Overview:
Product Benefits
- Complete protection from known and unknown threats for cloud-based email environments
- Best catch rate of unknown threats and zero-day malware
- Rapid reconstruction of files for immediate access to safe content
- Ensures email continuity to maintain full user and business productivity
- Consistent and intuitive user experience
- Easy to deploy and manage
- Seamless integration with existing infrastructure
Product Features
- Includes multiple layers of defenses: Antivirus, URL reputation, Threat Emulation, Threat Extraction
- Deep malware inspection at the CPU-level, where exploits cannot hide
- Inspects broad range of documents and common file-types
- Removes active content and other exploitable content from documents
- API-level integration ensures email continuity
- Full visibility and policy customization through cloud-based management porta
- Pure cloud solution – makes it easy to get up and running quickly
Insights
The increasing adoption of cloud email tools such as Microsoft Office 365™ enables businesses to efficiently communicate and collaborate, without investing resources in managing and maintaining their own dedicated IT infrastructure. However, the shift to cloud-based tools also brings with it an array of security risks, including susceptibility to sophisticated attacks such as ransomware and spear-phishing which use email as a primary entry point.
Traditional security solutions such as Antivirus that protect against known threats are an essential part of a comprehensive security plan, but are no longer enough on their own. With hackers constantly modifying their strategies and techniques to remain elusive and achieve their goals, it’s become critical for organizations to stay one step ahead of unknown malware and zero-day attacks, regardless of their environment.
So how can organizations ensure a balance between leveraging the benefits of deploying cloud-based email, while maintaining robust protection against modern malware?
Solution
Check Point SandBlast™ Cloud leverages the full capabilities of SandBlast Zero-Day Protection to bring best-in-class proactive protection from known threats, unknown malware and zero-day attacks to Office 365 users. With multiple layers of defenses, transparently applied to all incoming content, SandBlast Cloud keeps malware from ever reaching users. Antivirus and URL Reputation protections within SandBlast Cloud leverage real-time intelligence from the ThreatCloud database to secure against the latest threats from known sources.
Advanced threat protection capabilities, including Threat Emulation and Threat Extraction elevate defenses against zero-day and unknown malware for cloud-based email users. Threat Emulation sandboxing performs deep CPU-level inspection, stopping even the most dangerous attacks before malware has an opportunity to deploy and evade detection. Threat Extraction complements Threat Emulation by ensuring quick delivery of safe content to your users through the elimination of exploitable content and reconstruction of files with only known safe elements.
SandBlast Cloud utilizes Microsoft APIs for deep integration, allowing a transparent user experience while ensuring full email continuity.
Check Point SandBlast Cloud – a simple, seamless and complete advanced threat protection solution for Office 365 email environments
Features:
Industry-leading security for Office 365 cloud email
SandBlast Cloud provides industry-leading Check Point security protections to organizations using Microsoft Office 365 cloud-based email. This comprehensive solution blocks known threats using tools like Antivirus and URL Reputation to secure users from the latest malicious files and infested websites. Using Threat Emulation and Threat Extraction, SandBlast Cloud brings the highest catch rate and proactive protection from unknown attacks to cloud-based email.
Identify and prevent more malware
The Threat Emulation sandboxing engine within SandBlast Cloud intercepts and filters inbound files, including any files originating from URLs within emails by running them in a virtual environment. File behavior is inspected simultaneously across multiple operating systems and versions. Files engaging in suspicious activity commonly associated with malware, such as modifying the registry, network connections, and new file creation are flagged and further analyzed. Malicious files are prevented from reaching users.
Evasion resistant detection using cutting edge CPU-level technology
Unlike other solutions, the sandboxing technology used within Check Point SandBlast Cloud uses a unique technology that does inspection at the CPU-level to stop attacks before they have a chance to launch.
There are thousands of vulnerabilities and millions of malware implementations, but there are very few methods that cyber criminals utilize to exploit vulnerabilities. The Threat Emulation engine monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls.
By detecting exploit attempts during the pre-infection stage, the Threat Emulation engine stops attacks before they have a chance to evade detection by the sandbox.
Detailed reports for full visibility into security threats
A detailed report is generated for each file emulated and found to be malicious. The easy to understand report includes file details and information about any abnormal activity or malicious attempts originated by running the file. The report provides actual screenshots of the environment while running the file for any operating system on which it was simulated.
Threatcloud™ intelligence ecosystem
Newly discovered threats are sent to the ThreatCloud intelligence database. Each newly discovered threat signature is distributed across the ThreatCloud ecosystem to protect other Check Point connected gateways. This enables connected gateways to block the new threat before it has a chance to become widespread. Constant collaboration makes ThreatCloud the most advanced and up-to-date threat Intelligence network available.
Prompt delivery of safe content to end-users
When it comes to threat protection for cloud-based environments, it doesn’t have to be a trade-off between speed, coverage and accuracy. Unlike other solutions, Check Point SandBlast Cloud can be deployed in detect and prevent mode, while still delivering emails to end-users promptly.
The Threat Extraction component within SandBlast Cloud immediately eliminates any potential threats transported through files by removing risky content such as macros or embedded scripts and then reconstructs the document using only known safe elements.
Unlike detection technologies that require time to analyze and identify threats before blocking them, Threat Extraction preemptively eliminates risk, ensuring prompt delivery of safe documents to end-users.
Transparent user experience
All content is analyzed in the cloud before it is delivered to the user’s inbox, ensuring that end-users have a consistent experience without the need for any additional actions or complexity.
In formats that have undergone Threat Extraction, a link provides the user with self-service ability to download the original after emulation is complete.
Protects most common file types
SandBlast Cloud protects a wide range of the most common document types used in organizations today, from Microsoft Office Word, Excel, Power Point, and Adobe PDFs to Archive files.
Easy to deploy and manage
As organizations adopt Office 365 cloud-based email, they require a solution that seamlessly integrates with their existing infrastructure. Check Point SandBlast Cloud has an API-level integration with Microsoft Office 365, enabling it to be implemented as a complete cloud solution that won’t interfere with your email delivery, or require any on-premise hardware.
The cloud-based management portal within the SandBlast Cloud solution provides full visibility into security events at the endpoint, network and for cloud-email. Security Administrators can also customize policy configurations and monitoring – all using our simple cloud-based management portal.