Check Point IPS Software Blade

The created based on Software Blade Architecture™ technology, service blade of IPS Software Blade provides a set of the integrated means of protecting from the attacks on multigigabit data transfer rates and also a possibility of prevention of threats from harmful or undesirable network traffic. The products Check Point IPS are supported by the services Check Point providing permanent updating of a signature and making recommendations about a configuration of means of protecting and security policy.

NSS Labs is recommended

In January, 2011 Check Point Software Technologies announced completion of testing of the systems of prevention of cracking which was held by the NSS Labs group. The product Check Point showed excellent results, having reached a performance indicator of 97.3%, than deserved assessment "NSS Labs Is recommended". When testing performance in actual practice working capacity of Check Point IPS Software Blade made 2.4 Gbps. Such unprecedented result for solutions in the field of the integrated protection against cracking allowed NSS to call Check Point company the leader in the field of information system protection from unauthorized access.

The NSS Labs company is known that it creates the most complete programs of independent testing of the systems of prevention of cracking in the industry, executing researches in actual practice and making analytical reports for the enterprises, government agencies and the organizations of any level. According to the provided report, "Check Point perfectly coped with a problem of integration of security policy into work of a hardware platform. Actuating of IPS Software Blade is possible, and setup of its operation mode was intuitive and effective". The NSS Labs company tested the solution Check Point IPS Software Blade, having used the list from 1179 working exploits at a broad set of types of traffic, volumes of payload and protocols. The complete report for Check Point IPS Software Blade contains the following additional characteristics:

• Complete and anticipatory protection – after thin setup 97.3% of the target attacks and 1100 different exploits are blocked
• Exclusive performance – when using the hardware solution of Check Point Power-1 the indicators, best in the industry, for integrated solutions on protection against cracking at capacity of 2.4 Gbps are received
• 100% protection against attempts to hide actions of malefactors – the 100% resistance to attempts to deceive or confuse the system of protection against cracking
• The lowest total cost of ownership – the ratio of performance, best in the industry, and the prices making $13 for 1 Mbps of the protected traffic

2014: Updating of IPS before vulnerability of Shellshock

On October 6, 2014 the Check Point Software Technologies Ltd company announced renovation of the IPS system for protection against vulnerability of GNU Bourne Again Shell (Bash) of 'Shellshock'.

Bagh who received the name "Shellshock" (or "Bashdoor"), is detected by information security specialists in a command cover of Bash used in the Unix operating system and others, developed on its basis. With the help of this vulnerability malefactors can control the personal computers, servers, routers, the industrial systems and any devices connected with Internet of Things.

The command of a computer security of the USA on response to incidents (US-CERT) noted: "Critical vulnerability is detected in GNU Bourne Again Shell (Bash), a typical cover of the command line used in the majority LinuxUNIX of operating systems Apple Mac OS X. It allows attacking far off to start commands in the console when using the malicious code connected with variables of the operating system.

According to the statement of the management of the company, Check Point released security update from invasions which detects and blocks attempts of use of vulnerability of Shellshock. The company recommends to all customers - to update immediately protection to ensure safety of the networks as Shellshock does unprotected a set of systems worldwide and much more dangerously, than any other network vulnerability.