Feeds

Check Point bakes anti-malware tech into firewall bricks

Software 'blades' whisper from scabbards. En garde

Using blade systems to cut costs and sharpen efficiencies

Check Point is baking in cyber-espionage defences to its enterprise firewall and gateway security products with the incorporation of sandbox-style technology.

"Threat emulation" software blades for Check Point firewalls will be available later in Q2 2013 and will add to other threat prevention layers, such as anti-virus and anti-bot technology launched last year. All of these technologies were developed in-house.

The latest strains of malware are designed to "switch off" if they detect that they are running in a virtual machine, as a means to thwart security analysis. Tomer Teller, a security strategist at Check Point, said that the emulator technology it's developing is much harder to detect than a virtual machine.

The threat emulation technology carries out both static and dynamic analysis to figure out if a file is changing registry settings, altering other files or attempting to connect with blacklisted servers, among other things, before deciding if it ought to be blocked and quarantined.

Prior to putting the technology into its security appliances, Check Point has set up a microsite where files can be uploaded for emulating and checking.

Corporate defenders might appear to be hopelessly outfoxed by the latest generation of cyber-attacks, featuring custom malware and spear-phishing. However, Teller was bullish that IT vendors such as Check Point were coming up with technology capable of "detecting and mitigating" advanced malware attacks.

Even if the initial infection occurs, it might be possible to isolate compromised systems, prevent an attacker accessing corporate resources or extracting sensitive information.

"If you can break one of the layers of an attack then the whole attack fails," Teller told El Reg.

Check Point also owns the Zone Labs line of personal firewall and security suite products but Gabi Reish, head of product, said the only safe assumption in corporate security was to assume that an end-point might be compromised and to design corporate defences appropriately. The anti-bot blade incorporated in Check Point's gateways is designed to block malware-infected zombies from phoning home.

The forthcoming theta emulation and existing anti-bot and anti-virus blades fit in with the "razor-and-blade" model introduced by Check Point in 2009. The Israeli firm's security appliances and gateways are the "razors", while the "blades" are the software that customers buy and use to deliver different types of network protection. For example, the App Control Blade controls social media apps, while the Mobile Access Blade secures employees' smartphones and tablets.

Check Point is pushing this technology and approach down to SMEs with the launch of its new 1100 Appliances. The kit, designed for branch and remote offices with up to 100 users, offers 1.5 Gbps of max firewall throughput and 220 Mbps of max VPN throughput.

Check Point are also offering the Software Blade Architecture on low-end kit for the first time. 1100 Appliances, launched at Check Point's (CPX) user conference in Barcelona earlier this week, start at $599.

Multi-layered protection options include: Firewall, VPN, IPS (intrusion prevention system), application control, mobile access, Data Loss Prevention, anti-bot, identity awareness, URL filtering, anti-spam and anti-virus.

All but standard components cost extra but customers benefit from flexibility while Check Point resellers gain a better opportunity to sell extra add-ons. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.