Enterprise Version

About

Hoplite has developed a family of lightweight and powerful plugins that extend the monitoring and protection of Active Network Defense (AND) directly to web browsers. The AND Browser Plugin family delivers real-time protection for endpoints and mobile devices along with forensic-quality event logging and near zero performance impact. This approach for integrating Security Information Event Management (SIEM), compliance monitoring (CMMC and NIST800), real-time threat blocking, and Internet content filtering provides assurance, and holistic protection, no matter the locations of your endpoints.

Threat Protection

The AND Browser Plugins inspect every URL and object loaded in every web page to ensure that no objectionable, or malicious content is accessed on corporate devices. This real-time inspection leverages Hoplite’s Cyber Threat Intelligence platform to identify and block threats before precious data and intellectual property can be exposed.

Internet Content Filtering

Ensuring the corporate Internet Content Access and Filtering policies are enforced with mobile endpoints and Work From Home (WFH) scenarios can be challenging, and costly. We take special care to include data from Hoplite’s AI-driven Internet content categorization models that automatically identify, and block objectionable content from being accessed on corporate devices.

Compliance Monitoring

Among the most difficult challenges facing organizations today is compliance monitoring and assurance of in scope endpoints, and data on devices in an increasingly mobile world. For example, DOD’s Cybersecurity Maturity Model Compliance (CMMC) compliance framework requires 24X7 inspection, monitoring and alerting on all endpoints that store, and process Controlled Unclassified Information (CUI). Hoplite designed the family of AND Browser Plugins to alleviate the technical burdens of meeting stringent compliance requirements.

Compatibility

Hoplite designed the AND Browser Plugins to be compatible with virtually all modern browsers, operating systems and devices. Coupled with convenient deployment options and transparent operation, AND Browser Plugins provide much needed protection for corporate endpoints all over the world.

Event Logging

Investigating potential cyber incidents, insider threats, and ensuring that all endpoint network activities are accounted for is complex. To ease this burden and accelerate investigative tasks, AND Browser Plugins include forensic-quality event logging that provide user, machine, browser, and location-identifiable details for every URL and web page loaded. This data is automatically collected and analyzed by Active Network Defense, and instantly available via your dashboard.

Deployment Flexibility

AND Browser Plugins can be used at home or at work, and can be deployed manually, or as part of Enterprise IT endpoint management policies. With broad support for different operating systems and device types, Hoplite customers have the flexibility to deploy with freedom, and to upgrade at any time.

Prerequisites

Enterprise deployments of the AND Browser Plugin requires an Organization UUID (org uuid) for configuration, preferences, and real-time telemetry to be associated with your company. Please contact Hoplite Support to request your Organization UUID.

Note

Before proceeding, please contact Hoplite Support to request a download link for the Native Messaging Host applications for any browsers your organization intends to use.

Note

Many of the steps discussed within this document require Local and Domain Admin permissions for installation of software components, please ensure you have adequate permissions, and a clear deployment method in mind. Should you have any questions, please contact Hoplite support for guidance.

Installation Guides

Native Message Host

To properly identify each machine, and user to the Active Network Defense Log API, each AND Browser Plugin requires a Native Messaging Host Application, as depicted below.

_images/NativeMessage.png

Native Messaging Host Application Architecture

The Native Messaging Applications are very lightweight, using less than 2MB RAM, and provide the AND Browser Plugins necessary information from the host OS to ensure that organization-wide and user-specific policies are enforced. We recommend installing the latest version of each browser and the corresponding AND Browser Plugins before proceeding with the installation of each native Messaging Host Application as described below. Each Native Messaging Host Application is packaged as a Microsoft Installer (MSI) that can be used for manual and GPO-based installation methods. Local or Domain Admin permissions are required to install the Native Messaging Host Application.

Note

Currently only 64-bit versions of the Windows Native Messaging Host Applications are supported on Windows 8 and later for desktop, and Windows Server 2008 and later. Please contact Hoplite support if your organization requires 32-bit support.

Operating and Maintaining AND Browser Plugins

Once you have deployed the AND Browser Plugins and corresponding Native Messaging Host Applications to your endpoints, analytics and alerts will flow automatically. If you are a Hoplite Managed Services customer, the Hoplite SOC will begin monitoring browser security events, and follow your established Communications Plan to notify your designated contacts about noteworthy incidents. All AND Browser Plugin analytics are available to authorized Active Network Defense users via the ‘Browser Plugin’ default dashboard, or any custom visualizations and dashboards you may create in the future. Please contact Hoplite Support if you have any trouble accessing your analytics.