Check Point Infinity Architecture Prevents Advanced Threats Across Network, Cloud and Mobile with Zero-Day Protection and Consolidated Management
With Check Point Infinity we are now taking a pre-emptive approach to our IT security. We are preventing cyber attacks from entering the network. Plus, we know that every aspect of our business is covered: networks, cloud and mobile
–Serafim Couto, Information Technology Department Manager, Arcopedico
Arcopedico is a Portuguese company that produces ergonomic footwear. It exports to around 50 countries and has an annual business turnover of €15 million. It has its own stores and distributors and works directly with the Portuguese and Spanish retail market.
Faced with increasing cybersecurity threats, Arcopedico believed that its corporate firewall had limited functionality and was reaching its end of life. More and more devices were connecting to the corporate network, so Arcopedico decided it needed to partition the network.
“We have some corporate devices that connect to an external network and we didn’t want them to introduce vulnerabilities to a network where there might also be servers” says Arcopedico’s Information Technology Department Manager, Serafim Couto.
The decisive moment came when Arcopedico was faced with a ‘phishing’ incident introduced by an external email account on the network. Fortunately, it had no impact on the business and was quickly contained, but it made it very clear that there was an urgent need for a change in corporate policy.
Greater Speed and Control
Advised by its hardware partner, Pamafe IT, Arcopedico saw a demonstration of the latest Check Point solutions and concluded the best fit would be Check Point’s high-performance security gateway with R80 software version. To ensure complete threat prevention against both known and unknown and zero-day attacks, Arcopedico chose Check Point SandBlast Zero-day Protection.
Check Point Infinity architecture provides the IT department with a new level of security that they never had access to before. “With Check Point Infinity we are now taking a pre-emptive approach to our IT security. We are preventing cyberattacks from entering the network. Plus, we know that every aspect of our business is covered; networks, cloud and mobile.”
Check Point SandBlast agent provides Arcopedico with added reassurance that the business is prepared for even the most advanced threats. Endpoints are protected using Threat Emulation and Threat Extraction and Anti-Ransomware technology blocks ransomware and automatically reverses any damage caused.
The entire Check Point solution is managed via a single console which gives Arcopedico’s IT department not only great visibility, but also complete control over their network security, which makes managing their security more efficient and simple.
“The R80 security management makes it much easier to manage the network in a more centralized way. The logs monitor allows queries to be run succinctly and rapidly and the reporting function lets us see exactly what threats have been prevented and where,” explains Serafim Couto.
Dynamic Security Policies
The Check Point solution has made it easier to reinforce security policies throughout the business. “We recently had an instance when a user wanted to work from a conference room and have remote access to his area on an RDS server, something that is blocked by our security policy. With Check Point we were able to create a temporary rule allowing him to do this, install the policy and, at the end of the day, remove the rule again. Network policy management has become much more dynamic,” states Serafim Couto.
A Single Pane of Glass
“The centralized R80 management provides an ‘overview’ of the traffic and threats over the network,” says Serafim Couto. “It’s important for us to have a single platform to manage the whole security system at a corporate network level. All services we make available are on a single management platform. This avoids task fragmentation and helps with automation of some tasks. Having a number of applications, each doing one thing, is not the best policy. Thanks to R80, we can manage all the rules for our network in a centralized way.”
Protecting All Devices on the Network
Serafim Couto refers to the case of a visitor who had a mobile phone connected to the ‘guest’ network. Since Check Point Infinity provides shared threat intelligence across all parts of the network, it identified the closest access point, the brand of phone, and that it was infected with a banking Trojan to share data to China. “This is an example of the level of protection that is possible to achieve with Check Point Infinity, which enabled the transmittal of the information to us almost transparently.”