Endpoint Security R72 is a new version of single agent for endpoint security and features a higher level of protection from the WebCheck browser-based security technology.
WebCheck uses browser virtualisation to form a protective layer against sophisticated and increasing web attacks such as zero-day vulnerabilities, drive-by downloads and phishing schemes. It also protects users as they surf the internet by isolating threats within a virtualised browsing session to keep malware from installing on an employee's computer and spreading through the network.
Nick Lowe, regional director for Northern Europe at Check Point, explained that if an employee were to visit a suspicious site, signature-based and heuristic anti-phishing protections would warn the user not to enter confidential information.
Lowe said: “You use whatever browser you want and you go into it and it is monitored for any suspicious activity. It can be effective for organisations because if people are doing business externally it works in the background.
“What we are doing is to not recreate a browser as it is unlikely that you will create a virtual session within it although it is in a virtual environment. So if you are on a site that puts something down that is suspicious, it will consistently look at the behaviour of the site and if it sees something that it doesn't like it will alert you.”
Similarly, exclusive site recognition technology warns a user before the web page loads if a site is dangerous, guarding the employee from inadvertently frequenting malicious sites.
Also featured is OneCheck, an integrated login and auto-connect virtual private network (VPN) functionality. Check Point claims that this condenses multiple logon credentials into an easy integrated sign-in and allows users to unlock Windows and multiple security applications, such as full disk encryption, media encryption and VPN on their PCs with a single, easy login.
Lowe said: “OneCheck is a single sign-on structure that keeps passwords for the authentication suite on the disk. If you look at the classic start-up, there is encrypted access to the hard drive, then active directory passwords and a VPN tunnel. The data is encrypted and would have to be very secure.
“The VPN function allows the ability to roam and change the connection methods; we are trying to make it easier. For example if you are on a train and every time you go through a tunnel your session drops out, then you have to re-sign in and re-authenticate yourself. This will save your credentials and find a new connection that allows you to move from one connection to another.”