Hi all
I would like to share with you the latest document we created.
The Goal of this document is to focus on enabling Threat Emulation in organizations that purchased the NGTX
package, but have not activated the service.
In this document we will recommend activating the service using Background mode in detect mode. This will provide
higher level of visibility, little to no change to the environment and won’t risk or effect critical business processes.
Traditional Signature based solutions such as: Anti-Virus and IPS focus only on known Malware and known
vulnerabilities. With hundreds of new forms of malware hitting every hour, how do you protect against what you
don’t know?
Check point SandBlast Zero-day solution employs Threat Emulation (SandBox) capabilities to elevate network
security to the next level with evasion resistant malware detection, and comprehensive protection from the most
dangerous attacks.
Threat Emulation uses Checkpoint’s proprietary and unique CPU-level inspection, stopping even the most dangerous
attacks before malware has an opportunity to deploy and evade detection. SandBlast Threat Emulation uses OSlevel
inspection to examine a broad range of file types, including executables and data files.
With its unique inspection capabilities, SandBlast Threat Emulation delivers the best possible catch rate for threats,
and is resistant to attackers’ evasion techniques.
The NGTX package adds Check Point’s SandBlast Zero-Day Protection capabilities to your existing check point
gateway. Organizations will benefit from this innovative zero-day threat sandboxing capability, within the SandBlast
solution.
Happy activation!!