Web Security Software Blade
Overview
The Check Point Web Security Software Blade provides a set of advanced capabilities that detect and prevent attacks launched against the Web infrastructure. The Web Security Software Blade delivers comprehensive protection when using the Web for business and communication.
Key benefits
- Establishes strongest protection against buffer-overflow attacks
- Offers application-level Web Security at wire-speed
- Improves end-user experience by inserting helpdesk Web pages
- Provides quick deployment for mission-critical applications
- Protects against new threats through the Check Point Update Service
Features
- Malicious Code Protector™
- Advanced streaming inspection
- Simple deployment and management
- Seamless integration into Check Point Security Gateways
Malicious Code Protector
Check Point’s patent-pending Malicious Code Protector offers a revolutionary way of identifying buffer overflow, heap overflows, and other malicious executable code attacks that target Web servers and other applications without the need of signatures. Malicious Code Protector can detect malicious executable code within Web communications by identifying not only its existence within a data stream but its potential for malicious behavior. Malicious Code Protector performs four important actions:
- Monitors Web communication for potential executable code
- Confirms the presence of executable code
- Identifies whether the executable code is malicious
- Blocks malicious executable code from reaching a target host
Malicious Code Protector identifies both known and unknown attacks, offering preemptive attack protection. Moreover, this level of protection does not come at the price of performance degradation because Malicious Code Protector is offered at the kernel level, delivering wire-speed throughput.
Advanced Streaming Inspection
Advanced Streaming Inspection is a Check Point kernel-based technology that processes the overall context of communication. This technology can make real-time security decisions based on session and application information, and protects Web communication even when it spans multiple TCP segments. Process-intensive application inspections are offloaded to the kernel, dramatically improving throughput and connection rates.
Advanced Streaming Inspection uses Active Streaming technology, which has the capability to modify the content of a Web connection on the fly. This important capability offers several unique advantages to Check Point customers. Active Streaming uses HTTP header-spoofing capability, providing a first level of defense by hiding important site-specific properties about the Web environment. These properties often include the names and versions of operating systems, and identity Web servers and backend servers. This information is typically useless to end users, but extremely valuable to attackers who are trying to gather information about their target. The Web Security Software Blade can intercept a Web response that contains a server’s identity and gives the administrator the option to either completely hide such disclosure or optionally change the stream to confuse attackers.
Administrators can improve the end-user experience with Active Streaming by predefining custom error pages. To most users, generic error status codes are meaningless. Active Streaming redirects the end user to a custom-defined error page with meaningful helpdesk hints. This feature dramatically improves the end-user experience and reduces helpdesk costs.
Simple Deployment and Management
Web Security management within Check Point Security Gateways is fully integrated into the management GUI. The user interface is preconfigured with protections to counter known common attacks—each with attack and defense descriptions. Because each Web application server is different from others in its security requirements, the Web Security Software Blade offers the capability to configure granular security for different Web applications and Web servers. First-time configuration of the Software Blade takes just minutes. Monitor-only mode allows smooth security deployment without the risk of rejecting connections to mission-critical applications due to misconfiguration of a security policy.
Seamless Integration with Other Software Blades
The Web Security Software Blade is tightly integrated other Check Point Software Blades, and does not require installation on additional devices. Security and audit logs are integrated into Check Point reporting, auditing, and log architecture, providing administrators a powerful tool to centrally analyze security violations.
Specifications
| Feature | Details |
|---|---|
| Malicious Code Protections | Malicious Code Protector (MCP), General HTTP Worm Catcher |
| Application Layer Protections | Cross Site Scripting, LDAP Injection, SQL Injection, Command Injection, Directory Traversal |
| Information Disclosure Protections | Header Spoofing enforcement, Directory Listing prevention, Error concealment |
| HTTP Protocol Inspections | HTTP Format Size enforcement, ASCII-only Request enforcement, ASCII-only Response Header enforcement, Header Rejection definitions, HTTP Method definitions |
| Enforcement Options | Active, Monitor-only, Disabled |
| Configuration Granularity | Individual servers protected by Web Intelligence Attack protections enabled for each server; For each attack protection, apply to individual servers or inspect all HTTP traffic; Customizable profiles associated with specific Check Point gateways |
| Updates | Real-time safeguard and defense updates through Check Point Update service |
Support
Threats to networks are constantly evolving and becoming more sophisticated. To maintain continuity and productivity, defenses must advance as quickly to deliver the technology and features that protect the business. Check Point Services protect against emerging threats with critical hot software fixes, service packs, and major software upgrades.
Benefits
- Ensure continuous security with access to critical hot fixes and service packs
- Maximize ROI and investment with access to major upgrades and enhancements
- Increase security with the latest applications, features, and technologies
Next Steps
- Find a Partner
- Call US sales: 1-866-488-6691
- Contact Us Online
Resources
Check Point Software Blade Architecture Brochure- Software Blades Demo
- Software Blade Architecture White Paper
Software Blades
Security Gateway Software Blades