Se ha denunciado esta presentación.
Se está descargando tu SlideShare. ×
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Anuncio
Próximo SlideShare
checkpoint
checkpoint
Cargando en…3
×

Eche un vistazo a continuación

1 de 24 Anuncio

Más Contenido Relacionado

Presentaciones para usted (20)

Similares a Checkpoint Overview (20)

Anuncio

Más reciente (20)

Anuncio

Checkpoint Overview

  1. 1. COMPANY OVERWIEW Check Point è un’azienda di Cyber Security che nasce nel 1993, può vantare di un’esperienza importante e ha mostrato di sapersi adattare alle necessità dei propri clienti nel corso degli anni. 1993 FONDAZIONE 2006 UNIQUE CONSOLE MANAGMENT 2009 BLADE SYSTEM 2009 NOKIA SECURITY AND FACETIME ACQUISITION CheckPoint vuole offrire un servizio di sicurezza globale intendendo la propria filosofia di security come un processo di business
  2. 2. PRODUCT OVERVIEW Threat Prevention • Threat Prevention Appliances • SandBlast Appliances • Endpoint Security Mobile Security • Check Point Capsule • Mobile Threat Prevention Network Protection • DDoS Protection Security Management • R80 Public and Private Cloud • ThreatCloud Intellistore • vSEC
  3. 3. A CHI È RIVOLTA Una piattaforma estremamente consolidata che offre una protezione totale verso le nuove e vecchie minacce. Molto attiva nell’ambito della ricerca e dello sviluppo e disponibile a stipulare partnership sempre nuove per offrire servizi innovativi. In definitiva, CheckPoint risulta essere un’azienda molto competente e aggiornata su tutte le tematiche moderne di CyberSecurity tanto da essere segnalata da Gartner tra le leader in molti settori Se volete avere un’idea su quante aziende utilizzino con successo CheckPoint proponiamo una breve lista consultabile cliccando qui
  4. 4. APPLIANCES Una famiglia di prodotti per garantire la sicurezza aziendale. I vari Blades offrono protezione indipendentemente su APPLIANCE oppure su ENDPOINT Una copertura applicativa che va dalle piccole medie imprese ai grandi datacenter e provider Telco Le caratteristiche: THREAT PREVENTION • Firewall • IPS • Anti-Bot • Antivirus • Application Control • URL Filtering • SandBlast™ Threat Emulation • SandBlast™ Threat Extraction NEW OPERATING SYSTEM • Definizione di ruoli personalizzati tra gli utenti • Software update automatico • Web Interface amministration • IPv4/ IPv6 acceleration e clustering technologies • Unicast e multicast routing protocols • Più Gateways virtuali su un’appliance ENDPOINT APPLIANCE
  5. 5. LA GAMMA Deployment Branch or Small Office 1100 Form Factor Desktop 1400 Interfaces 1 GbE, Wi-FI, 3G/4G support 2200 Branch Office FW Throughput Special Features 750 Mbps to 4 Gbps DSL, Web management 3200 Enterprise Deployment Form Factor Interfaces FW Throughput Special Features Enterprise 1RU 1, 10 GbE 3 to 35 Gbps Flexible IO options 4200, 4400 4600, 4800 5200, 5400 5600, 5800 12200 Data Center Deployment Form Factor Interfaces FW Throughput Special Features Large enterprise, Data center 2RU 1, 10, 40 GbE 25 to 128 Gbps Low latency, 40 GbE, LOM 12400, 12600 13500, 13800 15400, 15600 21400, 21700, 21800 23500, 23800 Chassis Systems Deployment Form Factor Interfaces FW Throughput Special Features Data center, Telco, Carrier 6RU to 15RU 1, 10, 40 GbE 80 to 400 Gbps Bladed, scalable platform, DC power 41000 61000 Rugged Deployment Form Factor Interfaces FW Throughput Special Features Harsh environments Desktop, DIN mount 1 GbE, 3G/4G support 2 Gbps AC/DC power 1200R
  6. 6. ENDPOINT SECURITY Anti-Malware & Application Control Firewall and Compliance Check Full Disk Encryption Software Endpoint Media Encryption Policy Management Una suite di protezione completa per gli Endpoint che fornisce tutte le Blades Technologies di Checkpoint e offre anche un potente strumento di crittografia. Il pacchetto è modulabile acquistando solo le componenti necessarie
  7. 7. SANDBLAST APPLIANCES Oltre al servizio di SandBlast online CheckPoint offre la possibilità alle aziende interessate di acquistare un’apposita appliance che si occupi del sandboxing e l’analisi delle minacce sconosciute. Questi apparecchi risultano utilissimi per la protezione dalle minacce 0-day THREAT EMULATION THREAT EXTRACTION TE1000X APPLIANCE TE2000X APPLIANCETE100X APPLIANCE TE250X
  8. 8. DDOS PROTECTION CheckPoint non integra nelle piattaforme di Threat Prevention la protezione dagli attacchi DDoS, queste appliance vengono vendute separatamente Offrono diverse possibilità di configurazione per integrarsi con le reti aziendali preesistenti, offrono una security management per l’analisi del traffico real-time ed una threat management intelligence per la protezione avanzata contro gli attacchi DDoS Check Point mette anche a disposizione un supporto dedicato 24/7 per assicurare la massima protezione ed efficienza NETWORK & TRAFFIC FLOOD APPLICATION BASED DOS/DDOS
  9. 9. LA PROTEZIONE CLOUD L’approccio di Check Point per la protezione in Cloud si sviluppa in due metodologie differenti: • Un servizio online di Sandboxing e analisi con accesso diretto a tutti i report di sicurezza in real time • Una vasta gamma di appliance virtuali per la protezione dei Cloud privati
  10. 10. VSEC-CLOUD PROTECTION Dato il sempre maggiore utilizzo di ambienti virtuali Check Point ha deciso di sviluppare una versione vitalizzabile dei propri appliance In questo modo è possibile trasformare la propria SDN in una NFV eliminando la struttura fisica ma preservandone le caratteristiche. Le partership stipulate da CheckPoint con i maggiori fornitori di servizi Cloud computing consentono di utilizzare le protezioni CheckPoint su i seguenti Public Cloud AMAZON WEB SERVICES MICROSOFT AZURE vSEC FOR VMWARE NSX vSEC VIRTUAL EDITION vSEC OPENSTACK
  11. 11. MOBILE PROTECTION In ambito mobile Check Point propone due proposte per la protezione degli utenti Mobile Threat Protetion Proteggere il dispositivo mobile dagli attacchi malevoli Capsule Crea un’ambiente di lavoro sicuro all’interno di un dispositivo non controllato
  12. 12. MOBILE THREAT PREVENTION I benefici ricavabili da questa soluzione sono: • Poter utilizzare i propri dispositivi mobili in sicurezza • Proteggere i dati sensibili sulle device • Proteggere i dispositivi mobili dai malware • Garantire la protezione da virus multipiattaforma • Consentire di accedere ai dati aziendali dal device in sicurezza • Mantenere la propria privacy riservata pur fornendo informazioni all’azienda sulle statischine anonime di protezione Un software per proteggere i dati anche su apparecchi mobili visto la grande importanza che questi oggetti ricoprono nel mondo enterprise moderno
  13. 13. CAPSULE CheckPoint CAPSULE crea un ambiente di lavoro protetto sul dispositivo mobile garantendo l’accesso a tutti i servizi aziendali (email, documenti, direttive interne e assets) in modo sicuro Caratteristiche • Divide i dati aziendali da app e dati personali • Abilita un accesso sicuro all’azienda da ogni device • Garantisce il rispetto delle policy anche su device esterni • Policy gestite in concomitanza con quelle aziendali • Integrazione con le piattaforme esistenti Vantaggi • Crea un ambiente protetto al di fuori del perimetro aziendale • Mantiene la sicurezza sui dati ovunque si vada • Mantiene la sicurezza anche in ambienti non controllati • Possibilità di utilizzare in maniera sicura gli applicativi aziendali • Previene la perdita di dati
  14. 14. THREATCLOUD INTELLISTORE Un servizio Cloud offerto da CheckPoint per la raccolta e l’analisi delle informazioni sulla sicurezza combinate con informazioni raccolte in tutto il mondo consentono un’analisi più efficacie e predittiva delle minacce
  15. 15. R80 Un sistema di gestione centralizzato per tutti i prodotti CheckPoint
  16. 16. DATA LOSS PREVENTION SOFTWARE BLADE Check Point Data Loss Prevention (DLP) Software Blade combines technology and processes to revolutionize DLP, helping businesses to pre-emptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time Benefits Easy DLP deployment and simplified management •Centralized management of security policy via a single console •Pre-configured policies allow for immediate data loss prevention •Broadest support for file formats and data types Pre-emptive data loss prevention for critical business information •UserCheck technology allows for real-time user remediation •MultiSpect combines users, content and process for unrivaled accuracy •Educates and alerts users without involving IT/security personnel •Inspect and control sensitive emails both leaving the organization and between departments Integrated into Check Point Software Blade Architecture •Activate DLP on any Check Point security gateway •Powerful and highly scalable dedicated Next Generation Data Protection appliances also available
  17. 17. ANTI-BOT SOFTWARE BLADE Benefits • Discover bot outbreaks, detect Advanced Persistent Threat (APT) attacks and stop bot damage • Detect infected hosts with unique Multi-Tier ThreatSpect™ engine • Combine information on remote operator hideouts, botnet communication patterns and attack behavior to accurately identify bot outbreaks • Receive up-to-the-minute bot intelligence from the ThreatCloud knowledge base • Prevent damage by blocking bot communication between infected hosts and a remote operator A bot is malicious software that allows cybercriminals to remotely control computers and execute illegal activities such as stealing data, spreading spam and distributing malware. Check Point Anti-Bot security software detects bot-infected machines, prevents bot damages by blocking bot C&C communications, and is continually updated from ThreatCloud, the first collaborative network to fight cybercrime. • Leverage industry's first collaborative network to fight cybercrime • Analyze over 75 million addresses daily for bot discovery • Dynamically update attack information from worldwide network of sensors and industry’s best malware feeds • First Integrated Anti-Bot Network Solution • Integrate all critical threat prevention technologies in a single gateway – IPS, Anti-Virus, Anti-Spam, URL Filtering and Anti-Bot • Set policy and view infection reports that are fully integrated with the Check Point Antivirus Software Blade • Investigate infections and easily assess damages with extensive forensics tools
  18. 18. URL FILTERING SOFTWARE BLADE Benefits • Protect users with cloud-based categorization and UserCheck technology • Dynamic cloud-based database of over 200,000,000 Websites • Real time updates of ever evolving and new URLs • Leverage UserCheck to empower users with real time alerts while educating on web policy • Unified Security over all aspects of the web with full Application Control integration • Allow unified enforcement and management across all aspects of web security The Check Point URL Filtering Software Blade provides optimized web security through full integration in the gateway to prevent bypass through external proxies. Integration of policy enforcement with Application Control means enhanced Web and Web 2.0 protection, and UserCheck technology empowers and educates users on web usage policy in real time. The URL Filtering Software Blade is a key component of the Secure Web Gateway Vantage • Define, enforce and report on web and application security policies at the user and group levels • Control over 200 Million websites, 4,800 Web 2.0 applications, and 300,000 widgets to achieve the comprehensive web security • Enforce bandwidth and/or time limits to select websites or Web 2.0 applications • Optimize web security and reduce Total Cost of Ownership • Full integration of URL Filtering into Check Point gateways eliminates bypass through external proxies and enforces inspection of all traffic--even when traversing non-standard ports
  19. 19. The check point intrusion prevention system software blade combines industry-leading IPS protection with breakthrough performance at a lower cost than traditional, stand-alone IPS software solutions. The IPS software blade delivers complete and proactive intrusion prevention – all with the deployment and management advantages of a unified and extensible next-generation firewall solution INTRUSION PREVENTION SYSTEM SOFTWARE BLADE Benefits Next-generation security prevention, protection and performance •Industry-leading intrusion protection and firewall—as tested NSS Labs—delivers 1,000s of signature, behavioral and preemptive protections •Check Point is ranked #1 in Microsoft and Adobe threat coverage •Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall Unrivaled, multi-Gigabit performance in an integrated IPS •Up to 15 Gbps of IPS and 30 Gbps of firewall throughput •Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput •CoreXL technology provides the most efficient and high-performance use of multi-core technologies Lowest TCO and fastest ROI of any enterprise-class firewall solution •One-click activation of IPS and firewall protection on any Check Point gateway •Delivers unmatched extensibility and flexibility—all without adding CapEx •Integrated into Check Point Software Blade Architecture for on-demand security
  20. 20. APPLICATION CONTROL SOFTWARE BLADE The Check Point Application Control Software Blade provides the industry’s strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies (based on users or groups) to identify, block or limit usage of over 6,000 Web 2.0 applications and 300,000 widgets.The Application Control Software Blade is a key component of the Secure Web Gateway Appliance Benefits Granular Application Control •Granular control of social networks, application and features within applications - identify, allow, block or limit usage •User and group granularity in policy and reporting •Real time user alerts and education on risks and company policies with UserCheck •Intuitive and insightful granular reports and forensic tools Largest Application Library with AppWiki •Leverages the world's largest application library with over 6,000 Web 2.0 applications and 300,000 social network widgets •Intuitively grouped in over 150 categories—including Web 2.0, IM, P2P, Voice & Video and File Share •Embrace the power of Web 2.0 while protecting against threats and malware Integrated into Check Point Software Blade Architecture •Centralized management of security policy via a single console •Activate application control on any Check Point security gateway •Also available as a part of the Check Point Secure Web Gateway appliance
  21. 21. “We must guarantee that remote access is as secure and efficient as possible for our journalists. For us the efficiency, flexibility, and speed of accessing our network are among the biggest challenges that need to be addressed” “The advantages offered by Check Point are evident precisely when you cannot see them. When everything is running smoothly, Check Point solutions have allowed our system to reach the maximum level of protection.” Proteggere gli accessi remoti per gli utenti in mobilità, ovunque e in qualsiasi momento
  22. 22. SAMSUNG Le necessità • Prevenire che i device compromessi possano accedere al network o ai dati • Proteggere i device • Proteggere gli apparati mobile iOS e Android con un’unica soluzione La Soluzione • Mobile threat prevention • Integrazione con Airwatch di VMware • Integrazione con Splunk SIEM “Check Point had more up-to-date information and automated delivery of the latest malware-related intelligence,” said Lentz. “Check Point Mobile Threat Prevention offers the closest thing to zero-day detection on mobile devices. I like it when a product does what it is supposed to do—and more. Check Point did exactly that.” “So far, we have been 100 percent protected with coverage for both iOS and Android devices,” said Lentz. “Because it’s difficult to track down mobile users in order to remediate their devices, automating protection was critical. Devices were immediately quarantined, which is our number-one defense.” “The Check Point solution has given us back one full-time resource of man hours” “Check Point Mobile Threat Prevention is the best zero-day malware protection possible for mobile devices,” he said. “There’s nothing else out there with multiple layers of protection. Our IP is secure, and that’s peace of mind.”

Notas del editor

  • Check Point è un’azienda di Cyber Security che nasce nel 1993, può vantare di un’esperienza importante e ha mostrato di sapersi adattare alle necessità dei propri clienti nel corso degl’anni.
    Nel 2006 ha creato una struttura di sicurezza unificata con un’unica console di gestione.
    Nei primi anni del 2009 ha introdotto il sistema costituito dai vari Blade per lasciare libertà al cliente di personalizzare l’offerta.
    Sempre nel 2009 l’acquisizione della divisione sicurezza di Nokia e di FaceTime Communications hanno consentito all’azienda di espandere i propri orizzonti in ambito di priotezione.
    CheckPoint vuole offrire un servizio di sicurezza globale intendendo la propria filosofia di security come un processo di business.
  • DETECT AND STOP ATTACKS BEFORE THEY START
    Smartphones and tablets give us unprecedented access to the critical business information we need to work faster and more accurately. Providing your employees with access to that information on the mobile devices they choose has many benefits, but it also exposes your business to risk.

    Check Point Mobile Threat Prevention, an innovative approach to mobile security for iOS and Android devices that detects and stops mobile threats before they start.
    Whether your data’s at rest on a device or in flight through the cloud, Mobile Threat Prevention helps protect you from vulnerabilities and attacks that put data at risk.

    HIGHEST LEVEL OF MOBILE SECURITY FOR THE ENTERPRISE
    Only Check Point provides a complete mobile security solution that protects devices from threats on the device (OS), in applications, and in the network, and delivers the industry’s highest threat catch rate for iOS and Android. Mobile Threat Prevention uses malicious app detection to find known and unknown threats by applying threat emulation, advanced static code analysis, app reputation and machine learning.

    It safeguards devices from unprotected Wi-Fi® network access and Man-in-theMiddle attacks and stops access to the corporate network when a threat is detected. It uses real-time risk assessments at the device-level (OS) to reduce the attack surface by detecting attacks, vulnerabilities, changes in configurations, and advanced rooting and jailbreaking. Its dynamic threat response prevents compromised devices from accessing an organization's network, and allows organizations to set adaptive policy controls based on unique thresholds for mitigation and elimination of threats on the device.

    Advanced app analysis
    You can trust your employees to access your sensitive business assets, but can you trust their apps? Our solution captures apps as they are downloaded to devices, and runs each in a virtual, cloud-based environment to analyze its behavior before being approved or flagged as malicious. Our easy to understand, exportable analysis reports helps your security teams ensure apps employees use are safe.

    Network-based attacks
    Public places are filled with open Wi-Fi networks, making it difficult to know which networks are safe and which aren’t. Cybercriminals can use these networks to hijack smartphones and tablets, assuming control of devices and valuable data like messages, files, and network credentials. Our solution detects malicious network behavior and conditions, and automatically disables suspicious networks to keep devices and your data safe.
    ©2015 Check Point Software Technologies Ltd. All rights reserved.
    August 6, 2015
    Check Point Mobile Threat Prevention | Datasheet

    Device vulnerability assessments
    Cyber criminals make it their business to know the weakest link in your security before you do. That often includes weaknesses in operating systems and apps that other security solutions may not detect. Our solution continuously analyzes devices to uncover vulnerabilities and behaviors cyber criminals use to attack devices and steal information. With better visibility into the threats mobile devices face, you can reduce your overall attack surface and your risk.

    FULL MOBILE THREAT VISIBILITY AND INTELLIGENCE
    Mobile Threat Prevention’s cloud-based dashboard makes managing supported devices and controlling mobile threats fast and easy. It provides security and mobility teams with real-time threat intelligence and visibility into the quantity and types of mobile threats that could impact their business or users.

    Integrate intelligence with existing systems
    Mobile Threat Prevention’s stream of real-time threat intelligence pushes to Check Point SmartEvent automatically for monitoring of security events and for correlation with attacks on internal networks. There, this information is shared and correlated in Check Point’s Threat Cloud, providing the broadest set of threat intelligence that can be used within network environments to prevent cyber attacks from occurring. Threat intelligence can also be fed into existing enterprise systems like your security information and event management (SIEM) platform. This includes detailed logs and other indicators of compromise that can be filtered to trigger response actions that help your security team take action quickly to control and eliminate risk.

    DEPLOYING MOBILE SECURITY HAS NEVER BEEN EASIER
    Security and mobility teams have enough to worry about. That’s why Mobile Threat Prevention is designed to help them secure mobile devices quickly and confidently through integration and cooperation with MDM or EMM solutions. That helps make the solution highly scalable, and delivers strong operational and deployment efficiencies for managing mobile security within a broader security infrastructure.
    Deploy advanced mobile security with ease
    Whether you support 300 or 300,000 devices, integrating our solution with your MDM is fast and easy. Deployment and management can be done through your MDM automatically, accelerating adoption and reducing overall operational costs. Our solution scales with your MDM, seamlessly protecting mobile devices you enroll and removing capabilities for those you delete. As a result, you can rest assured you have the layers of security you need to both manage and protect mobile devices, even in a highly dynamic environment.

    Mitigate and eliminate threats right on the device
    When a threat is identified, our solution automatically mitigates any risk until the threat is eliminated. If a threat can be eliminated on a device immediately, users are notified about and prompted to take action, like deleting malicious apps or disconnecting from hostile networks. Integration with your MDM allows the solution to restrict secure container access, or make real-time, risk-based policy adjustments on compromised devices that MDMs on their own can’t make. Our solution can also activate an on-demand VPN to tunnel data traffic away from cyber criminals and to avoid data exfiltration while still keeping users connected.

    Respect user privacy and device performance
    End-user privacy is critical, so we never analyze files, browser histories, or application data. Our solution uses state and context metadata from operating systems, apps, and networks to determine if a device is compromised. It anonymizes the data it uses for analysis to keep it and security intelligence information separated. Our analysis is performed in the cloud to avoid impacting device performance, and since protection runs in the background, so users are stay protected without having to learn anything new.
  • ANSA ensures that its users can access the internal network and production systems, from anywhere at any time, through the Connectra™ Web security gateway. Traveling users already could securely utilize the network services through IPSec VPN tunnels using Check Point VPN-1 SecuRemote® and VPN-1 SecureClient™ software.
    Connectra fills the one remaining gap, allowing users to transmit news stories from any location where there is Internet service. If users are away from the office or do not
    have their own laptops immediately at hand they can use public Internet hot spots or borrowed computers. Users can use simple Web browsers to access centralized information and be protected by the SSL encryption in the browsers and the advanced security functions that Connectra provides.
    “Connectra is the ideal solution for ANSA users who need to have secure remote access to get into their file server, even in emergency situations when they have to use Internet hot spots or other public Web access points,” Argiroffi says.
    Also, Connectra allows ANSA to extend more applications to journalists in the field. SSL Network Extender™, included as part of Connectra, enables remote users to access non-Web applications via an Internet connection as though they were on the internal company LAN. “This is a very useful service that guarantees full operability to our colleagues via the
    Internet, no matter where they may be working in the world,” Argiroffi says.
    beNefIts of CheCk PoINt seCurIty Argiroffi has a long history with Check Point. Today, with his experience at ANSA, he has a very clear opinion about the solutions Check Point offers. “In the mid-1990s, Check Point had the big advantage of being the only provider of patentedStateful Inspection firewall technology,” Argiroffi says. Now Stateful Inspection is the industry standard.
    “Check Point solutions have other strong points that are just as important: ease-of-use, flexibility in configuration and range, and breadth of coverage. Also, Check Point offers effective support, ease-of-installation, great performance, and low total cost of ownership. Finally, the constant security updates and strengthening of the technology let us sleep more easily.”
    The ability to implement solutions on the Check Point SecurePlatform™ prehardened operating system, the high level of integration with other products, and Check Point high availability solutions have been important to ANSA.
    “The advantages offered by Check Point are evident precisely when you cannot see them,” Argiroffi says. “When nothing is happening and everything is running smoothly, it means that Check Point solutions have allowed our IT system to reach the maximum possible level of reliability and protection.”
  • Solution New In-Depth Protection Lentz and his team considered numerous consumer and enterprise antivirus products, but they all fell short. Next, they talked to peers and began evaluating vendors that provided solutions for advanced threats, one of which was Check Point. During a demo, Check Point Mobile Threat Prevention quickly identified several mobile devices that had malware infections. Check Point Mobile Threat Prevention provides multiple layers of defense against exploits, targeted network attacks, mobile malware, and commercially available mobile remote access Trojans (mRATs) that enable spyware and data theft. Samsung chose Check Point Mobile Threat Prevention for its ability to protect devices from app-based zero-day malware and other threats.
    “Check Point had more up-to-date information and automated delivery of the latest malware-related intelligence,” said Lentz. “Check Point Mobile Threat Prevention offers the closest thing to zero-day detection on mobile devices. I like it when a product does what it is supposed to do—and more. Check Point did exactly that.”
    Check Point Mobile Threat Prevention also integrated seamlessly with AirWatch by VMWare MDM and SIEM platforms. Now, Samsung gained comprehensive visibility into mobile threats and automated enterprise-wide security policy enforcement.
    CUSTOMER CASE STUDY
    ©2016 Check Point Software Technologies Ltd. All rights reserved. April 11, 2016
    3
    “The Check Point solution has given us back one full-time resource of man hours. We’re freed up to get more done.”
    — Steven Lentz, CISSP, CIPP/US
    Protection in Action Check Point Mobile Threat Protection defends against threats on devices, in apps, and in the network, many of which use phishing emails, text messages, and browser downloads to attempt entry. It correlates and analyzes device, application, and network information in the cloud to deliver real-time threat intelligence. The Check Point solution runs a copy of the mobile app without data in a sandbox environment to see if it operates suspiciously. It performs advanced code analysis on the network communication link without actually inspecting the data. Check Point also applies behavioral heuristics for advanced rooting and jailbreak protection. If a user downloads something malicious and Check Point identifies it as malware, it notifies the MDM system to quarantine the device, removes the security profile from the infected device, and prevents the device from accessing the corporate network.
    Fast, Straightforward Deployment “The deployment took just 3 weeks,” said Lentz. “We deployed Check Point Mobile Threat Prevention solution on the network and automatically activated it on devices using our MDM. It’s easy for administrators to manage.” Business Impact It Just Works On its first day in service, Check Point Mobile Threat Prevention identified three embedded pieces of malware on employee devices. Next, it caught more than 20 different kinds of malware. Each time the solution identified a new threat, it notified security administrators immediately and offending devices were quarantined from the company network. After the threats were eliminated, the Check Point solution reestablished connectivity with corporate networks and assets.
    Once the Check Point solution was fully deployed, IT found that five percent of the company’s enrolled devices were infected with multiple types of malware, including credential stealers, keyloggers, mRATS, and unauthorized root kits. All devices were quarantined from company networks and assets until the users could be informed and the threats removed.
    “So far, we have been 100 percent protected with coverage for both iOS and Android devices,” said Lentz. “Because it’s difficult to track down mobile users in order to remediate their devices, automating protection was critical. Devices were immediately quarantined, which is our number-one defense.”
    High User Adoption After users were informed about the new software being deployed, they didn’t have to do anything different. The AirWatch MDM containerizes business information separately from personal information on users’ mobile devices, and Check Point secures both. Check Point Mobile Threat Protection runs in the background, using minimal system resources. Users didn’t have to learn anything new and are only alerted if the app quarantines the device.
    “Our users don’t have to worry about it because it’s invisible,” said Lentz. “We’ve seen high adoption and satisfaction from employees and contractors because it’s easy to register for the software, it respects their privacy, and it runs quietly in the background.”
    CUSTOMER CASE STUDY
    ©2016 Check Point Software Technologies Ltd. All rights reserved. April 11, 2016
    4
    For more information, visit www.checkpoint.com/mobilesecurity
    Mobile Threat Visibility Check Point Mobile Treat Prevention integrates threat intelligence with Samsung’s Splunk SIEM, delivering better visibility into mobile device compliance with security policies. It enables IT to manage threats proactively while simplifying security management. A cloud-based dashboard provides real-time intelligence and visibility into the number and types of mobile threats trying to gain entry.
    “Integration with our AirWatch MDM and Splunk SIEM has automated real-time intervention,” said Lentz. “Now, quarantines keep threats off the network and enable us to better protect sensitive information.”
    According to Lentz, maintenance of the Check Point Mobile Threat Prevention is minimal. It might take an hour a week, which usually occurs when the software identifies malware on a phone and the team waits for the user to respond before cleaning the device. Otherwise, the software sits in the background, silently protecting Samsung’s mobile devices.
    “The Check Point solution has given us back one full-time resource of man hours,” he said. “We’re freed up to get more done.”
    Confidence to Expand Mobile Deployment Check Point Mobile Threat Protection has proven itself to be highly effective, identifying dozens of threats with no false positives. Proven success gave Samsung significant confidence to allow unknown, employee-owned devices onto its network. The solution finds malware on a daily basis from compromised links, downloads, or applications on new, user-owned phones. When the team installs the Check Point software on a new phone, it makes sure that the phone and all pre-existing apps are clean.
    Peace of Mind Proactive security and multiple layers of defense now protect Samsung’s corporate data and intellectual property, and Lentz recommends the solution to peers.
    “Check Point Mobile Threat Prevention is the best zero-day malware protection possible for mobile devices,” he said. “There’s nothing else out there with multiple layers of protection. Our IP is secure, and that’s peace of mind.”

×