Check Point Antivirus Software Blade
Provides optimized web security
The enhanced Check Point Antivirus Software Blade stops incoming malicious files. Using real-time virus signatures and anomaly-based protections from ThreatCloud™, the first collaborative network to fight cybercrime, the Antivirus Software Blade detects and blocks malware at the gateway before the user is affected.
Real-time security intelligence delivered from ThreatCloud
- Leverage the industry's first collaborative network to fight cybercrime
- Identify over 4.5 Million malware signatures and 300,000 malicious websites
- Dynamically update attack information from worldwide network of sensors and industry’s best malware feeds
Prevent damage from malware attacks by stopping them at the gateway
- Stop incoming malicious files with 300x more signatures than previous versions
- Prevent access to malware infested websites
- Receive up-to-the-minute malware intelligence from the ThreatCloud knowledgebase
Integrated into Check Point Software Blade Architecture
- Activate Antivirus Software Blade on any Check Point security gateway
- Saves time and reduces costs by leveraging existing security infrastructure
- View and manage the "big malware picture" with integrated threat reports and dashboards with Anti-Bot Software Blade
ThreatCloud™ Real-time Security Intelligence Feeds
ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends. ThreatCloud powers the Antivirus Software Blade allowing gateways to investigate always-changing malware signatures. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real time.
ThreatCloud’s knowledgebase is dynamically updated using attack information from worldwide gateways, feeds from a network of global threat sensors, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.
Stop Incoming Malware Attacks
Check Point Antivirus Software Blade stops incoming malware attacks with 300x more signatures than previous versions. Multiple malware detection engines are utilized to protect your network, including signature and behavioral engines. Malware is identified as it attempts to get into or out of your network and leverages ThreatCloud for up-to-the-minute updated detection of malware.
Prevent Access to Malicious Websites
The Antivirus Software Blade scans outbound URL requests and ensures users do not visit websites that are known to distribute malware. The knowledgebase is updated in real-time with over 300,000 sites from the ThreatCloud and is constantly updated.
Integrated Malware Reports and Dashboards
Malware reports and dashboards are integrated with the Anti-Bot Software Blade with infection summaries and trends to provide better visibility to organizational malware threats and risks
- View infected hosts statistics, malware types and activities, trends/changes vs. previous week/month, amount of data sent or received and more
Summary of infected hosts
Forensics - Provide administrators and security teams with the information they need to analyze security events, investigate infections and assess damages
- Detailed infection information per malware type and/or infected users and machines
- Identify malware names and infection severity
- Threat Wiki – extensive infection information (malware type, description and any available details such as executables run, used protocols etc.)
- Packet capture – view data sent using complete per-session packet capture with SSL inspection
Inspect SSL Encrypted Traffic
Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passed through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver.
Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy. Some encrypted content passing through the gateway should not be inspected, and therefore can be bypassed with a simple administrator policy definition.
|Supported Appliance Families|
|Supported Operating Systems|
|Antivirus Protection Protocols|
*Supported on R75.40 and above