Feeds

Check Point bakes anti-malware tech into firewall bricks

Software 'blades' whisper from scabbards. En garde

The essential guide to IT transformation

Check Point is baking in cyber-espionage defences to its enterprise firewall and gateway security products with the incorporation of sandbox-style technology.

"Threat emulation" software blades for Check Point firewalls will be available later in Q2 2013 and will add to other threat prevention layers, such as anti-virus and anti-bot technology launched last year. All of these technologies were developed in-house.

The latest strains of malware are designed to "switch off" if they detect that they are running in a virtual machine, as a means to thwart security analysis. Tomer Teller, a security strategist at Check Point, said that the emulator technology it's developing is much harder to detect than a virtual machine.

The threat emulation technology carries out both static and dynamic analysis to figure out if a file is changing registry settings, altering other files or attempting to connect with blacklisted servers, among other things, before deciding if it ought to be blocked and quarantined.

Prior to putting the technology into its security appliances, Check Point has set up a microsite where files can be uploaded for emulating and checking.

Corporate defenders might appear to be hopelessly outfoxed by the latest generation of cyber-attacks, featuring custom malware and spear-phishing. However, Teller was bullish that IT vendors such as Check Point were coming up with technology capable of "detecting and mitigating" advanced malware attacks.

Even if the initial infection occurs, it might be possible to isolate compromised systems, prevent an attacker accessing corporate resources or extracting sensitive information.

"If you can break one of the layers of an attack then the whole attack fails," Teller told El Reg.

Check Point also owns the Zone Labs line of personal firewall and security suite products but Gabi Reish, head of product, said the only safe assumption in corporate security was to assume that an end-point might be compromised and to design corporate defences appropriately. The anti-bot blade incorporated in Check Point's gateways is designed to block malware-infected zombies from phoning home.

The forthcoming theta emulation and existing anti-bot and anti-virus blades fit in with the "razor-and-blade" model introduced by Check Point in 2009. The Israeli firm's security appliances and gateways are the "razors", while the "blades" are the software that customers buy and use to deliver different types of network protection. For example, the App Control Blade controls social media apps, while the Mobile Access Blade secures employees' smartphones and tablets.

Check Point is pushing this technology and approach down to SMEs with the launch of its new 1100 Appliances. The kit, designed for branch and remote offices with up to 100 users, offers 1.5 Gbps of max firewall throughput and 220 Mbps of max VPN throughput.

Check Point are also offering the Software Blade Architecture on low-end kit for the first time. 1100 Appliances, launched at Check Point's (CPX) user conference in Barcelona earlier this week, start at $599.

Multi-layered protection options include: Firewall, VPN, IPS (intrusion prevention system), application control, mobile access, Data Loss Prevention, anti-bot, identity awareness, URL filtering, anti-spam and anti-virus.

All but standard components cost extra but customers benefit from flexibility while Check Point resellers gain a better opportunity to sell extra add-ons. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?