helps to protect endpoints from inbound and outbound unauthorized connections attempts.
• Network Protection (with Content Control and Network Attack Defense) – Focused on detecting network attacks designed to gain access to endpoints through specific attacks i..e brute force, network exploits etc.
• Device Control – Helps by preventing sensitive data leakage and malware infections via external devices attached to endpoints such as USB flash drives, Bluetooth devices, CD/DVD etc.
• Web Filtering – Helps to schedule web access while blocking or allowing certain web categories or URLs.
• Ransomware Mitigation – Ability to restore files encrypted in a ransomware attack from tamper-proof copies. You can find the Ransomware Mitigation settings under the Antimalware > On-execute policy section.

The cost for Atera's Bitdefender GravityZone Cloud integration is $1.20 per protected device per month.

Disk Encryption

GravityZone Full Disk Encryption is a solution delivered by Bitdefender that helps companies comply with data regulations and prevent the loss of sensitive information in case of lost or stolen devices. The Disk Encryption add-on comes at an extra $1.10 per device per month.

The Full Disk Encryption gives you simple remote management of the encryption keys. This solution provides centralized handling of BitLocker (on Windows), FileVault and the diskutil command-line utility (both on macOS), taking advantage of the native device encryption and ensuring optimal compatibility and performance. 

To access a list of the most frequently asked questions about Gravity Zone Full Disk Encryption including the supported Operating Systems, the type of disks encrypted, or prerequisites, please refer to this article

See also:

• Troubleshooting Full Disk Encryption on Microsoft Surface devices 
• Enabling Intel PTT on Windows Machines without TPM 

Email Security

Using a simple redirection of MX records and outbound "Smart Host" configuration, Bitdefender Email Security service provides multi-layered, advanced protection for your organization's inbound and outbound email traffic. The Email Security add-on costs $1.80 per device per month. It is billed per mailbox.

Email Security includes the following features:

• Policy Engine is an out of the box system to control email delivery and filter messages through a comprehensive rule builder.
• Connection Rules monitors connection attempts to and from mailboxes.
• Email Authentication supports SPF, DKIM, and DMARC.
• User Synchronization manages Active Directory users and groups.
• Mailbox Synchronization synchronizes Microsoft Azure Active Directory.
• Antispam technologies detect spam and sophisticated targeted phishing attacks.
• Antimalware uses security content and behavior to detect malware.
• Quarantine uses a company-wide policy.
• Safe and Deny Lists configures individual and company-wide lists.
• Executive Tracking List detects users’ real names within the header and envelope address fields to protect against impersonation attacks.
• Disclaimer adds an HTML text disclaimer to outbound emails.
• Reports and Charts provide detailed visibility of mail flow, triggered rules, and taken actions.
• Scheduled Reports link reports to schedules and sends alerts to recipients.

For a more in-depth look at the Email Security add-on, please check this comprehensive user guide from Bitdefender.

See also: 

• How to Configure DKIM (Email Security)
• How to block emails from spoofed senders in GravityZone
• How to block senders based on email header in GravityZone

Exchange Security

Exchange Security provides antispam and antimalware for mail servers, ensuring a secure messaging and collaboration environment with minimal resource consumption. This includes multi-layer protection against spam and phishing to determine whether email messages are spam or threat vectors. The Exchange Security add-on is billed at $1.10 per mailbox. Learn more

Advanced Threat Security

Advanced Threat Security (HyperDetect and Sandbox Analyzer) includes tunable machine learning and cloud. The Advanced Threat Security add-on costs $1.50 per device per month. 

HyperDetect features local machine learning models and advanced heuristics trained to spot hacking tools, exploits, and malware obfuscation techniques to block sophisticated threats before execution. It also detects delivery techniques and sites that host exploit kits and blocks suspicious web traffic. 

The Sandbox Analyser analyzes suspicious files in-depth, detonates payloads in a contained virtual environment hosted by Bitdefender, analyzes their behavior and reports malicious intent.

Relevant Bitdefender troubleshooting articles: 

• Sandbox Analyzer Installation Error Codes 
• Error Codes for Image Management in GravityZone Sandbox Analyzer 
• Sandbox Analyzer LogCollector for Troubleshooting 
• Using Golden Image Tester for GravityZone Sandbox Analyzer 
• Detonation Error Codes in GravityZone Sandbox Analyzer 

Endpoint Detection and Response (EDR)

Endpoint Detection and Response (EDR) looks for anomalies and offers early visibility into advanced attacks, indicators of compromise (IOCs), one-click threat investigation and incident response workflows. The EDR add-on comes at an extra $1.30 per device per month.

You can find the entire list of kernel versions and Linux distributions that support the EDR Sensor here 

Important Note: EDR requires HyperDetect and Sandbox Analyzer (Advanced Threat Security) so these services will be enabled as well. 

When EDR is enabled, Advanced Threat Security will be greyed out and selected by default.