How Check Point Revolutionizes Bot Prevention

Check Point Software Technologies is introducing a new Anti-Bot Software Blade that protects against bots and targeted attacks known as Advance Persistent Threats (APT).

A bot is malicious software that enables cybercriminals to take over computers and execute illegal activities — such as stealing data, gaining access to unauthorized network resources, initiating Denial of Service (DoS) attacks or distributing spam. They are also often used as tools in APTs such as Stuxnet and Operation Aurora.

Check Point’s new Anti-Bot Software Blade helps customers discover bots and prevent damages by blocking communication between infected hosts and remote operators. The new solution will be an option on every Check Point gateway to provide multilayered bot prevention and high traffic performance of over 40Gbps, ensuring all channels of business communication remain secure.

“Bots are remotely controlled, typically disguised and operate without the users’ knowledge. As a result, bots can create a dramatic increase in malware attacks, resulting in significant brand damage, data loss and financial costs to businesses,” said Jason Weber, Senior Security Engineer, Milestone Systems.

“Botnets, such as Zeus and Mariposa, are infamous forms of malware used to execute cybercriminal activities, such as stealing banking information or executing DoS attacks. Unlike these highly publicized botnets, however, most botnets are hard to identify and can proliferate silently without an organization’s knowledge. Cybercriminals today are implementing a variety of stealthy techniques to avoid detection — often disabling antivirus software to hide their presence or leveraging encryption and alternative protocols to masquerade as legitimate traffic. Organizations need new tools to fight these threats.”

Identifying Bots and Assessing Risks

Check Point’s new Anti-Bot Software Blade is designed to stop bots through advanced technology that helps businesses discover, remediate and prevent future threats. The solution features Check Point’s Multitier ThreatSpect, a unique detection engine that analyzes traffic on every gateway, identifies millions of outbreak types and discovers bots by correlating multiple risk factors such as botnet patterns, remote operator hideouts and attack behaviors.

“When a bot is identified, Check Point users will be able to quickly analyze their level of risk through intuitive dashboards that highlight bots and their business implications, such as data loss or an increase in fraudulent spam distribution,” Weber said.

Check Point’s Anti-Bot solution provides administrators with the information they need to investigate infections with extensive forensic capabilities — helping security teams enforce multi-layered protection and accelerate remediation time.”

In addition to Check Point’s advanced discovery technology, the Anti-Bot Software Blade provides customers with multilayered protection on every gateway by integrating with existing security protections, such as intrusion prevention, antivirus and anti-malware, and URL filtering. Businesses benefit from a unified bot prevention solution that delivers high traffic performance of up to 40Gbps.

“Because bots are stealthy in nature and designed to manipulate the user, many companies aren’t aware when a computer is infected and their security team often lacks proper visibility into the threats that botnets create,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “Check Point’s new Anti-Bot Software Blade is a promising offering for organizations looking for a solution that discovers bot infections across multiple layers of the network and can help them analyze their security risks in business terms.”

Key Features of the Anti-Bot Software Blade

• Multitier Bot Discovery — Check Point’s multitier ThreatSpect engine analyzes network traffic through the gateway for inline prevention, correlating multiple risk factors to discover bots. Customers benefit from instant bot intelligence with Check Point’s ThreatCloud, a repository that pushes automatic threat updates to the Anti-Bot Software Blade, making it easy for businesses to enforce protection against the latest generation of threats.

• Preemptive Protection — Helps businesses prevent bot damages by blocking communication between the infected machine and the command and control servers before a cybercriminal can take control of the network.

• Forensics and Reporting — Enables customers to analyze risk through malware reports and dashboards providing infection summaries. Customers have the ability to drill down into specific bot incidents, investigating infections with extensive forensic capabilities to assess potential damage.

• Integrated Prevention — The Anti-Bot Software Blade is designed to easily integrate with customers’ existing security protections, including intrusion prevention that protects against emerging vulnerabilities, antivirus and anti-malware that prevents transfers of malicious viruses, and URL filtering that blocks access to malicious sites. With an integrated, multilayer solution, Check Point helps customers consolidate security while protecting the business against bots across all layers of the network.

• Central Management — Central policy management through the software blade architecture simplifies management complexity with a holistic view of the network.

“Hackers can buy bot toolkits for as little as $500 but attacks can cost businesses millions of dollars,” said Weber. “Because botnets have the potential to infect millions of computers, thousands of companies have already been targets of bots and APTs. It’s an enormous problem, but Check Point’s new Anti-Bot solution addresses bot prevention across all network layers. It empowers customers to quickly discover and block bots before they can threaten the business.”

You’re invited to contact Jason Weber (jason.weber@milestonesystems.com) or anyone at Milestone to discuss a bot defense strategy for your company.