New software blade from Check Point takes a 'modern approach' to application control
Check Point is to launch a new software blade to manage application control.
Part of its software blade infrastructure, it enables organisations to secure and manage the use of thousands of Web 2.0 applications in the enterprise. It also utilises the UserCheck technology, previously added to the data loss prevention blade that was released earlier this year, to engage employees in the decision-making process and enables IT administrators to tailor application usage policies.
It claimed that as employees are essential to helping organisations mitigate security risks associated with emerging internet applications in the enterprise, this blade brings a modern approach to application control that provides a unique combination of robust security technology and user awareness, both necessary for employees to utilise Web 2.0 tools without jeopardising the security of the network.
Talking to SC Magazine, Check Point's global head of network security, Gabi Reish, said that using the software blade adds a new dimension to the Check Point firewall because as well as enhancing user awareness, users can now add more capabilities and protect security generally.
He said: “You can look at an application and it could be a standard business application, but if you want to remain secure businesses do not have visibility. They are very effective at self educating and providing education but no one was really prepared and there is more malware and vulnerabilities on websites.
“There is also a problem with bandwidth hogging, and this is a big problem. There is also productivity loss, and in organisations employees can spend 30/40 minutes a day on Farmville so there is a lot of working time lost. So with these challenges we have developed an application control blade.”
He said that there are a lot of grey areas when it comes to application security and the best way is to understand what the user is trying to do, and work with the end-user to understand their objectives.
“Now IT organisations and departments need to do more with less and need to be efficient but there are more security vulnerabilities and you want to be practical but protected,” said Reish.
“If I had the ability to protect organisations, UserCheck is the way to do it as it logs actions, who authorised every log and finds out why people wanted to send specific information. If something looks suspicious you can say 'are you sure you wanted to do that?'”
The core of the technology is a library called AppWiki, which has the details of 4,500 applications and 50,000 social networking applications, grouped into 150 categories. Reish said that this was added following an acquisition made last November of the application classification and signature database from FaceTime Communications.
Dorit Dor, vice president of products at Check Point, said: “We're bringing a new dynamic to application control by giving businesses a strong combination of technology, employee awareness and access to the largest database of web applications in the industry. Organisations will benefit from granular policy control that is truly customised based on their employee, business and security needs.
“Check Point's latest firewall innovation, combined with our application library – 50 times larger than any other in the industry – provides organisations with the broadest and most flexible protection, without taking away the business advantages of Web 2.0 use.”