Check Point

dod_logo_left_roll

callback_request
Our Tweets
Notice

  • EU e-Privacy Directive

    This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

    View Privacy Policy

    You have declined cookies. This decision can be reversed.

Endpoint Policy Management

Endpoint Policy Management Software Blade

Overview

Enterprises have typically deployed some standalone point solutions for endpoint security such as a personal firewall or antivirus software. This approach quickly becomes a management nightmare in organisations with hundreds or thousands of PCs. For example, each time a software update is available for individual endpoint agents, IT must execute a rigorous engineering test cycle to qualify the release for performance and compatibility before pushing the update out to endpoints. Because it is not uncommon for enterprises to have three or more endpoint security agents on each device, implementation can become very time consuming and costly.

A new strategy is to unify endpoint security with functionality on each PC that is centrally deployed and managed by IT security specialists on a single console. Unification of security functionality allows for simplified deployment and management, which lowers the overall cost of operations. With a unified agent approach, IT will only have to run test cycles for one agent and will have the assurance that each function within that agent is compatible. However, to achieve strong endpoint security, an enterprise should carefully consider functions in a particular unified endpoint solution. Only a comprehensive set of security controls can provide an enterprise with complete endpoint security.

The Endpoint Policy Management Software Blade enables you to centrally manage the security products you use on your organization's end-user devices. This means that you can take and keep control of computing devices and the sensitive information they contain.

Key Benefits

  • centralised and delegated management options
  • Central monitoring and reporting on every endpoint security control
  • Faster security incident discovery, monitoring, and forensics
  • Comprehensive reporting and support for audits and compliance
  • Easier, faster deployment of software using single agent without requiring on-site manual intervention of IT or end users resulting in lower TCO
  • Unification of endpoint security with network security event management

Features

Firewall Rules
Provides same the level of security as standard perimeter firewalls by restricting or allowing network activity based on connection information

Access Zones and Zone Rules
Provides network security through creating groups of locations to which you assign network permissions

Program Control Policies
Restricts network access on a per-application basis

Program Advisor Service Policies
Automates application control management

Program Enforcement Policies
Ensures that every Endpoint computer meets application and version requirements before it connects to the network. For example, using Program Enforcement, you can require that Endpoint computers have a certain version of Antivirus protection

Cooperative Enforcement&#reg; Policies
Restricts or disconnects noncompliant users at the network access/authorisation level

Check Point Antispyware Policies
Protects your company’s data by detecting and removing spyware

Check Point Antivirus Policies
Provides centrally-managed antivirus protection to your Endpoint users

Specifications

Feature Details
Firewall
Antivirus Protection Protocols Block/allow traffic based on packet data, source/destination locations, protocols, ports, and when timed activities occur
Zone rules Restrict/allow network activity based on traffic origination or destination zone: Trusted Zone, Blocked Zone, Internet Zone
Allow/deny traffic based on security locations: Host, site, IP address, IP range, IP subnet and mask
Hot spot registration Allows for a temporary, controlled opening in the policy, regardless of the policy restrictions, so that the user may register to a local hot spot
Program control Limits exposure to vulnerabilities and attacks by restricting network access on a per-program basis Moderates network access for programs Uses program permissions applied to individual programs or program groups to control program activity
Program permissions Sets permissions for individual programs or group of programs: Allow, block, ask, terminate
Program authentication Verifies programs have not been tampered with by authenticating via MD5 signature or signed certificates
Program Advisor Automatically terminates known malicious programs
Automates application policy decisions based on real-time data collected from millions of PCs worldwide
Program groups Sets program permissions for groups of programs rather than for individual programs
Network access control (NAC)
Endpoint policy compliance and auto remediation Corrects policy violations: Antivirus, anti-spyware, firewall rules, software patches, specific application versions, registry entries
Quarantines unsafe PCs and automatically brings endpoints into compliance
Restricts network access from unknown guest users
Cooperative Enforcement® Ensures endpoint computers remotely connecting to the network are running an agent, have a specific policy, and comply with the enforcement rules in the security policy assigned
Restricts or terminates network access for noncompliant endpoints
Network segmentation-level NAC Cooperative Enforcement with VPN-1 gateways
Port-level NAC
  • 802.1x authentication support, third-party switch and wireless access point support
  • Restricts noncompliant endpoints to isolated VLAN: Limited to specific destination IP, ports, and protocols
VPN NAC
  • Supported gateways: VPN-1, Connectra™, and VPN gateways from Cisco Systems and Nortel Networks
  • Enforces spyware checks, keylogger removal, and ensures antivirus and operating system patches are current
  • VPN NAC on Connectra: includes on-demand browser-based solution for session confidentiality, disables spyware on guest PCs before granting SSL VPN access
Network access control (NAC)
Heuristic virus scan Scans files and identifies infections based on behavioral characteristic of viruses
On-access virus scan Scans files as they are opened, executed, or closed, allowing immediate detection and treatment of viruses
Deep scan Runs a detailed scan of every file on selected scan targets
Scan target drives Specifies directories and file types to scan
Scan exclusions Specifies directories and file extensions not to be scanned
Route-based VPN Utilises Virtual Tunnel Interfaces, numbered/unnumbered interfaces
Treatment options Enables choice of action agent should take upon detection of virus: Repair, rename, quarantine, delete
Third-party antivirus support McAfee VirusScan, Symantec Norton Antivirus, Trend Micro PC-cillin/OfficeScan, Sophos Anti-virus, Computer Associates eTrust InnoculateIT, Computer Associates VET, Check Point Endpoint Security Antivirus, Kaspersky Antivirus, NOD32 Antivirus, AVG Antivirus, AVAST Antivirus, BitDefender Antivirus, F-Secure Antivirus, Panda Antivirus, Microsoft OneCare Antivirus
Protection Details
Anti-spyware
Intelligent quick scan Checks the most common areas of the file system and registry for traces of spyware
Full-system scan Scans local file folders and specific file types
Deep-inspection scan Scans every byte of data on the computer
Scan target drives Specifies which directories and file types to scan
Scan exclusions Specifies directories and file extensions not to be scanned
Treatment options Enables choice of action agents should take upon detection of virus: Automatic, notify, or confirm
Remote access: IPSec VPN
Connectivity options Dynamic and fixed IP addressing for dialup, cable modem, and DSL connections
Authentication Preshared secrets, X.509 digital certificates, SecurID, username and password, RADIUS, TACACS, Check Point Internal Certificate Authority (ICA)
High availability and load sharing Inbound VPN connections distributed across a cluster of VPN-1 gateways, multiple entry points
Multiple connectivity modes Office Mode, Visitor Mode, Hub Mode
Management
Single management console
  • For policy configuration, policy administration, reporting, and analysis
  • Web-based administrator console
Role-based administration
  • Creates administrator accounts limited to specific user sets
  • Assigns an administrator to specific entities—user catalogs or groups
  • Creates accounts that are allowed only to perform specific functions
Unified with Check Point SMART Management
  • Manage endpoint security events from SmartCenter
  • Centralizes security event management and reporting via Eventia Analyzer and Eventia Reporter
  • Enables shared management server, login, console, log viewing, and event management
Management server log monitoring SNMP trap, Syslog
Management Platform Support
Operating systems
  • Windows Server 2003
  • Check Point SecurePlatformTM
Browsers
  • Internet Explorer 6 (SP2) and 7
  • Mozilla Firefox 1.5 and higher
Client Platform Support
Operating systems
  • Windows XP Pro (SP2)
  • Windows 2000 Pro (SP4)
  • Windows Vista
Certifications
Certifications
  • Common Criteria Evaluation Assurance
  • Level 4 (EAL4) FIPS 140-2

Updates

Threats to the network are constantly evolving and becoming more sophisticated. To maintain continuity and productivity, defenses must advance as quickly to deliver the technology and features that protect the business. Check Point Update service protects against emerging threats with critical hot software fixes, service packs, and major software upgrades.

Benefits

  • Ensures continuous security with access to critical hot fixes and service packs
  • maximises ROI and investment with access to major upgrades and enhancements
  • Increases security with the latest applications, features, and technologies
Please click here if you would like more information about this product

Browse Products

Check Point Product
A-Z finder