Check Point Endpoint Security: Quick Solution Overview

Checkpoint Endpoint Security Solutions

Checkpoint EDR: Harmony Endpoint

Harmony Endpoint offers comprehensive endpoint security to help organizations secure their remote workforce. It can prevent major endpoint threats like ransomware and drive-by malware attacks. It provides automated endpoint detection and response to minimize the impact of breaches.

Harmony Endpoint capabilities include:

• Malware protection—blocks web-based malware from reaching endpoints. It protects against malware-based and file-less attacks at runtime using Endpoint Behavioral Guard to block and remediate threats. It filters email attachments and downloaded files using the Threat Emulation sandbox.
• Ransomware protection—uses Anti-Ransomware to identify and automatically respond to ransomware. It maintains a local security vault to enable full data restoration.
• Phishing protection—use anti-phishing technology to identify and block known and unknown phishing sites.
• Threat hunting—uses threat intelligence from the global ThreatCloud sensor network. It allows organizations to identify suspicious behavior using predefined or custom queries.
• Forensic reporting—automatically generates detailed reports, providing visibility into compromised assets and attack vectors. It monitors endpoint activity and records events for diagnostic and investigative purposes.

Checkpoint Mobile: Harmony Mobile

Harmony Mobile protects organizations from mobile threats and various attack vectors. Mobile security is essential when remote workers access sensitive systems and data via mobile devices. Organizations can use the zero-touch deployment to extend security to remote devices, providing end-to-end mobile threat protection while maintaining user privacy.

Harmony Mobile prevents malware from infiltrating employees’ devices by detecting and blocking the download of malicious apps in real-time. Checkpoint’s Behavioral Risk Engine inspects applications by running them in a cloud environment and AI-based analysis to identify malicious elements.

Harmony Mobile’s capabilities include:

• Access control—maintains conditional access, blocking infected devices attempting to access protected data or applications.
• Browser security—blocks browsers from accessing malicious sites based on ThreatCloud intelligence.
• Anti-phishing—blocks phishing attacks from known and unknown sites.
• Anti-bot protection—identifies and blocks bot-infected devices.
• URL filtering—allows or blocks browser access to inappropriate websites based on the company’s security policies.
• DNS filtering—lets administrators manage the DNS preferences of all mobile devices to protect user privacy and prevent DNS spoofing.
• Network protection—identifies and disables malicious network activity and indicators of compromise to prevent Man-in-the-Middle (MitM) attacks.

Related content: Read our guide to endpoint security management.

Checkpoint Capsule Mobile Secure Workspace

Check Point Capsule Workspace helps protect and manage enterprise applications and data on various devices and operating systems, including Android and iOS. It eliminates the need to manage mobile device management (MDM) profiles, simplifying the security of mobile and including ‘bring your own device’ (BYOD) environments.

Once deployed, Capsule Workspace creates an AES256-bit encrypted container for applications and data. This container enables organizations to be in control of sensitive information. Capsule Workspace does not touch personal applications, content, and media existing on devices to help improve end-user adoption.

Here are key benefits of Capsule Workspace:

• Access – provides a native experience and one-touch access to the applications employees need to use on the go.
• Integration – supports Microsoft Exchange Server and Office 365 email, contacts, and calendar.
• Security – includes secure document access and instant messaging.

Here are key security features Capsule Workspace provides to protect mobile data:

• Strong authentication – provides various authentication mechanisms, including Active Directory, RADIUS, RSA SecureID, and LDAP, to secure access to enterprise applications and data.
• Data security – enables organizations to set a specific expiration timeframe for data stored on devices to limit the amount of locally-accessible data. It also ensures organizations can safely wipe their data from stolen or lost devices.
• Security risks – protects organizations from man-in-the-middle (MITM) attacks and various security risks introduced when a user jailbreaks or roots a device. Once Capsule Workspace detects these risks, it blocks access to the container, its internal resources, and applications protected by Capsule Workspace app wrapping.
• Threat prevention – offers extended security by integrating with Check Point Mobile Threat Prevention. It is an additional product that provides advanced mobile threat detection and mitigation.

Checkpoint Remote Access VPN

Check Point Remote Access VPN helps secure remote access to corporate networks and resources. It protects remote work and maintains the integrity and privacy of sensitive information using various capabilities, including strong multi-factor authentication (MFA), encryption for data in transit, and endpoint system compliance scanning.

Here are key features of Check Point Remote Access VPN:

• Compliance scanning—Check Point Remote Access VPN employs endpoint compliance to verify the security level of an endpoint. After verification, it reports to a Security Gateway that permits connectivity to certain network resources according to compliance level.
• Central management—Check Point Remote Access VPN provides a user-friendly console that centralizes management. It offers centralized control over logging and security policies enforcement and administration.
• Mobile access option—Check Point Remote Access VPN offers a Web Portal that establishes secure connectivity with corporate resources. It enables users to use a web browser to access native corporate applications, such as shared files, email accounts, and web-based resources. It allows administrators to customize the web portal’s design to match the corporate brand identity.

Check Point Managed Detection and Response (MDR)

Check Point Managed Detection and Response (MDR) is a service that provides 24x7x365 threat monitoring, detection, investigation, hunting, response, and remediation. The service helps protect your entire infrastructure, including the network level, endpoints, and email, using AI-based analytics tools and advanced threat intelligence.

Here are key features of Check Point Infinity MDR:

• 24x7x365 availability—the service employs top analysts to provide 24x7x365 threat detection, prevention, response, and proactive hunting.
• Threat intelligence—the service aggregates big data from millions of sensors worldwide and employs AI engines for threat intelligence.
• Web portal—the service provides a user-friendly web portal offering transparency to service activity. It displays detailed views of all information, including threat analysis, security recommendations, and incidents.
• Integration—the service offers simple integration with your existing security ecosystem, allowing you to connect with SIEM and SOAR platforms.

Related content: Read our guide to MDR security.

Endpoint Protection—Prevention, Detection and Protection with Cynet 360 AutoXDR™

Cynet 360 AutoXDR™ is a security platform that provides an Endpoint Protection Platform (EPP), including a Next-Generation Antivirus (NGAV) , advanced EDR security capabilities, a device firewall, and automated incident response including managed incident response services. Beyond endpoint protection, Cynet 360 AutoXDR™ protects other elements of your corporate network, via network analytics , User and Event Behavioral Analytics (UEBA) and deception technology .

Cynet’s platform includes:

• NGAV—blocks malware, exploits, LOLBins, Macros, malicious scripts, and other known and unknown malicious payloads.
• Zero-day protection—uses User and Entity Behavior Analytics (UEBA) to detect suspicious activity and block unknown threats.
• Monitoring and control—asset management, endpoint vulnerability assessments and application control, with auditing, logging and monitoring.
• Response orchestration—automated playbooks and remote manual action for remediating endpoints, networks and user accounts affected by an attack.
• Deception technology—lures attackers to a supposedly vulnerable honeypot, mitigating damage and gathering useful intelligence about attack techniques.
• Network analytics—identifying lateral movement, suspicious connections and unusual logins.

Learn more about the Cynet 360 AutoXDR™ security platform.