Dramatic growth in the use of cloud-based email for the enterprise brings with it an array of security risks, including susceptibility to sophisticated attacks such as ransomware and APTs which use email as a primary entry point. Check Point SandBlast™ Cloud provides industry-leading security for Microsoft Office 365™ email to prevent known threats and unknown malware from reaching end-users.
Complete protection for cloud-based email environments from known and unknown threats
Fast and transparent user experience
Easy to deploy and manage
SandBlast Cloud provides industry-leading Check Point security protections to organizations using Microsoft Office 365 cloud-based email. This comprehensive solution blocks known threats using tools like Antivirus and URL Reputation to secure users from the latest malicious files and infested websites. Using Threat Emulation and Threat Extraction, SandBlast Cloud brings the highest catch rate and proactive protection from unknown attacks to cloud-based email.
The Threat Emulation sandboxing engine within SandBlast Cloud intercepts and filters inbound files, including any files originating from URLs within emails by running them in a virtual environment. File behavior is inspected simultaneously across multiple operating systems and versions. Files engaging in suspicious activity commonly associated with malware, such as modifying the registry, network connections, and new file creation are flagged and further analyzed. Malicious files are prevented from reaching users.
Unlike other solutions, the sandboxing technology used within Check Point SandBlast Cloud uses a unique technology that does inspection at the CPU-level to stop attacks before they have a chance to launch.
There are thousands of vulnerabilities and millions of malware implementations, but there are very few methods that cyber criminals utilize to exploit vulnerabilities. The Threat Emulation engine monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls.
By detecting exploit attempts during the pre-infection stage, the Threat Emulation engine stops attacks before they have a chance to evade detection by the sandbox.
A detailed report is generated for each file emulated and found to be malicious. The easy to understand report includes file details and information about any abnormal activity or malicious attempts originated by running the file. The report provides actual screenshots of the environment while running the file for any operating system on which it was simulated.
Newly discovered threats are sent to the ThreatCloud intelligence database. Each newly discovered threat signature is distributed across the ThreatCloud ecosystem to protect other Check Point connected gateways. This enables connected gateways to block the new threat before it has a chance to become widespread. Constant collaboration makes ThreatCloud the most advanced and up-to-date threat Intelligence network available.
When it comes to threat protection for cloud-based environments, it doesn’t have to be a trade-off between speed, coverage and accuracy. Unlike other solutions, Check Point SandBlast Cloud can be deployed in detect and prevent mode, while still delivering emails to end-users promptly.
The Threat Extraction component within SandBlast Cloud immediately eliminates any potential threats transported through files by removing risky content such as macros or embedded scripts and then reconstructs the document using only known safe elements.
Unlike detection technologies that require time to analyze and identify threats before blocking them, Threat Extraction preemptively eliminates risk, ensuring prompt delivery of safe documents to end-users.
All content is analyzed in the cloud before it is delivered to the user’s inbox, ensuring that end-users have a consistent experience without the need for any additional actions or complexity.
In formats that have undergone Threat Extraction, a link provides the user with self-service ability to download the original after emulation is complete.
SandBlast Cloud protects a wide range of the most common document types used in organizations today, from Microsoft Office Word, Excel, Power Point, and Adobe PDFs to Archive files.
As organizations adopt Office 365 cloud-based email, they require a solution that seamlessly integrates with their existing infrastructure. Check Point SandBlast Cloud has an API-level integration with Microsoft Office 365, enabling it to be implemented as a complete cloud solution that won’t interfere with your email delivery, or require any on-premise hardware.
The cloud-based management portal within the SandBlast Cloud solution provides full visibility into security events at the endpoint, network and for cloud-email. Security Administrators can also customize policy configurations and monitoring – all using our simple cloud-based management portal.
|ZERO-DAY PROTECTION for MICROSOFT OFFICE 365™ EMAIL|
|Attachments||Threat Emulation with CPU-Level Detection||Dynamic file analysis discovers malicious behavior and prevents infection from new malware and targeted attacks|
|Threat Extraction||Reconstructs incoming files, eliminating potential threats and promptly delivering a safe version to users|
|Antivirus||Signature-based malware detection powered by the Check Point ThreatCloud™.|
* coming soon
|Files directly originating from URLs (….com/test.doc) will be scanned by Threat Emulation|
|URL Reputation||Signature-based URL anlaysis powered by the Check Point ThreatCloud™|
|Supported File Types||Over 40 file types, including: Adobe PDF, Microsoft Office, EXE, files in archives, Flash, Java Applets, and PIF|
|Supported Emulation Environments||Microsoft Windows XP, 7, 8, 10; Microsoft Office; Adobe Reader|
|Supported File Types||Microsoft Office 2003-2016, Adobe PDF|
|100% Cloud-based solution, powered by a native Microsoft API|
|Dedicated web portal for setup, management and visibility|
|Advanced monitoring capabilities provide valuable insight into security events|
|Optional integration with on-premises Check Point Management|