Feeds

Check Point bakes anti-malware tech into firewall bricks

Software 'blades' whisper from scabbards. En garde

Security for virtualized datacentres

Check Point is baking in cyber-espionage defences to its enterprise firewall and gateway security products with the incorporation of sandbox-style technology.

"Threat emulation" software blades for Check Point firewalls will be available later in Q2 2013 and will add to other threat prevention layers, such as anti-virus and anti-bot technology launched last year. All of these technologies were developed in-house.

The latest strains of malware are designed to "switch off" if they detect that they are running in a virtual machine, as a means to thwart security analysis. Tomer Teller, a security strategist at Check Point, said that the emulator technology it's developing is much harder to detect than a virtual machine.

The threat emulation technology carries out both static and dynamic analysis to figure out if a file is changing registry settings, altering other files or attempting to connect with blacklisted servers, among other things, before deciding if it ought to be blocked and quarantined.

Prior to putting the technology into its security appliances, Check Point has set up a microsite where files can be uploaded for emulating and checking.

Corporate defenders might appear to be hopelessly outfoxed by the latest generation of cyber-attacks, featuring custom malware and spear-phishing. However, Teller was bullish that IT vendors such as Check Point were coming up with technology capable of "detecting and mitigating" advanced malware attacks.

Even if the initial infection occurs, it might be possible to isolate compromised systems, prevent an attacker accessing corporate resources or extracting sensitive information.

"If you can break one of the layers of an attack then the whole attack fails," Teller told El Reg.

Check Point also owns the Zone Labs line of personal firewall and security suite products but Gabi Reish, head of product, said the only safe assumption in corporate security was to assume that an end-point might be compromised and to design corporate defences appropriately. The anti-bot blade incorporated in Check Point's gateways is designed to block malware-infected zombies from phoning home.

The forthcoming theta emulation and existing anti-bot and anti-virus blades fit in with the "razor-and-blade" model introduced by Check Point in 2009. The Israeli firm's security appliances and gateways are the "razors", while the "blades" are the software that customers buy and use to deliver different types of network protection. For example, the App Control Blade controls social media apps, while the Mobile Access Blade secures employees' smartphones and tablets.

Check Point is pushing this technology and approach down to SMEs with the launch of its new 1100 Appliances. The kit, designed for branch and remote offices with up to 100 users, offers 1.5 Gbps of max firewall throughput and 220 Mbps of max VPN throughput.

Check Point are also offering the Software Blade Architecture on low-end kit for the first time. 1100 Appliances, launched at Check Point's (CPX) user conference in Barcelona earlier this week, start at $599.

Multi-layered protection options include: Firewall, VPN, IPS (intrusion prevention system), application control, mobile access, Data Loss Prevention, anti-bot, identity awareness, URL filtering, anti-spam and anti-virus.

All but standard components cost extra but customers benefit from flexibility while Check Point resellers gain a better opportunity to sell extra add-ons. ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
Apple grapple: Congress kills FBI's Cupertino crypto kybosh plan
Encryption would lead us all into a 'dark place', claim G-Men
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.