Check Point’s ThreatCloud Emulation to tackle zero-day attacks
By Digital News Asia September 4, 2013
- Organisations face ever-increasing barrage of advanced and previously undiscovered attacks
- Yet business-critical requirements for network performance continue to grow at exponential pace
CHECK Point Software Technologies Ltd has announced the availability of Check Point R77, the latest release for its Software Blade Architecture, which offers over 50 product enhancements, including a new ThreatCloud Emulation Service.
Other features include HyperSpect performance enhancing technology, Compliance Software Blade, new Central Device Management, improved user identity awareness with RADIUS and IF-MAP integration, and enhancements to Check Point's GAiA Unified Operating System.
Today’s cyber criminals work at a dizzying pace, developing stealthy new attacks and carefully targeting their victims with customised malware, the company said in a statement.
Researchers estimate that an average of 70,000 to 100,000 new malware samples are created and distributed every day (Oct 1, 2012: Next-Generation Malware: Changing the Game in Security’s Operations Centre, by Tim Wilson).
The sheer volume of malware demonstrates the ever-increasing barrage of advanced and previously undiscovered attacks that organisations face, Check Point said. At the same time, the business-critical requirements for network performance continue to grow at an exponential pace.
This environment requires a combination of threat prevention capabilities, lightning-fast security infrastructure, and automated regulatory compliance capabilities. Check Point R77 brings together preventative security capabilities, compliance monitoring and real-life performance boosts to existing gateways, the company claimed.
“Our customers need to stay one step ahead of the bad guys to protect their networks, and R77 provides the best platform and security protections to help them to do that,” said Dorit Dor (pic), vice president of products at Check Point.
“With optimised performance, cloud-based threat emulation and automated compliance monitoring, our software blade architecture is designed from the ground up to be the most comprehensive multi-layered security solution available today,” she said.
Check Point said its ThreatCloud Emulation Service prevents infections from undiscovered (zero-day) exploits, new variants of malware, and targeted attacks and advanced persistent threats (APT).
Part of Check Point’s leading multi-layered Threat Prevention solution, ThreatCloud Emulation Service quickly inspects suspicious files, emulates how they run to discover malicious behaviour, and instantly blocks newly identified malware in email attachments, file downloads, and direct web content.
Attack information is then shared to Check Point's collaborative network and cloud-driven knowledge base, ThreatCloud, for automatic protection.
First announced in February, Check Point ThreatCloud Emulation is now offered as a new cloud service, which is based on a global, organisation-wide monthly quota of scanned files. This monthly quota is across all of the security gateways on an organisation’s network and is an elastic deployment, allowing for an increase in quota based on usage and growth.
ThreatCloud Emulation is also available through the Private Cloud Emulation Appliance.
R77 is also the first release to include Check Point HyperSpect, an intelligent, adaptive content inspection engine that maximises hardware utilisation through a wide spectrum of optimisations and accelerations, including hyper threading technologies.
With the simple software upgrade to R77, organisations can safely consolidate security by utilising Check Point's multi-layered software blade protections on the same platform while experiencing sustained performance, the company claimed.
HyperSpect increases compute power and optimises inspection tailored to the most popular Internet traffic such as media streaming and http communication, which consume the greatest amount of Internet bandwidth.
Check Point's Compliance Software Blade will be generally available through the R77 release. Introduced in March, the Compliance Software Blade is the first next-generation-firewall-integrated and fully-automated compliance monitoring solution that leverages an extensive knowledge of regulatory requirements and over 300 Security Best Practices.
The Check Point Compliance Software Blade reduces the complexity of external compliance requirements and internal security mandates by providing instant notification of policy changes, by continuously assessing security posture across all Check Point Software Blades and by offering actionable recommendations to improve compliance and security, the company said.
The R77 Release is a free upgrade for existing customers. The ThreatCloud Emulation Service is based on a global organisational quota, which begins at a monthly list price of US$500 for up to 10,000 files inspected per month.
R77 and ThreatCloud Emulation Service will be available by Sept 2, 2013 from Check Point’s worldwide partners; check here http://partners.us.checkpoint.com/partnerlocator/.
Security threats: What to expect in 2013
Compliance, regulation the impetus for increased security: IDC