Class-Based Attack Protection
Approach Defeats Threats
REDWOOD CITY, Calif., - September 12,
2003 - Check Point Software Technologies Ltd. (NASDAQ: CHKP),
the worldwide leader in securing the Internet, today announced that
its SmartDefense™ active defense solution protects customers
against the three latest reported Microsoft Remote Procedure Call
(RPC) vulnerabilities. The SmartDefense Active Update released in
April 2003, automatically protected customers against variants exploiting
the Microsoft RPC service - including the July 2003 LovSan/Blaster
worm that exploited a weakness in the Windows 2000 and Windows XP
operating systems.
Remote Procedure Call (RPC) is a protocol used by the Windows operating
system, which is installed on a large number of PCs worldwide. RPC
provides an inter-process communication mechanism that allows a
program running on one computer to access services on another computer.
An exploitation of this vulnerability could potentially allow an
attacker to gain control of a computer, delete data and install
unwanted programs.
Class-Based Attack Protection
SmartDefense is based on Check Point's patented Stateful Inspection
and Application Intelligence technologies, and blocks not only specific
attacks, but also entire categories or "classes" of attacks.
Check Point provides this unique level of protection by enforcing
the proper and expected usage of protocols, such as RPC, and does
not rely on signatures. Traditional signature-based defenses are
reactive because they require knowledge of the exact characteristics
of an attack in order to create a defense signature.
Validate Expected Usage of Protocols
Check Point's Application Intelligence technology has the capability
to determine whether data within protocols adheres to expected usage.
In other words, even if a communication stream complies with a protocol
standard, the way in which the protocol is being used may be inconsistent
with what is expected.
Defense Mechanisms
Users of Check Point FireWall-1® NG with Feature Pack 3 who
have applied the DCE-RPC advisory (CPAI-2003-11) protection, available
since April 2003, have defenses that proactively protect against
these current vulnerabilities and the Blaster/LovSan worm.
About Check Point SmartDefense
Check Point's revolutionary SmartDefense actively protects organizations
from known and unknown network and application attacks by using
intelligent security technology to immediately detect, prevent and
respond to attack attempts. SmartDefense blocks attacks by type
and class using Check Point's patented Stateful Inspection and innovative
Application Intelligence ™ technologies, as well as provides
a single, centralized console to deliver real-time information on
attacks as well as attack detection, blocking, logging, auditing
and alerting. SmartDefense is included in Check Point Next Generation
with Application Intelligence product suite, and works in conjunction
with an ongoing subscription service, Active Update, delivered by
Check Point to ensure that the latest information on and defenses
for new and emerging attacks is available to users.
About Check Point Software Technologies
Check Point Software Technologies is the worldwide leader in securing
the Internet. It is the confirmed market leader of both the worldwide
VPN and firewall markets. Through its Next Generation product line,
the company delivers a broad range of Perimeter, Internal and Web
security solutions that protect business communications and resources
for corporate networks and applications, remote employees, branch
offices and partner extranets. Extending the power of the Check
Point solution is its Open Platform for Security (OPSEC), the industry's
framework and alliance for integration and interoperability with
"best-of-breed" solutions from over 350 leading companies.
Check Point solutions are sold, integrated and serviced by a network
of 2,500 Check Point partners in 149 countries. For more information,
please call us at (800) 429-4391 or (650) 628-2000, or visit us
on the Web at http://www.checkpoint.com
or at http://www.opsec.com.
###
© 2003 Check Point Software Technologies
Ltd. All rights reserved.
Check Point, the Check Point logo, Application Intelligence, Cluster
XL, ConnectControl, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer,
FireWall-1 SmallOffice, FireWall-1 VSX, FireWall-1 XL, FloodGate-1,
INSPECT, INSPECT XL, IQ Engine, Meta IP, MultiGate, Open Security
Extension, OPSEC, Provider-1, SecureKnowledge, SecureXL, SiteManager-1,
SmartCenter, SmartCenter Pro, SmartDashboard, SmartDefense, SmartLSM,
SmartMap, SmartView, SmartView Monitor, SmartView Reporter, SmartView
Status, SmartView Tracker, SVN, UAM, User-to-Address Mapping, UserAuthority,
VPN-1 Accelerator Card, VPN-1 Net, VPN-1 Pro, VPN-1 SecureClient,
VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 SmallOffice, and VPN-1
VSX are trademarks, service marks, or registered trademarks of Check
Point Software Technologies Ltd. or its affiliates. All other product
names mentioned herein are trademarks or registered trademarks of
their respective owners. The products described in this document
are protected by U.S. Patent Nos. 5,606,668, 5,835,726, and 6,496,935
and may be protected by other U.S. Patents, foreign patents, or
pending applications.
|
