019
CHECK POINT 2013 SECURITY REPORT
02
_ THREATS TO YOUR ORGANIZATION
leverage malware, bots, and other forms of advanced threats,
they often target multiple sites and numerous organizations
to increase the likelihood of attaining success. When
organizations try to address these threats independently,
many attacks are left undetected because there is no effective
channel for corporations to share threat information. To
stay ahead of modern threats, businesses must collaborate
and share threat data. Only by joining forces with other
organizations can corporations strengthen their own system
security.
Intrusion Prevention
Intrusion prevention is a mandatory security layer in the
fight against different cyberattack vectors. An IPS solution
is required for deep traffic inspection in order to prevent
malicious attempts to breach security and gain access to
company assets. An adequate IPS solution will provide the
following capabilities:
Protocol Validation and Anomaly Detection to identify
and prevent traffic that either does not comply with
protocol standards or can create device malfunction/
security issues
Prevent transmission of unknown payloads that can
exploit a specific vulnerability
Prevent excessive communication that can indicate a
Denial of Service (DoS) attack
See the Threat Picture and Take Action
Having a clear understanding of security events and trends
is another key component in countering cybercrime.
Security administrators must have a constant and clear
knowledge of their network security status in order to be
aware of threats and attacks targeting their organizations.
This knowledge requires a security solution that can
provide a high-level overview of the security protection
systems while being able to zero in on critical information
and potential attacks. The solution should also be able to
conduct deep investigations on specific events. The ability
to take immediate actions based on this information is
another essential feature that enables real-time attack
prevention and future threat avoidance. The security
solution must be flexible and intuitively easy to manage
in order to simplify threat analysis and reduce operational
overhead of changes.
Security Updates and Support
In a constantly changing threat environment, defenses
must evolve and remain one step ahead of potential
threats. Security products can only effectively manage the
latest malware, vulnerabilities and exploits if the security
vendor is able to conduct comprehensive research and
provide frequent security updates.
Excellent security service is defined as:
Vendor conducts internal research and obtains data
from multiple sources
Frequent security updates to all relevant technologies
including IPS, anti-virus and anti-bot
Easy and convenient support that can answer questions
and issues pertaining to the customer’s specific system
environment.
