What is our primary use case?
We deploy GravityZone endpoint protection from the admin to every in-office machine, every utility machine, and then to each work-from-home machine that that attorney or paralegal uses when COVID-19 gets bad. There is a weekly centralized review. There is also response to alerts.
The solution is basically a firewall, antivirus, and anti-malware. It's got a heuristic module. It takes a lot of the same core technology that you see in GravityZone, however, with a decidedly more consumer-friendly face.
How has it helped my organization?
In an office building, there may be other firms on the same floor. In a couple of instances, an attorney was trying to get a PDF uploaded to the court, or at least that's what he thought he was trying to do. It wouldn't work on his machine so he took it over to his partner's machine. It was a small firm, three attorneys. It wouldn't work on that one. So he took it to his partner's paralegal, and it wouldn't work on that one.
He brought it over to a paralegal from one of my clients, and it immediately detected it as malware and blocked it. That was a vanilla out-of-the-box scan from GravityZone. What's notable about this is the malware was pretty serious and it ended up ransomwaring both of those other firms even though they notified their IT people who went in and attempted remediation. They didn't catch it. We like that because this isn't just defending against network-based attacks, it's successfully defending against everything else.
What is most valuable?
The solution has better UI and better UX tools.
The standard policies are pretty good, right out of the box. We seldom have to tweak them. We have never had to make, and I'm speaking across probably 14 law firms in 2020, we've never had to attenuate for a specific device case like a scanner or a particular piece of software. On three occasions it did block some software paralegals were trying to install, which turned out to be malicious.
We like the dashboard, the console, the reporting. It's very easy to deploy.
We're pretty strong on GravityZone. We have had zero penetrations across our entire client base.
What needs improvement?
We don't deal with very large organizations. We stay as far away from active directory and combined network typologies, as much as we possibly can. The way I explain it is we don't build our houses out of straw, we don't build our houses out of wood. Each user machine that piggybacks builds a stone house.
We've cloud migrated everybody, however, it did not happen generically. We've used Google Enterprise or Box Enterprise, so good stuff. AES-256 at rest and AES-128 in transit. We only do scans on GravityZone covered machines via our contemporary APIs. We close every hole we can find. With people who still have servers, whether they're physical or virtual or cloud, and they're still active directory, and they're still 100% Microsoft shops, I've heard them complain. However, I don't care as it doesn't affect any of my clients.
For many, the problems come mostly when they start tweaking or short-cutting - particularly for patch management. A lot of admins will tend to bundle work that we don't think should be bundled, however, they tend to due to the fact that they're underfunded and undermanned. They've got to get all the patches up. They've got to get all the updates done. Therefore, they tend to tweak group policies associated with the active directory. Some of those customizations can create potential security holes.
GravityZone is the only one with the heuristic model, the simulator. We've seen where a thing may pass the script desk, it may pass the node and snippet test, however, it fails the heuristic test. That's where it launches a virtual machine in the high memory and lets the thing do whatever it's going to do, and then looks for where it goes. Of course, a lot of these things then go to the approval area as that's what the admin intended. However, then they get into a bit of a problem with GravityZone as it doesn't want them to do that. GravityZone works fine if you follow best practices in the other areas of your deployments. If you're kind of cheating or cutting corners, GravityZone isn't going to be mean to you, however, it may give you grief.
For how long have I used the solution?
I've used the solution as a consumer on behalf of clients. I've been dealing with the solution for four or five years at this point.
What do I think about the stability of the solution?
The solution is extremely stable. Nothing that I work with is as stable as this product. For example, aside from its default group policies and actions being robust and its very adroit awareness of 'allowable' (you can't get a Kyocera auto-update if you don't have a Kyocera), we log less than one issue per year per client for Gravity Zone.
How are customer service and technical support?
The technical support is amazing. It's pretty much instantaneous. We've very satisfied with the level of service we are provided.
How was the initial setup?
The initial setup is pretty straightforward.
We create a package depending on the level of sophistication of the user. The average law firm will have three packages. A low-end package, attorney, because attorneys are actually the least significant player in a law firm. They're the least informed. They're the least aware technologically. Then there are the standard paralegals and then advanced technical paralegals. We want to give more power to the advanced technical paralegals. Prior to COVID, we would typically create two or three distribution points, but with all the work from home, we quickly observed it was unnecessary.
For example, let's say you've got 22 users in an office. You can create two or three distribution points in your configuration of the GravityZone download package. Then, those three distribution points, which are serverless and have no central authority, will capture the updates and distribute those to the other machines. That worked fine pre COVID. Post COVID, with everybody at home, fully 40% of the workforce at home, that creates an unnecessary burden. That's why we've suspended that.
We're using the UI you configure for whether the users are on a Win 64 machine or a Mac, and sometimes Linux. We build the package, send the package, install the package. When we put GravityZone on a machine we're building for deployment. It's all very quick and smooth.
When we're putting GravityZone on a work from home, typically it's a home laptop that has got a lot of stuff on it that isn't necessary. GravityZone installs in three phases. Phase one is a scan, a comprehensive scan. Phase two looks for offending software that is incompatible, such as McAfee. In home deployments, we very often watch it go through and have to unroot junkware. Sometimes that will take intervention on our part.
What's my experience with pricing, setup cost, and licensing?
Although I can't speak to exact costs, in our experience, not only is it much more effective, it also never costs more, and sometimes costs less than competitors.
What other advice do I have?
The solution is targeted for the consumer community, however, I've seen it deployed a lot this year from all the work from home attorneys and paralegals and such.
I would advise those seriously considering the solution to go for the three-year contract as it'll save you money. If you're changing protection more often than every three years, then you're not really paying attention.
I would rate the solution ten out of ten.
We have problems with Word, we have problems with Google, we have problems with Google Drive, we have some problems with the Box API, we have lots of problems with all IFTTT. However, we never really have problems with GravityZone.