SANDBLAST AGENT - PACKAGES
|
Available Packages
|
· SandBlast Anti-Ransomware – includes Anti-Ransomware only
· SandBlast Agent for Browsers – includes Threat Emulation, Threat Extraction, Zero Phishing, Credential Protection
· SandBlast Agent – includes Threat Emulation, Threat Extraction, Anti-Ransomware, Zero Phishing, Credential Protection, Anti-Bot, Forensics and Automated Incident Analysis
· Endpoint Complete Protection – The endpoint complete protection adds Full Disk Encryption, Antivirus and Firewall to the SandBlast Agent package
|
ENDPOINT SECURITY – SANDBLAST AGENT
|
Operating System
|
· Windows 7, 8, and 10
· Windows server 2008 R2, 2012, and 2012 R2
|
BROWSER PROTECTION – SANDBLAST AGENT FOR BROWSERS
|
Supported Browsers
|
· Google Chrome
· Coming Soon - Internet Explorer and Firefox
|
DOWNLOAD PROTECTION - THREAT EMULATION AND THREAT EXTRACTION
|
Threat Extraction – Supported File Types
|
· Adobe PDF
· Microsoft Word, Excel, and PowerPoint
|
Threat Emulation – Supported File Types
|
· Over 40 file types, including: Adobe PDF, Microsoft Word, Excel, and PowerPoint, Executables (EXE, COM, SCR), Shockwave Flash – SWF, Rich Text Format – RTF and Archives
|
Deployment Options
|
· SandBlast Service (Hosted on Check Point cloud)
· SandBlast Appliance (Hosted on-premise)
|
ANTI-RANSOMWARE
|
Anti-Ransomware
|
· Signature-less behavioral detection of ransomware, no internet connection is required
· Malicious file encryption activity detection
· Automated ransomware quarantine
· Automated restoration of encrypted data (if encryption started prior to quarantine)
|
ZERO PHISHING AND CREDENTIAL PROTECTION
|
Zero Phishing
|
· Real-time protection from unknown phishing sites
· Static and heuristic based detection of suspicious elements in sites that request user credentials
|
Corporate Credential Protection
|
· Detection of reuse of corporate credentials on external sites
|
FILE SYSTEM MONITORING
|
Threat Emulation
|
· Content copied from removable storage devices
· Lateral movement of data and malware between systems on a network segment
|
Enforcement Modes
|
· Detect and alert
· Block (background & hold modes)
|
ANTI-BOT
|
Enforcement Modes
|
· Detect and alert
· Block (background & hold modes)
|
FORENSICS
|
Analysis Triggers
|
· Anti-Ransomware detection on the endpoint
· Anti-Bot detection on the network or on endpoint
· Threat Emulation detection on the network
· Check Point Antivirus detection on the endpoint
· Third-party Antivirus detection on the endpoint
· Manual Indicators of Compromise (IoCs)
|
Damage Detection
|
· Automatically Identify: Data exfiltration, data manipulation or encryption, key logging
|
Root Cause Analysis
|
· Trace and identify root cause across multiple system restarts in real-time
|
Malware Flow Analysis
|
· Automatically generated interactive graphic model of the attack flow
|
Malicious Behavior Detection
|
· Over 40 malicious behavior categories
· Hundreds of malicious indicators
|
MANAGEMENT
|
Policy Management
|
· Endpoint Policy Management (EPM)
|
Event Monitoring
|
· SmartLog
· SmartEvent
|
Endpoint Management Version
|
· R77.30.03/E80.65 and above
|
Endpoint Management - Available
Packages
|
· Included as standard with SmartCenter and Smart-1 appliances
· Available as a software license
|
|
|