HEIMDAL SECURITY

● INTRODUCTION
The Heimdall Data proxy is a software platform for application and infrastructure owners.
Whether on-premise or cloud, Heimdall helps organizations deliver faster, more reliable, and
secure content generation. Heimdall Data is a distributed Database Proxy that improves database
performance from an application perspective. We give users visibility and control over their SQL
environment.
Heimdall supports a variety of databases including Postgres and Postgres based databases (AWS
Aurora, Redshift and Greenplum), MySQL and SQL Server databases. For caching, it supports
Hazelcast and Redis.

1 / 27
 SUPPORTED PLATFORMS
●
Windows 11 (64 bit);
●
Windows Server 2022 (64 bit);
●
MacOS 12 - Monterey (and above);
●
Ubuntu 20.04 LTS
●
Debian 11
●
Android 6.0 (and above).
●
Linux
●
IOS

2 / 27
 SYSTEM REQUIREMENTS
● Windows
●
Microsoft .NET Framework 4.6.1 (or above).
●
Up to 640 MB of disk space.
●
At least 250 MB RAM.
●
At least 3% of CPU usage when blocking a domain, up to 10% when opening theHeimdal™ Agent,
and up to 40% during a scan.
● MacOS
Devices with M1, M2 (Apple Silicon-based Macintosh) architecture require the installation of
Rosetta (Rosetta 2 is an emulator designed to bridge the transition between Intel and Apple
processors. In short, it translates apps built for Intel so they will run on Apple Silicon) and .NET
Core version 3.1 (.NET Core is a cross-platform and open source implementation of .NET,
rethought for the cloud age while remaining significantly compatible with .NET Framework) to
run the HEIMDAL Agent. Later versions of .NET Core (5 and 6) must not be installed on the
device as they will create issues with the HEIMDAL Agent
3 / 27
SUITABLE FOR OUR ENVIRONMENT

Simplify Operations Heimdal™ combines threat prevention, vulnerability management, access

management, and antivirus and e-mail security into a single platform that simplifies IT
operations and helps companies stop any cyberattack, keeping critical assets, information and
intellectual property safe. Advance your Defences Innovative components, unified in a complete
Endpoint Prevention, Detection and Response platform, intelligently work together as one
through AI to empower organizations to predict and stop tomorrow’s threats, today. With total
confidence and complete visibility over any environment.

4 / 27
HOW IT WORKS
Heimdal Threat Prevention - Network uses Machine Learning on device-to-infrastructure communication to
spot and stop attacks that firewalls can’t see, offering you an essential threat hunting tool to prevent attacks
on your network. Now enhanced with Predictive DNS, a truly revolutionary AI & ML algorithm that is capable
of predicting a domain is malicious before it will host any malicious content. The advanced neural networks
and AI linguistic analysis are capable of achieving an unprecedented level of truly intelligent prevention
Blocks malicious web content :
Over 22% of all new domains are created for illegal purposes. And it would be
impossible for your users to know exactly which websites are completely safe. For instance, malicious code
can be often found in banners on entirely legitimate websites. But Heimdal Threat Prevention - Network
blocks access to websites containing malicious code and to servers controlled by cybercriminals.
Prevent Data leakage :
Heimdal Threat Prevention - Network also stops communications from any existing
malware intrusions, avoiding data leaks by detecting and blocking malicious traffic initiated by threats
such as APTs and ransomware
Detect Advanced Malware:
If Heimdal Threat Prevention - Network ever identifies an infection, we send
you alerts for every type of device that’s been infected, including PCs, Macs, Androids and iOS devices.
5 / 27
INSTALLING THE HEIMDAL AGENT (WINDOW)

1. Run the HeimdalLatestVersion.msi file with Administrator permissions.

2. In the installation wizard, scroll down and read the Terms and Conditions, then press the I agree button
(which will become available after you scroll down).

6 / 27
3. Select the desired language of the HEIMDAL Agent and press Next.

7 / 27
4. Choose the install location and choose whether to add a shortcut to the Desktop or not. Press Next.

8 / 27
5. Insert the HEIMDAL license key provided by your Account Manager and press Next.

9 / 27
6. If your HEIMDAL license key is correct, you will receive the Almost there… message, and get information
about the type of license you have and its corresponding expiration date. Click on Install to finish the
installation process.

10 / 27
7. Once the installation process is completed, click Finish to start the HEIMDAL Agent.

11 / 27
●
HOME

12 / 27
This is the Home section of the Agent. Here you can see the overall status of each component currently active on
the endpoint.You can also find the Synchronize Group Policy button on the top right (which will update the group
policy if you need it faster than the set update interval), the sidebar that lets you access each module separately,
on the left, and the Notification button (symbolized by the bell icon) which will take you to the notification screen
to view any recent alerts and other messages.

13 / 27
THREAT PREVENTION
The Threat Prevention tab will give you on-the-fly information regarding this specific module, along with statuses
for all the sub-modules that encompass it, and quick statistics concerning patterns and detections.

14 / 27
You can also enter each module separately, and view detailed information and reports, as seen here for the
DarkLayer Guard™, which displays a history of recently blocked traffic and prevented attacks.

15 / 27
The VectorN Detection™ and TTPC modules will present any malware and process activity, as well as a calculated
probability of infection, and the option to view the quarantined items.

16 / 27
PATCH & ASSET MANAGEMENT
The Patch & Asset Management tab shows an overlook at the updates to programs and the operating system
itself. Quick statistics here include the number of monitored apps, recent updates and available ones for the
operating system.

17 / 27
The 3rd Party Patch Management module shows you the list of apps that can be installed on the machine, as well as a breakdown
of each monitored program and its recent updates. Here you can also see if the software is up to date and view the update history.
If the group policy currently applied for permits, you here can also select if an app will have auto-update enabled or if it will be
monitored at all.

18 / 27
In the Microsoft Updates module, the Heimdal Agent practically takes over the function of updating the Windows
operating system, allowing to choose if Auto-updates are enabled (via the Group Policy setting in the Heimdal
Dashboard), and view detailed information regarding currently available updates for the OS

19 / 27
ENDPOINT DETECTION
The Endpoint Detection tab shows you overall information regarding the protection of the machine file system
itself. Relevant quick statistics include a number of quarantined and infected files, alerts regarding the Firewall,
and ransomware detections.

20 / 27
The Next-Gen Antivirus shows you any logged and categorized infections or quarantined files, displaying the
date of the detection, as well as any suspicious files that may pose a risk. In this module, you can also perform a
variety of scanning actions to search for infections and remove them. Moreover, scanning activities can be
scheduled here to help with automation.

21 / 27
The Firewall module presents you with logged network activity alerts that can vary from inbound/outbound data
transfers, possible attacks, or other forms of requests. Moreover, rules can be set here for any executable, address,
port, or protocol, offering great granular control over where network access is granted or denied.

22 / 27
The Ransomware Encryption Protection component is vital in detecting and stopping any known ransomware
from effectively sealing your data without an option of retrieval. This component functions automatically at all
times and is always ready to stop these disasters from occurring.

23 / 27
PRIVILEGES & APP CONTROL
In Privileges & App Control you can assign specific permissions for specific users, while you can also elevate any
request received from the users. You can also see detections based on application permission requests, and act
upon them.

24 / 27
 EMAIL FRAUD PREVENTION
The Email Fraud Prevention module continuously scans email traffic to assess and fraudulent links or attachments
that may pose a threat (due to phishing). This component scans all email applications and supports multiple
accounts. It will also log and block any suspicious attempts at security.

25 / 27
 REMOTE DESKTOP
The Remote Desktop module allows you to connect to any other Host over the network and assist or manage
accordingly.

 REMOTE DESKTOP

26 / 27
 SETTINGS
The Settings screen allows you to change various options and parameters, mainly enabling or disabling
components. As an example here in the Endpoint Detection category, settings regarding recommended actions to
be taken upon detecting threats can be set.

27 / 27