שיחת ייעוץ חינם: 1-800-800-570

Check Point Web Security Software Blade
Comprehensive protection when using the Web for business and communication

Check Point Web Security Software Blade

The Check Point Web Security Software Blade provides a set of advanced capabilities that detect and prevent attacks launched against the Web infrastructure. The Web Security Software Blade delivers comprehensive protection when using the Web for business and communication.



Check Point Product
Check Point Security Gateway Blades
Web Security Blade
*The purchase of a Security Gateway container is required per user
#CPSB-WS
המחיר שלנו: הצעת מחיר

מחירים נוספים מופיעים למטה, או לחצו כאן!

שימו לב: כל המחירים באתר כוללים מע"מ. החיוב יבוצע על פי שער "העברות והמחאות מכירה" של המטבע (דולר אמריקאי) ביום אישור ההזמנה.

Benefits:

Comprehensive web security for maximum protection

  • Provides preemptive attack protection with patent-pending Malicious Code Protector
  • Delivers the strongest protection against buffer-overflow attacks
  • Enables granular security configurations for different Web applications and servers

Maximizes operational efficiency, enables quick deployment

  • Deploys in minutes to protect mission-critical applications
  • Ensures protection is up-to-date with real-time safeguard and defense updates
  • Improves end-user experience by inserting helpdesk webpages

Integrated into Check Point Software Blade Architecture

  • Simple activation of Web security on any Check Point security gateway
  • Centralized logging and reporting via a single console

Features:

Malicious Code Protector

Check Point's patent-pending Malicious Code Protector offers a revolutionary way of identifying buffer overflow, heap overflows and other malicious executable code attacks that target Web servers and other applications without the need of signatures. Malicious Code Protector can detect malicious executable code within Web communications by identifying not only its existence within a data stream but its potential for malicious behavior. Malicious Code Protector performs four important actions:

  • Monitors Web communication for potential executable code
  • Confirms the presence of executable code
  • Identifies whether the executable code is malicious
  • Blocks malicious executable code from reaching a targeft host

Malicious Code Protector identifies both known and unknown attacks, providing preemptive attack protection. Moreover, Malicious Code Protector operates at the kernel level enabling preemptive protection that does not compromise performance.

Advanced Streaming Inspection

Advanced Streaming Inspection is a Check Point kernel-based technology that processes the overall context of communication. This technology can make real-time security decisions based on session and application information and protects Web communication even when it spans multiple TCP segments. Process-intensive application inspections are offloaded to the kernel, dramatically improving throughput and connection rates.

Advanced Streaming Inspection uses Active Streaming technology, which has the capability to modify the content of a Web connection on the fly. This important capability offers several unique advantages to Check Point customers. Active Streaming uses HTTP header-spoofing capability, providing a first level of defense by hiding important site-specific properties about the Web environment. These properties often include the names and versions of operating systems, identity Web servers and backend servers. This information is typically useless to end-users, but extremely valuable to attackers who are trying to gather information about their target. The Web Security Software Blade can intercept a Web response that contains a server's identity and gives the administrator the option to either completely hide such disclosure or optionally change the stream to confuse attackers.

Administrators can improve the end-user experience with Active Streaming by predefining custom error pages. To most users, generic error status codes are meaningless. Active Streaming redirects the end-user to a custom-defined error page with meaningful helpdesk hints. This feature dramatically improves the end-user experience and reduces helpdesk costs.

Simple Deployment and Management

Web security management within Check Point security gateways is fully integrated into the management GUI. The user interface is preconfigured with protections to counter known common attacks—each with attack and defense descriptions. Because each Web application server is different from others in its security requirements, the Web Security Software Blade offers the capability to configure granular Internet security profiles for different Web applications and Web servers. First-time configuration of the Software Blade takes just minutes. Monitor-only mode allows smooth security deployment without the risk of rejecting connections to mission-critical applications due to the incorrect configuration of a security policy.

Integrated into Check Point Software Blade Architecture

The Web Security Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Security Gateways saving time and reducing costs by leveraging existing security infrastructure.

The Web Security Software Blade is tightly integrated with other Check Point Software Blades and does not require installation on additional devices. Security and audit logs are integrated into Check Point reporting, auditing and log architecture, providing administrators a powerful tool to centrally analyze security violations.

Specifications:

 Feature Detail
Malicious Code Protections Malicious Code Protector (MCP), general HTTP worm catcher
Application Layer Protections Cross site scripting, LDAP injection, SQL injection, command injection, directory traversal
Information Disclosure Protections Header spoofing enforcement, directory listing prevention, error concealment
HTTP Protocol Inspections HTTP format size enforcement, ASCII-only request enforcement, ASCII-only response header enforcement, header rejection definitions, HTTP method definitions
Enforcement Options Active, monitor-only, disabled
Configuration Granularity Individual servers protected by Web intelligence attack protections enabled for each server; for each attack protection, apply to individual servers or inspect all HTTP traffic; customizable profiles associated with specific Check Point gateways
Updates 

Real-time safeguard and defense updates through Check Point update service

הערות תמחור:

Check Point Product
Check Point Security Gateway Blades
Web Security Blade
*The purchase of a Security Gateway container is required per user
#CPSB-WS
המחיר שלנו: הצעת מחיר
Check Point Security Gateway Blades for High Availability
Web Security Blade for High Availability
*The purchase of a Security Gateway container is required per user
#CPSB-WS-HA
המחיר שלנו: הצעת מחיר
Check Point Security Gateway Containers
SG101 Container for Security Gateways with 1 core
-Up to 50 users
#CPSG-C101
המחיר שלנו: הצעת מחיר
SG201 Container for Security Gateways with 2 cores
-Up to 500 users
#CPSG-C201
המחיר שלנו: הצעת מחיר
SG401 Container for Security Gateways with 4 cores
-Unlimited Users
#CPSG-C401
המחיר שלנו: הצעת מחיר
SG801 Container for Security Gateways with 8 cores
-Unlimited Users
#CPSG-C801
המחיר שלנו: הצעת מחיר
SG1201 Container for Security Gateways with 12 cores
-Unlimited Users
#CPSG-C1201
המחיר שלנו: הצעת מחיר