Check Point Endpoint Security

First and only single agent for total endpoint security

Overview
Features
Specifications

Overview

First and only single agent for total endpoint security Check Point Endpoint Security™ is the first and only single agent that combines all essential components for total security on the endpoint: highest-rated firewall, antivirus, anti-spyware, full disk encryption, media encryption with port protection, network access control (NAC), program control and VPN. This enables security administrators to deploy endpoint security with a single installation and reduce the number of software updates that need to be tested and deployed.

Firewall/NAC/Program Control	Protects endpoint systems by restricting both inbound and outbound traffic, ensuring that they are in a secure state before allowing access to the network and automatically enforcing policies on which programs are allowed to run on PCs.
Antivirus/Anti-spyware	Detects and removes viruses, spyware, and other malware based on a combination of signatures, behavior blockers, and heuristic analysis, featuring the highest detection rates and hourly signature updates through the SmartDefense™ update service. Based on the award-winning ZoneAlarm® Internet Security Suite.
Data Security	Provides data protection on laptops, PCs, and removable media via a strong, proven and efficient blend of full-disk encryption, access control, port management, and removable media encryption. Based on market-leading Pointsec® technologies.
Remote Access	Enables secure remote access to end users by encrypting and authenticating data transmitted during remote access sessions between the endpoint and corporate network.

Key Benefits

Single agent for all your endpoint security needs
Easy to deploy, Single installation process
Eliminates the need to manage multiple security agents
Erases compatibility issues with separate agents
Reduces administration time and effort
Lowers total cost of ownership

Features

First and only single agent for total endpoint security
Highest-rated, award-winning firewall
Unique Program Advisor
Broadest malware protection
Remote access
Market-leading data security
Policy compliance and NAC
Centralized Management

First and only single agent for total endpoint security
Check Point Endpoint Security™ is the first and only single agent that combines all essential components for total security on the endpoint: highest-rated firewall, antivirus, anti-spyware, full disk encryption, media encryption with port protection, network access control (NAC), program control and VPN. This enables security administrators to deploy endpoint security with a single installation and reduce the number of software updates that need to be tested and deployed.

Easy deployment via single installation process
Streamlined system performance requiring minimal memory and CPU resources
Transparent to end users, requiring no user interaction to keep systems updated and secure

Highest-rated, award-winning firewall
Check Point Endpoint Security features an industry-leading firewall that blocks unwanted traffic, prevents malware from infecting endpoint systems, and makes endpoints invisible to hackers.

Uses “stealth mode” to make endpoints invisible to hackers scanning for vulnerable systems
Controls which applications are allowed network access
Ensures that approved programs cannot be spoofed, tampered with, or hijacked

Unique Program Advisor
Program Advisor makes implementing program control easy and effective. It leverages a Check Point knowledge base of well over a million trustworthy applications and suspected malware—updated in real time—to automatically ensure that only legitimate and approved programs are allowed to run on PCs.

Automatically kills the execution of malicious programs
Enables administrators to automate most application policy decisions, saving valuable administration time

Broadest malware protection
Check Point Endpoint Security terminates viruses, spyware, keystroke loggers, Trojans, rootkits, and other malicious pro¬grams before they can damage endpoint systems. Backed by the industry’s fastest security update services.

Comprehensive antivirus, anti-spyware, and host intrusion prevention
Hourly updates provide immediate protection against the latest malware

Remote access
Only Check Point Endpoint Security unifies advanced remote access as an indispensable part of endpoint security.

IPSec VPN client based on the award-winning VPN-1® SecureClient™
Includes flexible connectivity options and supports multiple authentication schemes
Applies full security policies to remote access traffic

Market-leading data security
Check Point Endpoint Security includes market-leading data security based on Pointsec technology to provide data protection through a strong and efficient blend of full-disk encryption, access control, port management, and removable media encryption.

Full-disk encryption provides the most comprehensive protection for all data
Keeps data safe by controlling activity on ports and devices
Encrypts sensitive data transferred via portable media devices such as USB storage devices, and CDs and DVDs

Best-of-breed endpoint security technologies in a single agent that’s easy to deploy.

Policy compliance and NAC
Prior to granting network access to any user, Check Point Endpoint Security enforces a comprehensive NAC policy to ensure that each endpoint is current with the latest antivirus, critical patches, service packs, and applications such as browsers and VPN agents.

Ensures only safe endpoint devices can access the network
Easy to configure NAC for both remote access and internal network access
Support for industry-standard 802.1x authentication enables NAC in multi-vendor networking environments

Centralized Management
Check Point Endpoint Security features centralized management that reduces overall cost and complexity by enabling administrators to deploy, manage, and monitor security policy for thousands of endpoints across a distributed organization. The management server installs in minutes, and the agent software can be deployed quickly without end-user involvement.

Monitor, analyze, and report on security events from the administrative console
Easy to deploy and manage with one simple installation

Specifications

Product Specifications

Firewall
Firewall rules	• Block/allow traffic based on packet data, source/destination locations, protocols, ports, and when timed activities occur
Zone rules	• Restrict/allow network activity based on traffic origination or destination zone: Trusted Zone, Blocked Zone, Internet Zone • Allow/deny traffic based on security locations: Host, site, IP address, IP range, IP subnet and mask
Hot spot registration	• Allows for a temporary, controlled opening in the policy, regardless of the policy restrictions, so that the user may register to a local hot spot
Program control	• Limits exposure to vulnerabilities and attacks by restricting network access on a per-program basis • Moderates network access for programs • Uses program permissions applied to individual programs or program groups to control program activity
Program permissions	• Sets permissions for individual programs or group of programs: Allow, block, ask, terminate
Program authentication	• Verifies programs have not been tampered with by authenticating via MD5 signature or signed certificates
Program Advisor	• Automatically terminates known malicious programs • Automates application policy decisions based on real-time data collected from millions of PCs worldwide
Program groups	• Sets program permissions for groups of programs rather than for individual programs
Network access control (NAC)
Endpoint policy compliance and auto remediation	• Corrects policy violations: Antivirus, anti-spyware, firewall rules, software patches, specific application versions, registry entries • Quarantines unsafe PCs and automatically brings endpoints into compliance • Restricts network access from unknown guest users
Cooperative Enforcement®	• Ensures endpoint computers remotely connecting to the network are running an agent, have a specific policy, and comply with the enforcement rules in the security policy assigned • Restricts or terminates network access for noncompliant endpoints
Network segmentation-level NAC	• Cooperative Enforcement with VPN-1 gateways
Port-level NAC	• 802.1x authentication support, third-party switch and wireless access point support • Restricts noncompliant endpoints to isolated VLAN: Limited to specific destination IP, ports, and protocols
VPN NAC	• Supported gateways: VPN-1, Connectra™, and VPN gateways from Cisco Systems and Nortel Networks • Enforces spyware checks, keylogger removal, and ensures antivirus and operating system patches are current • VPN NAC on Connectra: includes on-demand browser-based solution for session confidentiality, disables spyware on guest PCs before granting SSL VPN access
Antivirus
Heuristic virus scan	• Scans files and identifies infections based on behavioral characteristic of viruses
On-access virus scan	• Scans files as they are opened, executed, or closed, allowing immediate detection and treatment of viruses
Deep scan	• Runs a detailed scan of every file on selected scan targets
Scan target drives	• Specifies directories and file types to scan
Scan exclusions	• Specifies directories and file extensions not to be scanned
Route-based VPN	Utilizes Virtual Tunnel Interfaces, numbered/unnumbered interfaces
Treatment options	• Enables choice of action agent should take upon detection of virus: Repair, rename, quarantine, delete
Third-party antivirus support	• McAfee VirusScan, Symantec Norton Antivirus, Trend Micro PC-cillin/OfficeScan, Sophos Anti-virus, Computer Associates eTrust InnoculateIT, Computer Associates VET, Check Point Endpoint Security Antivirus, Kaspersky Antivirus, NOD32 Antivirus, AVG Antivirus, AVAST Antivirus, BitDefender Antivirus, F-Secure Antivirus, Panda Antivirus, Microsoft OneCare Antivirus
Protection Details
Anti-spyware
Intelligent quick scan	• Checks the most common areas of the file system and registry for traces of spyware
Full-system scan	• Scans local file folders and specific file types
Deep-inspection scan	• Scans every byte of data on the computer
Scan target drives	• Specifies which directories and file types to scan
Scan exclusions	• Specifies directories and file extensions not to be scanned
Treatment options	• Enables choice of action agents should take upon detection of virus: Automatic, notify, or confirm
Full Disk Encryption
Full-disk encryption	• Encrypts all defined hard-drive volumes including partition boot records, operating system, system files, and user data by utilizing a unique Pre-Boot Authentication environment to ensure complete protection
Pre-boot authentication	• Native logon credentials and customized background
Dynamic encryption	• Encrypts and decrypts new partitions automatically
Dual boot support	• Dual boot with Windows XP SP2 and RHL 4 or 5
Simplified user acquisition	• “User collector” feature dramatically simplifies the creation of end user accounts
Serial over LAN authentication	• Supports serial over LAN authentication on vPro PCs in pre-boot
Authentication and login methods	• Authentication and login methods: User ID/password, tokens, smartcards, Single Sign-On with password synchronization,
Multiple platform support	• Windows (including Vista), Mac OS, X and Linux
Centralized management	• Remote Help: For password resets • Disk Recovery: Automatic creation of centrally stored recovery file for disaster recovery • Active Directory Integration: User password synchronization with Windows • Centralized Policy Configuration: Integration with third-party forensics and recovery tools (e.g., Win PE)
Media Encryption
Media and port protection	• Complete port and removable media management • Unique media authorization • Offline access to encrypted media • Transparent removable media encryption • Extensive auditing alerts • Whitelist and blacklist • Microsoft and Novell support and third-party certifications • Kernel mode technology and anti-tampering features • Active Directory integration
Remote access: IPSec VPN
Connectivity options	• Dynamic and fixed IP addressing for dialup, cable modem, and DSL connections
Authentication	• Preshared secrets, X.509 digital certificates, SecurID, username and password, RADIUS, TACACS, Check Point Internal Certificate Authority (ICA)
High availability and load sharing	• Inbound VPN connections distributed across a cluster of VPN-1 gateways, multiple entry points
Multiple connectivity modes	• Office Mode, Visitor Mode, Hub Mode
Management
Single management console	• For policy configuration, policy administration, reporting, and analysis • Web-based administrator console
Role-based administration	• Creates administrator accounts limited to specific user sets • Assigns an administrator to specific entities—user catalogs or groups • Creates accounts that are allowed only to perform specific functions
Unified with Check Point SMART Management	• Manage endpoint security events from SmartCenter • Centralizes security event management and reporting via Eventia Analyzer and Eventia Reporter • Enables shared management server, login, console, log viewing, and event management
Management server log monitoring	• SNMP trap, Syslog
Management Platform Support
Operating systems	• Windows Server 2003 • Check Point SecurePlatform™
Browsers	• Internet Explorer 6 (SP2) and 7 • Mozilla Firefox 1.5 and higher
Client Platform Support
Operating systems	• Windows XP Pro (SP2) • Windows 2000 Pro (SP4) • Windows Vista *
Certifications
Certifications	• Common Criteria Evaluation Assurance Level 4 (EAL4) • FIPS 140-2

*Endpoint Security – Secure Access will support Windows Vista in Q3 2008.

Next Steps
- Call US Sales
  1-866-488-6691
- Contact Us Online
- Find a Partner
more to know