GravityZone On-Premise

Andrei Rublenco
Senior Technical Trainer

WWW.BITDEFENDER.COM
 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Chapter 1 | Intro
 Chapter 2 | Architecture & Deployment
 Chapter 10 | Quarantine
 Chapter 3 | Dashboard
 Chapter 11 | Reports
 Chapter 4 | B.E.S.T.

Agenda  Chapter 5 | Security Server (SVA)



Chapter 12 | Accounts
Chapter 13 | System Status
 Chapter 6 | Configuration
 Chapter 14 | Sandbox Analyzer
 Chapter 7 | EDR
 Chapter 15 | Security for Mobiles
 Chapter 8 | Network
 Chapter 9 | Policies

2 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 1 – Intro
GravityZone is a business security solution built from ground-up for virtualization and cloud to deliver security services to physical
endpoints, virtual machines in private, public cloud and Exchange mail servers.

3 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

GravityZone

GravityZone is one product with a unified management console available in the cloud, hosted by Bitdefender, or as one virtual
appliance to be installed on company's premises, and it provides a single point for deploying, enforcing and managing security policies
for any number of endpoints and of any type, in any location.

GravityZone delivers multiple layers of security for endpoints and for Microsoft Exchange mail servers: antimalware with behavioral
monitoring, zero day threat protection, application blacklisting and sandboxing, firewall, device control, content control, anti-phishing
and antispam.

4 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Infrastructure
Advanced
Business Enterprise Security for
Business Elite Security Ultra Security
Security Security MSP
Security
EDR - - -  Add-on Add-on

Infrastructure
Endpoint Security Endpoint Security Endpoint Security Endpoint Security Endpoint Security
Endpoint Security Endpoint Security SD
SD HD XDR SD SD
SVE -     

Mobile Security / MDM - On Premise On Premise -  -

Security for Exchange -     Add-on

5 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Infrastructure
Advanced
Business Enterprise Security for
Business Elite Security Ultra Security
Security Security MSP
Security
Technologies
Machine Learning AV      
Anti-exploit -     

Application Control - - On Premise -  -

HyperDetect - -   Add-on Add-on

Sandbox Analyzer -    Add-on Add-on

Centralized Scanning -     Add-on

Patch Management Add-on Add-on Add-on Add-on Add-on Add-on

Full Disk Encryption Add-on Add-on Add-on Add-on Add-on Add-on

HVI - - On Premise - Add-on -

6 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Infrastructure
Advanced
Business Enterprise Security for
Business Elite Security Ultra Security
Security Security MSP
Security
Licensing bundle bundle bundle bundle a la carte a la carte

Data server licensing - - - -  -

Covers desktops,
Covers desktops,
servers and Covers desktops, Each item can be No license key
Covers servers and servers and mobiles
mobiles + servers and purchased needed per
desktops. Servers + Exchange
Exchange Exchange mailboxes. separately and can customer, pay at
Details should account for mailboxes. Servers
mailboxes. Servers Servers should be activated based the end of each
less than 30% of should account for
should account for account for less than on its own license month, based on
total units less than 35% of
less than 35% of 35% of total units. key. usage reports.
total units.
total units.

7 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Licensing a la carte
Enterprise Security

Security for virtualized environments: CPU – For consolidated datacenters

Security for virtualized environments: Per # of VDI and VS – For individual virtual machines
Security for endpoints: Per # of Physical workstations and Physical servers
Security for exchange: Per # of mailboxes
Security for mobile: Per # of devices
Add-ons
AWS integration

8 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 2 – Architecture and deployment

GravityZone can be configured to use multiple virtual appliances and multiple instances of specific roles (Database, Communication
Server, Update Server and Web Console) to ensure reliability and scalability

9 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Primary roles
 Role balancing
 Replica set
 Incidents server
Architecture and  Requirements
deployment  Communications
 Deployment scenarios
 GravityZone and Report builder deployment
 Initial setup

10 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Primary roles
GravityZone on premise solution is delivered as a Linux Ubuntu self-configuring hardened virtual appliance (VA), embedded into a virtual
machine image, easy to install and configure through a CLI (Command Line Interface). The virtual appliance is available in several formats,
compatible with the main virtualization platforms (OVA, XVA, VHD, OVF, RAW).

The GravityZone appliance can run one, several or all of the following roles:

 Database
 Update Server
 Communication Server
 Web Server

A GravityZone deployment requires running at least one instance of each role.

Depending on GravityZone roles distribution, you will run one to multiple GravityZone appliances.

11 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Incidents server
 The Incidents Server is the link between security agents and the database, collecting endpoint data and generating incidents based on
threats detected by prevention technologies and machine learning algorithms
 Can be deployed on both all-in-one and distributed appliances. Use built-in balancer software when installing multiple instances

Note: An additional space of at least 30 GB is needed for the Database, when the Incidents Server role is installed

12 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Role balancing
 Built-in role balancers ensure that the GravityZone deployment protects even the largest corporate networks without causing
slowdowns or bottlenecks.
 Existing load balancing software or hardware can also be used instead of the built-in balancers, if present in the network
 To ensure reliability and scalability, you can install multiple instances of specific roles (Incident Server, Communication Server, Web
Console)
 The built-in Role Balancer role cannot be installed together with other roles on the same GravityZone appliance

13 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Replica set
 This mechanism allows creating multiple database instances across a distributed GravityZone environment, ensuring the database
high-availability in the case of a failure
 Enable Replica Set on the first installed GravityZone appliance. Then, you will be able to add replica set members by installing the
database role to the other GravityZone instances in the same environment.
 GravityZone support an even number of databases (1, 3, 5 or a maximum of 7)

Primary

DATABASE 1

Heartbeat
Secondary DATABASE 2 DATABASE 3 Secondary

14 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

GravityZone Requirements
Delivered as a virtual appliance in the following formats:

Environment Format

VMware vSphere, View, VMware Player OVA

Citrix XenServer, XenDesktop, VDI-in-a-Box XVA
Microsoft Hyper-V VHD
Nutanix Prism VMDK
Red Hat Enterprise Virtualization OVF
Oracle VM OVF
Kernel-based Virtual Machine or KVM RAW

15 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

GravityZone Requirements
Requirements for 5000 Endpoints:
 CPU: 22 vCPU with 2 GHz each
 RAM: 24 GB
 HDD: 320 GB (SSD recommended)
 Internet connection

A full list of hardware and software requirements can be found in the Installation guile, starting from page 19:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

16 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

GravityZone HVI Requirements

Virtualization platform
CPU Microarchitecture
Host Requirements
Free HDD space
Citrix XenServer 7.0 or later
Intel Sandy Bridge processor or later, with support for Intel Virtualization Technology
VT-x or VT-d extensions must be enabled in BIOS
Besides the space required by the Security Server, HVI requires another 9 MB for the Supplemental
Pack on each host

Requirements for 5000 Endpoints:

 CPU: 30 vCPU with 2 GHz each
 RAM: 32 GB
 HDD: 340 GB (SSD recommended)
 Internet connection

17 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Internal network communication

PORT 443
VMware vCenter Server

PORT 443 Web Server PORT Comm. Server

4369/6150

PORT 389 GZ Virtual Appliance GZ Virtual Appliance

Windows Server

PORT 27017

Database Server

GZ Virtual Appliance RabbitMQ Sync Traffic

Database Traffic

18
Management / Integrations Traffic
MARCH 17, 2021
 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

External network communication

 License key validation Bitdefender Cloud
Edge Firewall

Web Server

GZ Virtual Appliance

lv2.bitdefender.com:443

 Updates download
Bitdefender Cloud
Edge Firewall

Local Update Server

GZ Virtual Appliance

upgrade.bitdefender.com:80
download.bitdefender.com:80

19 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Security Server network communication

PORT BD Endpoint Security PORT
7074 Tools 8443

Update Server Comm. Server

PORTS
7081 / 7083
GZ Virtual Appliance (SSL)
GZ Virtual Appliance

PORT PORT
Security Server
7074 8443
Update Traffic
Scanning Traffic

20
Management Traffic (SSL)
MARCH 17, 2021
 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Staging updates Test Environment

PORT BD Endpoint Security

7077 Tools

Update Server

GZ Virtual Appliance

Production Environment

PORT BD Endpoint
7074 Security Tools

21 MARCH 17, 2021

Update Traffic
 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Mobile devices communication

DMZ Internal Network

Update App. 1
Database App. 1
Server

PORT PORT Comm.

8443
Web Server App. 2 App. 2
8443 Server

GZ Virtual Appliance VM VM

Gateway
(External Address)

22 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

GravityZone deployment
 A GravityZone deployment consists of one or several appliances running the server roles.
 The number of appliances depends on various criteria, such as: the size and design of your network infrastructure, or the GravityZone features you will
use.
 Server roles are of three types: GravityZone appliance
Role Type Number of deployments
 Basic roles
 Auxiliary Database Basic (Required) At least 1, otherwise 3, 5, 7 for Replica Set
 Optional
Update server Basic (Required) No more than 1
Communication Server Basic (Required) At least 1
Web Server Basic (Required) At least 1
Roles balancer Optional No more than 1
Incidents Server Optional No more than 1

Step by step instructions on how to deploy GravityZone can be found in the manual, starting from page 55:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_InstallationGuide_7_enUS.pdf

23 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Report builder deployment

 Report Builder allows you to create and manage queries and detailed query-based reports in GravityZone.
 The Report Builder roles require to run on separate instances of the GravityZone Virtual Appliance:
 Report Builder Database
 Report Builder Processors

Step by step instructions on how to deploy the Report builder can be found in the manual, starting from page 172:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Installation
Guide_7_enUS.pdf

24 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Cluster

Communication Web Server

Database Update Server
Server

GZ VA GZ VA GZ VA GZ VA

25 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Load balancer

Web Server 1 Update Server Web Server 2

Database Comm. Srv. 1 Comm. Srv. 2 Comm. Srv. 3 Load Balancer

GravityZone Virtual Appliance GZ VA GZ VA GZ VA

26 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Staging

Web Server App. 1

Communication
Database Update Server App. 2
Server

GravityZone Virtual Appliance GZ VA VM

27 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Multiple hosts

Web Server 1 Update Server

Database Comm. Srv. 1 Comm. Srv. 2 Load Balancer Comm. Srv. 3 Web Server 2

GravityZone Virtual Appliance GZ VA GZ VA GZ VA GZ VA

28 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Replica set

Web Server 1 Update Server Database 2 Web Server 2

Database 1 Comm. Srv. 1 Comm. Srv. 2 Load Balancer Comm. Srv. 3 Database 3

GravityZone Virtual Appliance GZ VA GZ VA GZ VA GZ VA

29 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Deployment scenario – Report builder

Control Center Report Builder Report Builder

Server Role(s) Database Processors

GZ VA RB VA RB VA

30 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Initial setup
 Using a web browser, access the Control Center web interface by
connecting to the IP address / hostname of the appliance with
the Web Console role installed
 https://<IP/Hostname>
 Provide a valid license key (purchased or trial) in order to
continue to the next step
 Enter the company details and create your administrator account

31 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Initial setup
 Once the above steps have been completed, you will be greeted with the Essential tips screen.

32 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Appliance install
Demo  Initial setup

33 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 3 – Dashboard
The Control Center dashboard is a customizable visual display providing a quick security overview of all protected endpoints and
network status

34 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Overview
 Welcome
Dashboard
 Portlets
 Notifications

35 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Overview
The Control Center dashboard is a customizable visual display providing a quick security overview of all protected endpoints and network status. Use the View
Menu button at the upper-left corner to collapse to icon view, hide, or expand the menu options. You can access the following menu options:
 Dashboard View
 Incidents
 Network View
 Policies
 Reports
 Quarantine
 Accounts
 System Status
 Sandbox Analyzer
 Configuration

36 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Welcome
By clicking your username in the upper-right corner of the console, the following options are available:
 My Account – Manage your user account details and preferences.
 Credentials Manager – Manage the authentication credentials required for remote installation tasks.
 Help & Support – Find help and support information.
 Feedback – Display a form allowing you to edit and send your feedback messages regarding your experience with GravityZone.
 Logout

37 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Portlets
Dashboard portlets display various real-time security information using easy-to-read charts, thus allowing you to quickly identify any
issues that might require your attention
 Control Center comes with several predefined dashboard portlets
 Each dashboard portlet includes a detailed report in the background, accessible with just one click on the chart
 There are several types of portlets that include various information about your endpoint protection, such as update status, malware
status, firewall activity.
 You can: refresh, edit, add, rearrange and remove portlets

38 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Notifications
Depending on the events that might occur throughout your network, Control Center will show various notifications to inform you of the
security status of your environment.
There are multiple notification types, for example:
 Malware Outbreak
 License Expires
 Firewall event
 Sandbox Analyzer Detection

39 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Dashboard
 Welcome tab
Demo  Portlets
 Notifications

40 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 4 – BEST
GravityZone ensures Windows and Linux physical and virtual machines protection with Bitdefender Endpoint Security Tools, an
intelligent environment-aware security agent which adapts to the endpoint type

41 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Overview
 Requirements
BEST  Relay
 Exchange
 Configure packages and Install

42 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Overview
BEST can be deployed on any machine, either virtual or physical, providing a flexible scanning system, being an ideal choice for
mixed environments (physical, virtual and cloud). BEST uses one single policy template for physical and virtual machines, and one
installation kit source for any environment (physical or virtual) running current Windows editions. A separate kit installs on
legacy Windows editions.

43 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Layers
Protection layers:
 Antimalware
 Advanced Threat Control
 HyperDetect
 Advanced Anti-Exploit
 Firewall
 Content Control
 Network Attack Defense
 Patch Management
 Device Control
 Full Disk Encryption
 Security for Exchange
 Application Control
 Sandbox Analyzer
 HVI
 EDR
 Security for storage
 Security for mobile

44 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Roles
Endpoint Roles:
 Power User
 Relay
 Patch Caching Server
 Exchange Protection

45 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Scanning engines
The scanning engines are automatically set during Bitdefender Endpoint Security Tools packages creation, letting the endpoint agent detect the
machine's configuration and adapt the scanning technology accordingly (the engines can also be manually configure based on the users
preference):

Local Scan Hybrid Scan Central Scan

 Local Scan – scanning is performed on the local endpoint. The Local Scanning mode is suited for powerful machines, having all signatures
and engines stored locally.
 Hybrid Scan with Light Engines – medium footprint and uses in-the-cloud scanning and, partially, the local signatures. This scanning mode
brings the benefit of better resources consumption, while involving off-premise scanning.
 Central Scan – small footprint and requires a Security Server for scanning. In this case, no signature set is stored locally, and the scanning
is offloaded on the Security Server.

46 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Requirements
 Software and Hardware requirements
A full list of hardware and software requirements, can be found in the GravityZone Installation guide (starting from page 23), which
is located either in the GravityZone console (Help and Support) or by visiting the below link:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf
 Communication Ports
A full list of ports can be found in the below link
https://www.bitdefender.com/support/gravityzone-communication-ports-1132.html
 Security for Exchange
Security for Exchange supports Microsoft Exchange:
 Exchange 2007, 2010 – Edge Transport, Hub Transport or Mailbox role
 Exchange 2013, 2016, 2019 – Edge Transport or Mailbox role

47 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Relay
Endpoint agents with BEST Relay role serve as communication proxy and update servers for other endpoints in the network. They are
especially required in organizations with isolated networks, where all traffic is made through a single access point. Bitdefender
Endpoint Security Tools Relay agents serve for the following purposes:
 Discovering all unprotected endpoints in the network – This functionality is essential for the security agent deployment in a cloud
GravityZone environment
 Deploying the endpoint agent inside the local network
 Updating protected endpoints in the network
 Ensuring the communication between Control Center and connected endpoints
 Acting as proxy server for protected endpoints
 Optimizing the network traffic during updates, deployments, scanning and other resource-consuming tasks.
 Patch Caching Server – With this role enabled, Relays serve for storing software patches downloaded from vendor's websites, and
distributing them to target endpoints in your network

48 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Exchange
Bitdefender Security for Exchange provides antimalware, antispam, antiphishing, attachment and content filtering seamlessly
integrated with the Microsoft Exchange Server, to ensure a secure messaging and collaboration environment and increase productivity.
It protects the Exchange users against the latest, most sophisticated malware, and against attempts to steal users' confidential and
valuable data.
Filters all Exchange email traffic – incoming, outgoing and internal, regardless of the protocol or mail client used to send emails:
 Desktop clients using MAPI or POP3/SMTP (Microsoft as well as other popular mail client software)
 Mobile clients using Exchange ActiveSync
 Web access via Outlook Web App (OWA)
 Mobile access via Outlook Web App (OWA)
Additionally, allows scanning the Exchange mailbox and public folder databases for malware, by using Exchange Web Services API
from Microsoft.

49 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Configure packages
Each installation package will be visible in Control Center only for the partner that has created the package and for the user accounts
under the company linked to the installation package.
 Connect and log in to Control Center
 Go to the Network > Packages page
 Click the Add button at the upper side of the table
 A configuration window will appear
 Go though the options and Save in order to complete the task.

Complete configuration steps can be found in the Installation guide, starting from page 131:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

50 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Local install
One way to install the security agent on an endpoint is to locally run an installation package. Create and manage installation
packages in the Network > Packages page
To locally install the security agent on an endpoint:
 Create an installation package according to your needs.
 Download the installation package on the target endpoint.
 Run the installation package on the target endpoint

Complete local install steps can be found in the Installation guide, starting from page 130:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

51 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Remote install
For remote installation to work:
 Bitdefender Endpoint Security Tools Relay must be installed in your network.
 On Windows:
 The admin$ administrative share must be enabled on each target
 Configure User Account Control (UAC) depending on the operating system running on the target endpoints.
 Disable Windows Firewall or configure it to allow traffic through File and Printer Sharing protocol
 On Linux: SSH must be enabled.
 On macOS: remote login and file sharing must be enabled

52 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Remote install
To run a remote installation task:
 Connect and log in to Control Center.
 Go to the Network page
 Select the desired group from the left-side pane.
 Select the entities (endpoints or groups of endpoints) on which you want to install protection
 Click the Tasks button at the upper side of the table and choose Install. The Install Client wizard is displayed

Complete remote install steps can be found in the Installation guide, starting from page 51:
https://download.bitdefender.com/SMB/Cloud/GravityZone/en_US/Bitdefender_GravityZone_InstallationGuide_11_enUS.pdf

53 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 5 – Security Server (SVA)

The Security Server is a dedicated virtual machine that deduplicates and centralizes most of the antimalware functionality of
antimalware agents, acting as a scan server

54 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 How does it work?

 Requirements
Security Server  Download
 Local install
 Remote deployment
 HVI Supplemental pack

55 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Scanning
Security Server

An item subjected to a security server scan, follows the below AV Core AV Core
process:
Scan Process Scan Process
 The local cache is first queried
 If a corresponding entry does not exist in the local cache, the
response cache (global cache) is queried Engine Scan Plugin

 If a corresponding entry does not exist in the response cache, Response Cache Plugin
the object is subjected to scanning
Scan Manager
 File chunks, capable of containing malicious code, sent for
scanning to Security Server

TCP / IP
 A response that is the result of scanning is used to populate
the response cache and local cache. A response that results
from querying the response cache is used to populate the BEST
local cache
Local Cache

Scan Client

56 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Requirements
The memory and CPU resource allocation for the Security Server depends on the number and type of VMs running on the host. The
following table lists the recommended resources to be allocated:

Number of protected
RAM (HVI) CPUs (HVI)
VM’s
1-50 2 GB (6 GB) 2 (4)
51-100 2 GB (8 GB) 4 (6)
101-200 4 GB (16 GB) 6 (8)

Complete software and hardware requirements can be found in the Installation guide, starting from page 37:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

57 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Download
To download Security Server installation packages:
 Go to the Network > Packages page.
 Select the Default Security Server Package
 Click the Download button at the upper side of the table and choose the package type from the menu
 Save the selected package to the desired location

58 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Local install
In all virtualized environments that are not integrated with Control Center, you must install Security Server on hosts manually, using
an installation package. Once the installation package is downloaded, deploy it to the host using a preferred virtual machine
deployment tool. After deployment, set up the Security Server as follows:
 Access the appliance console from your virtualization management tool, alternatively, you can connect to the appliance via SSH
 Log in using the default credentials
 User name: root
 Password: sve
 Run the sva-setup command. You will access the appliance configuration interface.
Complete deployment steps can be found in the Installation guide, starting from page 121:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

59 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Remote deployment
Control Center allows you to remotely install Security Server on visible hosts by using installation tasks:
 Go to the Network > Virtual Machines
 Browse the VMware, Citrix or Nutanix inventory and select the check boxes corresponding to the desired hosts or containers
 Click on Tasks > Install Security Server
 Follow the next steps in order to complete the installation

Complete deployment steps can be found in the Installation guide, starting from page 124:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

60 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

HVI Supplemental Pack

The HVI pack ensures the link between the hypervisor and the Security Server on that host. This way, the Security Server is able to
monitor the memory in use on the based on the GravityZone security policies:
 Go to the Network > Virtual Machines
host it is installed, Select one or more Xen hosts from network inventory
 Click the Tasks and choose Install HVI Supplemental Pack. The installation window opens

Complete deployment steps can be found in the Installation guide, starting from page 163:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

61 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 How to create and configure an installation package

 BEST Manual installation
Demo  BEST Remote installation
 BEST Client / Power User
 SVA and HVI Supplemental pack Install and Configure

62 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 6 – Configuration
GravityZone offers a variety of configuration settings which enables you to integrate with various virtualization platforms,
configure how to handle automatic downloads, integrate with Active Directory, etc.

63 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Configuration
Configuration  Updates
 License

64 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Mail Server
Control Center requires an external mail server to send email communications.

65 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Miscellaneous
From the Configuration page > Miscellaneous tab you can configure the following general preferences:
 Installation and deployment settings
 2FA
 NTP server settings
 Enable Syslog
 Telemetry
 Mobile push notifications check

66 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Proxy
If your company connects to the Internet through a proxy server, you must configure the proxy settings, with or without authentication

67 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Backup
To make sure all your Control Center data are safe, you may want to backup the GravityZone database
 Create a backup on the spot or schedule periodic backups to run automatically at a specified time interval
 Each database backup command creates a tgz file in the location specified in the backup settings
 For backup restore, check the provided link

68 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Active directory
 Through AD integration, you are able to import into Control Center the existing inventory from Active Directory on premise and
from AD hosted in Microsoft Azure, simplifying security deployment, management, monitoring and reporting.
 Active Directory users can be assigned different user roles in Control
 With access permissions you can grant GravityZone Control Center access to Active Directory (AD) users, based on access rules

69 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Virtualization providers
GravityZone can currently integrate with:
 vCenter Server (vShield and NSX optional)
 XenServer
 Nutanix Prism Element
 Amazon EC2
 Microsoft Azure
 NSX-T

More details on each integration can be found in the Install guide, starting from page 81:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Install
ationGuide_7_enUS.pdf

70 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

NTSA
Within this section you can configure the integration with Bitdefender Network Traffic Security Analytics, an enterprise security solution that
accurately detects breaches and provides insights into advanced attacks by analyzing network traffic

More details on the integration can be found in the Install guide, starting from page 92:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_InstallationGuid
e_7_enUS.pdf

71 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Certificates
For your GravityZone deployment to operate correctly and in a secure manner, you must create and add a number of security certificates in Control
Center.
 Certificates can be signed by your company (self-signed) or by an external Certificate Authority (CA)
 Supported formats:
 PEM (.pem, .crt, .cer, .key)
 DER (.der, .cer)
 PKCS#7 (.p7b, .p7c)
 PKCS#12 (.p12, .pfx)

Full details can be found in the Install guide, starting from page 93:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_InstallationGuide_7_enUS
.pdf

72 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Certificates
Advanced
Business Security Business / Elite Security
Ultra Security
Control Center Security Identify the Control Center web console as a trusted website in the web browser.
Ensures a secure communication between the security agents and the Security Server (Multi-Platform)
Endpoint - Security Server Communication
they have assigned
Communication Server Needed to secure communication between the Communication Server and iOS mobile devices
Required to ensure secure communication between the Communication Server and the Apple Push
Apple MDM Push
Notifications service (APNs) servers when sending push notifications
Used by the Communication Server to sign identity certificates and configuration profiles sent to
iOS MDM Identity and Profile Signing
mobile devices
Needed to ensure that iOS mobile devices trust the Communication Server certificate and the iOS MDM
iOS MDM Trust Chain
Identity and Profile Signing certificate

Incident Server Required for managing security on Apple iOS devices

73 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Network inventory settings

Under the Network Inventory settings section, the following options are available:
 Save Network Inventory filters
 Remember last browsed location in Network Inventory until I log out
 Avoid duplicates of cloned endpoints

74 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Offline machines cleanup

Under the Offline machines cleanup section, you can configure scheduled rules for automatic deletion of unused virtual machines from
the Network Inventory.
 Adding a rule:
 Enter a rule name
 Select an hour for everyday cleanup
 Define cleanup criteria (offline for * many days, name, company)
 Network tree where you want to apply the rule
 The Network Settings > Offline machines cleanup section allows you to view and manage all the rules you have created.

75 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Security Server Settings

 Security Servers use their caching mechanism to deduplicate antimalware scanning, optimizing this process. One step further with
scanning optimization is to share this cache with other Security Servers.
 Cache sharing works only between Security Servers of the same type. For example, a Security Server Multi-Platform will share its
cache only with another Security Server Multi-Platform and not with a Security Server for NSX.

76 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Repository
 The Repository details tab is available only for endpoints with relay role and displays information about the security agent
updates and security content.
 The tab includes details about the product and signatures versions stored on the relay and the ones available in the official
repository, update rings, the date and time of the update and last check for new versions.

77 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Update – Roles
Under the GravityZone roles, check the current GravityZone version and also update the GravityZone appliances (if an update is
available)

78 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Update – Components
 View information about the existing GravityZone component packages under the Components tab
 Download installation packages you plan to install in your network or update existing packages

Example:
 If you plan to protect a VMware virtualization environment with vShield, you should download the Security Server
(VMware with vShield) package.
 If you plan to protect a Citrix Xen virtualization environment, download the Security Server (Citrix XenServer) package.

79 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Update – Staging
Staging enables you to test newer kits or product updates in an enclosed and controlled environment before publishing them in your
network. The staging environment should mirror production as closely as possible for the purposes of testing
To set up the staging environment and test the latest updates you must:
 Enable staging and define the update server settings
 Define a staging policy for the testing endpoints.
 Install the packages on the testing endpoint
 Assign the staging policy to the testing endpoints
 Update the testing endpoints to the latest version and test the update in the staging environment
 Run a second test before updating all the endpoints from production. You can first test the update on the non-critical endpoints.

80 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Licensing
 You will only license the GravityZone Security Services but not the Control Center or the GravityZone appliances
 If the GravityZone appliance does not have internet access an offline registration is required
 The offline registration code associated to the purchased license key will be provided by the Bitdefender support
department with special approval from PM team

81 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Demo  GravityZone configuration

82 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 7 – EDR
Endpoint Detection and Response is an event correlation component, capable of identifying advanced threats or in-progress attacks.
As part of our comprehensive and integrated Endpoint Protection Platform, EDR brings together device intelligence across your
enterprise network

83 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Incidents
 Security Event Nodes
 Graph
 Events
EDR / Incidents  Filters and Navigator
 Node Details
 Blocklist
 Search
 Exclusion Rules

84 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Incidents
As part of EDR security service, the Incidents section helps you filter, investigate and take actions on all security events detected by
EDR Sensor over a specific time.
The Incidents section contains the following pages:
 Incidents: allows viewing and investigating security events.
 Blocklist: manages blocked files involved in security events.
 Search: provides options for querying the security events database.

85 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Security event nodes

Each node represents a specific element involved in the investigated incident.
 All nodes that make the critical path are shown by default in detail when you open the incident, while the other elements are faded out, to
avoid cluttering the view.
 Clicking a node will display the following details:
 It will highlight in blue the path to the endpoint node along with all the other involved elements
 A side panel with expandable sections that provide detailed information of the selected node, alerts in case detections are
triggered, available actions and recommendations. Refer to “Node Details”(p. 269) for more information
 Nodes are linked by arrow-lines indicating the course of actions that occurred on the endpoint during the incident. Each line is labeled with
the action name and its chronological number

More details regarding the Security nodes can be found in the manual starting from page 278:
https://download.bitdefender.com/SMB/Cloud/GravityZone/en_US/Bitdefender_GravityZone_PartnersGuide_1_enUS.pdf

86 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Events
The Events tab displays filterable detected system events and alerts, and their corresponding event descriptions.

87 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Graph
The Critical Path is the sequence of linked security events
that have led up to setting off an alert, starting from the
point of entry in the network down to the event node that
triggered the incident. The critical path of the incident is
highlighted by default in the graph, along with all consisting
event nodes on it, while the other elements are grayed out.

88 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Filters and navigator

The Filters menu provides you with enhanced filtering you want to see and navigate around the graph.
capabilities, allowing full manipulation of the incident
graphic, by highlighting the elements based either on their
type or relevance, or by hiding them to make the incident
more compact and easier to analyze.

The Navigator allow you to choose the amount of details that

89 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Node details
The Node Details panel includes expandable sections with
detailed information of the selected node, including
preventive or remediation actions you can take to mitigate
the incident, details on the type of detection and alerts
detected on the node, network presence, process execution
details, additional recommendations to manage the security
event, or actions to further investigate the element.

90 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Blocklist
In the Blocklist page you can view and manage items by their hash values. View activity records in User Activity Log.

Add hash values to the existing Blocklist: Import hash records to the existing Blocklist. To import a
CSV file:
 Copy the hash value from File Info
 Click Import CSV
 Choose from MD5 or SHA256 and paste the value in the
box below. Add a note if required.  Browse for your CSV file and click Save.
 Click Save.

91 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Search
The Search page allows you to go through past events based on complex criteria. To view the events you are interested in, you must build
queries using the query language available in GravityZone.

More info regarding the query language can be found in the partner’s guide starting at page 298:
https://download.bitdefender.com/SMB/Cloud/GravityZone/en_US/Bitdefender_GravityZone_PartnersGuide_1_enUS.pdf

92 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Exclusion Rules
Create custom rules to exclude all EDR-triggered incidents that you consider as false positive, based on your environment setup. EDR
events storage now spans on three time intervals: 30, 90, and 180 days.
The storage capacity for your events has remained the same

93 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Demo  EDR Threat readthrough

94 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 8 – Network
The Network page provides several features for exploring and managing the available endpoints

95 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Tasks
 Patch Inventory
Network  Packages
 Tasks

96 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Tasks
From the Network page you can view the entirety of you environment, including integrations AD as well as remotely run a number of
administrative tasks on endpoints:
 Scan
 Patch Tasks
 Exchange Scan
 Install

97 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Patch Inventory
 Patch Inventory is part of the Patch Management add-on and includes all patches for the software installed on the endpoints
 GravityZone discovers the patches the software needs through Patch Scan tasks and then adds it to the inventory
 The settings for each endpoint can be configured from the policy that is currently active on them.

98 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Application Inventory
 Application Inventory shows all of the applications installed on endpoints that have the Application Control module installed and
enabled

99 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Application Inventory
 The applications are grouped per categories
 Uncertain applications and processes are stacked in the Ungrouped Applications and Ungrouped Processes folders
 Custom folders can be created

10 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Packages
 Lists the default and custom installation packages for Endpoint Security Tools and Security Server.
 Allows you to create custom installation packages according to your security requirements.
 The Add option allows the user to create the packages with specific modules, roles and settings
 The Download option allows the user to download the packages locally (Windows, Linux, MAC)

101 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Tasks
The Network > Tasks page allows you to view and manage all the tasks you have created. Once a task has been created for one of
several network objects, you can view it in the tasks table.
You can do the following from the Network > Tasks page:
 Check the task status
 View task reports
 Restart tasks
 Stop Exchange scan tasks
 Delete tasks

102 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 9 – Policies
Bitdefender protection can be configured and managed from Control Center using security policies. A policy specifies the security
settings to be applied on computers.

103 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Overview
Policies  Assignment rules
 Computer and Virtual Machines Policies

104 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Overview
Bitdefender protection can be configured and managed from Control Center using security policies.
 A policy specifies the security settings to be applied on target network inventory objects (computers, virtual machines or mobile
devices).
 After installation, network inventory objects are assigned the default policy, which is preconfigured with the recommended
protection settings.
 Policies can inherit several modules settings from other policies
 You can configure policy assignment to endpoints so that a policy based on location. Therefore, an endpoint can have multiple
policies assigned to it but only one active policy at one time
 You can assign a policy to individual endpoints or to groups of endpoints
 The policy applies only to the installed protection modules

You cannot modify or delete the default policy. You can only use it as a template for creating new policies.

105 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Assignment rules
The Policies > Assignment Rules page enables you to define assignment rules for policies, for a specific location. For example, you can
apply more restrictive firewall rules if the user connects to the internet from outside the company or you can define different
frequencies for on-demand tasks when outside the company.

Assignment Options Description Priority

IP, Gateway Address, WINS Server Address, DNS Server Address, DHCP connection DNS
Location 1 or 2
Rule based suffix, Endpoint can resolve host, Endpoint can connect to GravityZone, Network type
User Active directory users 1 or 2
Device based Directly Assigned directly to endpoints or groups of endpoints 3

106 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Computer and virtual machines policies

Policy settings can be initially configured when creating the policy. Later on, you can change them as needed anytime you want. To configure the settings of a policy:
 Go to the Policies page
 Click the policy name. This will open the policy settings page
 Configure the policy settings as needed. Settings are organized under the following sections
 General
 HVI
 Antimalware
 Sandbox Analyzer
 Firewall
 Network Protection
 Patch Management
 Application Control
 Device Control
 Exchange Protection
 Encryption
Navigate through sections using the menu on the left-side of the page
 Click Save to save changes and apply them to the target computers. To leave the policy page without saving changes, click Cancel.

107 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

General
General settings help you manage user interface display options, password protection, proxy settings, power user settings,
communication options and update preferences for the target endpoints.
The settings are organized into the following sections:
 Details
 Notifications
 Settings
 Communication
 Update

108 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

HVI
HVI includes two protection modules organized in the related categories.
 User Space, addressing normal processes of the user applications.
 Kernel Space, addressing processes reserved to the core of the operating system
Additionally, the HVI policy includes two features to help you manage security and maintain the protected virtual machines
 Exclusions, for viewing and managing processes excepted from scanning
 Custom Tools, for injecting tools that are necessary in operational and forensics activities, inside the guest operating systems.

109 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Antimalware
The Antimalware module protects the system against all kinds of malware threats (viruses, Trojans, spyware, rootkits, adware and so
on). The protection is divided in two categories:
 On-access scanning: prevents new malware threats from entering the system.
 On-execute scanning: proactively protects against threats, and automatically discovers and blocks fileless attacks at pre-execution.
 On-demand scanning: allows detecting and removing malware already residing in the system.
The settings are organized into the following sections:
 On-Access, On-Execute, On-Demand, HyperDetect, Advanced Anti-Exploit, Settings and Security Servers

Note: This module is available for: Windows workstations and servers (modern and legacy versions), Linux and macOS

110 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Sandbox analyzer
 Sandbox Analyzer provides a powerful layer of
protection against advanced threats by performing
automatic, in-depth analysis of suspicious files which are
not yet signed by Bitdefender antimalware engines
 Bitdefender Endpoint Security Tools can act as a feeding
sensor for Sandbox Analyzer from Windows endpoints.

Note: This module is available for Windows workstations

and servers (modern versions)

111 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Firewall
 The Firewall protects the endpoint from inbound and outbound unauthorized connection attempts.
 The Firewall's functionality relies on network profiles. The profiles are based on trust levels, which have to be defined for each
network.
 The Firewall detects each new connection, compares the adapter information for that connection with the information from the
existing profiles and applies the correct profile
The settings are organized into the following sections:
 General
 Settings
 Rules

Note: This module is available for Windows workstations (modern versions)

112 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Network protection
Use the Network Protection section to configure your preferences regarding:
 Content filtering
 Data protection for user activity including web browsing,
 Email and software applications, and
 Detection of network attack techniques that try to gain access on specific endpoints.
You can restrict or allow web access and application usage, configure traffic scan, antiphishing and data protection rules. The settings are organized into
the following sections:
 General
 Content Control
 Web Protection
 Network Attacks

Note: The Content Control is available for Windows workstations (modern versions) and macOS starting with OS X 10.11
Note: The Network Attack Defense module is available for Windows workstations (modern versions)

113 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Patch Management
 The Patch Management module automatically distributes and installs patches for a vast variety of products.
 This policy section contains the settings for automatic patch deployment.
 First you will configure how patches are downloaded to the endpoints, and then which patches to install and when.
 An endpoint requests a patch from the assigned servers in order of priority. The endpoint downloads the patch from the server
where it finds it first. A server that lacks a requested patch will automatically download it from the vendor, to make it available
for future requests
 GravityZone deletes from the list patches that are no longer available, although they are present on some
endpoints

114 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Device Control
The Device Control module allows preventing the sensitive data leakage and malware infections via external devices attached to
endpoints, by applying blocking rules and exclusions via policy to a vast range of device types.
To use the Device Control module, it needs to be included in the security agent installed on target endpoints, then enabled in the policy
applied to these endpoints.
After that, each time a device is connected to a managed endpoint, the security agent will send information regarding this event to
Control Center, including the device name, class, ID and the connection date and time.

This module is available for:

 Windows for workstations (modern versions)
 Windows for servers (modern versions)
 macOS starting with OS X El Capitan (10.11)

115 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Application Control
 Test Mode – applications are not blocked. Reports will show applications that normally would have been blocked.
 Create rules to block or whitelist specific applications.

116 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Relay
This section allows you to define communication and update settings for target endpoints assigned with relay role.
The settings are organized into the following sections
 Communication
 Update

Note: This module is available for Windows workstations and servers (modern versions) and Linux

117 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Exchange protection
Security for Exchange comes with highly configurable settings, securing the Microsoft Exchange Servers against threats such as malware, spam and
phishing. With Exchange Protection installed on your mail server, you can also filter emails containing attachments or content considered dangerous
according to your company's security policies.
To keep the server's performance at normal levels, the email traffic is processed by the Security for Exchange filters in the following order:
 Antispam filtering
 Content Control > Content filtering
 Content Control > Attachment filtering
 Antimalware filtering
The Security for Exchange settings are organized into the following sections:
 General
 Antimalware
 Antispam
 Content Control

118 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Encryption
The Encryption module manages full disk encryption on
endpoints by leveraging BitLocker on Windows and FileVault
and the diskutil command-line utility on macOS, respectively.
The Encryption module operates the following solutions:
boot volumes.
 BitLocker version 1.2 and later, on Windows endpoints
without a TPM, for boot and non-boot volumes.
 FileVault on macOS endpoints, for boot volumes.
 diskutil on macOS endpoints, for non-boot volumes.
Note: This module is available for Windows workstations
and servers (modern versions) and macOS

 BitLocker version 1.2 and later, on Windows endpoints

with a Trusted Platform Module (TPM), for boot and non-

119 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

EDR Sensor
Continuously monitors endpoint activity such as running processes, network connections or registry changes. This metadata is
collected, reported and processed by Security Analytics servers. At this stage, learning algorithms detect suspicious files and
processes running on the system, generating notifications from these incidents

120 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Storage protection
Security Servers can be configured as scanning service for
network-attached storage (NAS) devices and file-sharing
solutions compliant with Internet Content Adaptation
Protocol (ICAP).
Supported file-sharing systems:
 Nutanix AFS
 Citrix FileShare

Exclusions can be defined:

 By hash – you identify the excluded file by SHA-256
hash.
 By wildcard – you identify the excluded file by path.

121 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

NSX
In this section you can establish the policy to be used as a security profile in NSX.
To do so:
 Select the NSX check box to set its visibility also in vSphere Web Client. 2.
 Enter the name under which you will be able to identify the policy in NSX. This name may be different from the policy name in
GravityZone Control Center. In vSphere it will appear preceded by the Bitdefender_ prefix. Choose this name wisely as it will
become read-only after the policy is saved.

122 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Describe every policy feature, setting and checkmark

Demo  Assignment rules

123 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 10 – Quarantine
The quarantine is an encrypted folder that contains potentially malicious files, such as malware-suspected, malware-infected or
other unwanted files. When a virus or other form of malware is in quarantine, it cannot do any harm because it cannot be executed
or read.

124 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Features
 Computer and Virtual Machines Quarantine
Quarantine  Centralized Quarantine
 Exchange Quarantine

125 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Features
The Quarantine page provides detailed information regarding the quarantined files from all endpoints you manage. The Quarantine
page consists of two views:
 Computers and Virtual Machines, for files detected directly in the endpoints file system
 Exchange Servers, for emails and files attached to emails, detected on the Exchange mail servers.

In the GravityZone Control Center, you can View, Manage and Restore quarantined files or emails.
Quarantined files are scanned after each malware signature update. In addition, cleaned files are automatically moved back to their
original location.

126 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Computers and Virtual Machines

 The quarantine for both Computers and Virtual Machines is stored locally.
 View information such as: Name, IP, Timestamp
 Restore quarantined files, either to their original location or to an alternate location.
 Manual deletion of quarantined files
 By default, quarantined files older than 30 days are automatically deleted

127 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Computers and Virtual Machines

 Centralized Quarantine (policy option) sends an archived copy of each local quarantined file to a network share.
 After enabling this option, each quarantined file from the managed endpoints is copied and packed in a password-protected ZIP
archive to the specified network location. The archive name is the hash of the quarantined file.

128 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Exchange
 The Exchange quarantine contains emails and attachments. The Antimalware module quarantines email attachments, where as
Antispam, Content and Attachment Filtering quarantine the whole email.
 Emails and files quarantined by the Exchange Protection module are stored locally on the server as encrypted files.
 If a quarantined email does not represent a threat, it can be released from the quarantine. Using Exchange Web Services,
Exchange Protection sends the quarantined email to its intended recipients as an attachment to a Bitdefender notification email.
 Bitdefender Endpoint Security Tools decrypts the files and saves them to the specified location on the Exchange Server

129 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 11 – Reports
Control Center allows you to create and view centralized reports on the security status of the managed network objects

130 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Features
 Report Types
Reports  Managing Reports
 Report Builder

131 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Features
The reports can be used for multiple purposes, such as:
 Monitoring and ensuring compliance with the organization's security policies
 Checking and assessing the network security status
 Identifying network security issues, threats and vulnerabilities
 Monitoring security incidents and malware activity
 Providing upper management with easy-to-interpret data on network security

132 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Types
Different report types are available for each endpoint type:
 Computer and Virtual Machine Reports
 Antiphishing Activity
 Blocked Applications
 Blocked Websites
 Other
 Exchange Reports
 Exchange - Blocked Content and Attachments
 Exchange - Email Scan Activity
 Exchange - Monthly License Usage
 Exchange - Malware Activity
 Other

133 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Manage
To view and manage scheduled reports, go to the Reports page.
 Creating
 Instant
 Scheduled
 View – Only scheduled reports
 Edit, Delete, Save
 Export – PDF, CSV
 Download
 Email

134 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Report builder
 In Control Center, you can create and manage queries to obtain detailed reports that allow you to understand any event or change
that occurred in your network, at any time.
 Queries provide you the possibility to investigate a security issue using various criteria, while keeping the information concise and
well-ordered.
 With filters, you can group the endpoints by certain criteria and select relevant data for your purpose

More details on how to create and manage queries, can be found in the Admin guider, starting at page 413:
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Admini
stratorsGuide_7_enUS.pdf

135 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 12 – Accounts
You can set up and manage GravityZone from Control Center, using the account received after subscribing to the service.

136 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Features
 User Roles
Accounts  User Rights
 User Activity

137 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Features
You can create a custom user or add a user from Active Directory
 When adding a user from AD, user details are imported from AD and synchronized regularly
 Users log in to Control Center using AD user password
What you need to know about GravityZone user accounts:
 For each user account, you can customize the access to GravityZone features, to certain companies or to specific parts of the
network it belongs to
 You can only manage accounts with equal or fewer privileges than your account.
 Existing accounts are displayed in the table. For each user account, you can view
 Account username
 E-mail address used to log into the console
 User Role
 2FA

138 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Roles
The following user roles are available:
 Company Administrator – Suited for managers of customer companies that have purchased a GravityZone license from a partner
 Network Administrator – Several accounts with Network Administrator role can be created for each subordinate company, with
administrative privileges over one or several companies' entire security agents deployment or over a specific group of endpoints,
including user management
 Security Analyst – Security Analyst accounts are read-only accounts
 Custom – Predefined user roles include a certain combination of user rights

139 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Rights
The following user rights can be assigned to GravityZone user accounts:
 Manage Users – Create, edit or delete user accounts
 Manage Company – Manage the GravityZone license key and edit company profile settings.
 Manage Networks – Provides administrative privileges over the network security settings (network inventory, policies, tasks,
installation packages, quarantine)
 View and analyze data – View security-related events and logs, manage reports and the dashboard

140 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Activity
Control Center logs all the operations and actions performed by users. The user activity list includes the following events, according to
your administrative permission level::
 Logging in and logging out
 Creating, editing, renaming and deleting reports Creating, editing, and deleting credentials
 Creating, modifying, downloading and deleting network packages
 Creating network tasks
 Creating, editing, renaming and deleting user accounts
 Deleting or moving endpoints between groups
 Deleting and restoring quarantined files
 Creating, editing and deleting user accounts
 Creating, editing, renaming, assigning and deleting policies

141 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 13 – System status

The System Status page displays health status information of the GravityZone deployment, thus making it easier for you to view
when something goes wrong

142 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Intro
System status  Metrics

143 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Intro
The System Status page displays health status information of the GravityZone deployment, thus making it easier for you to view when
something goes wrong.
The page provides system metrics, their status and when they were last updated, all displayed in a grid formation

144 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Metrics
The System Status page contains details about the following metrics:
 Web Console Data Processors
 Disk Usage
 Communication Server
 Database Server
 Web Server
 Message Broker

More details regarding metrics can be found in the Admin guide, starting from page 467
http://download.bitdefender.com/business/GravityZoneEnterprise/Current/Documentation/en_US/Bitdefender_GravityZone_Admini
stratorsGuide_7_enUS.pdf

145 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 14 – Sandbox Analyzer

Bitdefender Sandbox Analyzer provides a powerful layer of protection against advanced threats by performing automatic, in-depth
analysis of suspicious files which are not yet signed by Bitdefender antimalware engines.

146 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Features
Sandbox Analyzer  Manual Submission
 Automatic Submission / Policy

147 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Features
 The Sandbox Analyzer page provides a unified interface for viewing, filtering and searching automatic and manual submissions to
the sandbox environment. The Sandbox Analyzer page consists of two areas:
 The filtering area allows you to search and filter submissions by various criteria: name, hash, date, analysis result,
status and MITRE's ATT&CK techniques
 The submission cards area that a displays all submissions in a compact format with detailed information about each one
 From the Sandbox Analyzer > Manual Submission, you can send samples of suspicious objects to Sandbox Analyzer, to determine
whether they are threats or harmless files
 You can configure the Sandbox Analyzer settings for automatic submission via Bitdefender Endpoint Security Tools

148 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Manual Submission
From the Sandbox Analyzer > Manual Submission, you can send samples of suspicious objects to Sandbox Analyzer, to determine
whether they are threats or harmless files.
 In the Upload page, under Samples, select the object type:
 Files
 URL
 Detonate – all the samples at once or individually, with the option to add command line arguments

149 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Automatic Submission / Policy

Bitdefender Endpoint Security Tools can act as a feeding sensor for Sandbox Analyzer from Windows endpoints.
 Enable Automatic sample submission from managed endpoints
 Analysis Mode:
 Monitoring
 Blocking
 Remediation action (disinfect, delete, quarantine, report only)
 Default Action
 Fallback Action
 Content Prefiltering
 Permissive
 Normal
 Aggressive

150 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Quarantine
 Reports
Demo  Accounts
 Sandbox analyzer

151 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Chapter 15 – Mobile Device Management

Bitdefender GravityZone provides security for Mobile devices which allows policies and profiles to be configured for securing your
company’s mobile devices.

152 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 Overview
Security for mobiles  Configuration

153 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Overview
Unifies enterprise-wide security with management and compliance control of iPhone, iPad and Android. Security features include:
 screen lock
 authentication control
 device location
 remote wipe
 detection of rooted or jailbroken devices
 security profiles

On Android devices the security level is enhanced with real-time scanning and removable media encryption.

154 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Requirements
Supports the following types of mobile devices and OS:
 Apple iPhone and iPad tablets (iOS 8.1+)
 Google Android smartphones and tablets (4.0.3+)

Mobile devices must have an active cellular data or Wi-Fi connection and connectivity with the Communication Server.

155 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Configuration
To be able to manage mobile devices when they are not directly connected to the company network (via Wi-Fi or VPN), configure port
forwarding on the corporate gateway for the appliance running the Communication Server role and specify the external address to be
used for MDM:
 https://<IP/Domain>:<Port>

156 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Configuration
Manage mobile devices while they are not connected directly to the company network:
 Configure port forwarding for the Bitdefender communication server
 Set the external communication address in the GravityZone appliance CLI
 Activate mobile devices using the external address of the communication server:
 <GatewayAddress>:<Port>

157 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Users and devices

 Mobile devices need to be manually added under users.
 If Control Center has been integrated with Active Directory, you can add mobile devices to existing Active Directory users.
 In non-Active Directory situations, you must first create custom users in order to have a mean to identify the owners of mobile
devices.

158 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Mobile client install

Install GravityZone Mobile Client distributed via Apple App Store or Google Play.

159 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

Mobile client install

 Scan the QR code generated by the console when a
mobile device will be added under a user.
 The QR code together with installation instructions for
the GravityZone Mobile Client will also be send by E-mail
to the user.
 Alternatively you can manually enter the Activation
Details.

160 MARCH 17, 2021

 GRAVITYZONE™
THE SECURITY PLATFORM FOR
END-TO-END BREACH AVOIDANCE

 MDM Configuration
Demo  Mobile device install and configure

161 MARCH 17, 2021

WWW.BITDEFENDER.COM