Cooperative Enforcement Solution

Cooperative Enforcement works with Check Point Endpoint Security Management Servers. This feature utilizes the Endpoint Security Management Server compliance function to make sure connections that come from different hosts across the internal network.

Endpoint Security Management Server is a centrally managed, multi-layered endpoint security solution that employs policy based security enforcement for internal and remote PCs. The Endpoint Security Management Server mitigates the risk of hackers, worms, spyware, and other security threats.

Features such as policy templates and application privilege controls enable administrators to easily develop, manage, and enforce Cooperative Enforcement.

With Cooperative Enforcement, a host that initiates a connection through a gateway is tested for compliance. This increases the integrity of the network because it prevents hosts with malicious software components to access the network.

Cooperative Enforcement acts as a middle-man between hosts managed by an Endpoint Security Management Server and the Endpoint Security Management Server itself. It relies on the Endpoint Security Management Server compliance feature. It defines if a host is secure and can block connections that do not meet the defined prerequisites of software components.

1. The Endpoint Security client (A) in the internal network (B) opens a connection to the internet (C) through a Security Gateway (D).
2. Cooperative Enforcement starts to work on the first server's reply to the client.
3. The Security Gateway sees the client's compliance in its tables and queries the Endpoint Security server (E).
4. When a reply is received, a connection from a compliant host to the internet is allowed.

   If the client is non-compliant and Cooperative Enforcement is not in Monitor-only mode, the connection is closed.