Web & Files Protection
This category includes URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF., Download (web) Emulation & Extraction, Credential Protection and Files Protection.
URL Filtering
URL Filtering rules define which sites can be accessed from within your organization. You select these sites in the Categories and Blacklisting sections, and define the mode in which the rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. operates.
When you select a category of sites, the URL Filtering rule applies to all sites in the selected category.
In Blacklisting, you enter the names of specific domains, IP addresses or sites.
|
Notes:
|
There are three configuration modes for the URL Filtering protection:
-
Prevent - Currently supported only in Hold mode. The request to enter a site is suspended until a verdict regarding the site is received.
-
Unclassified URLs - URLs that the service has no verdict about. Unclassified URLs are allowed by default. To change this configuration to Block, contact Check Point Support.
-
Ask - This option is selected by default. This lets you access a site determined as malicious, if you think that the verdict is wrong.
-
-
Detect - Allows an access if a site is determined as malicious, but logs the traffic.
-
Off
|
Note: SmartEndpoint |
Download (Web) Emulation & Extraction
Harmony Endpoint browser protects against malicious files that you download to your device. The Harmony Endpoint Browser extension is supported on Google Chrome. Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. detects zero-day and unknown attacks. Files on the Endpoint device are sent to a sandbox for emulation to detect evasive zero-day attacks. Threat Extraction
Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX. proactively protects users from malicious content. It quickly delivers safe files while the original files are inspected for potential threats.

-
Extract & Prevent - Send files for emulation and Extraction. You can select to:
-
Get extracted copy before emulation completes - While a file is tested, receive a copy of the file with all suspicious parts removed or receive the file in a PDF format. If the file is not malicious, users receive the original file when the emulation is finished. Emulation can take up to two minutes.
-
Suspend download until emulation completes
-
-
Detect - Emulate original file without suspending access to the file and log the incident.
-
Off - Allow file
Credential Protection
This protection includes two components:
-
Zero Phishing - Phishing prevention checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.
There are three configuration options for this protection: Prevent, Detect and Off. -
Password reuse protection alerts users not to use their corporate password in non-corporate domains.
There are three configuration options for this protection: Detect & Alert, Detect and Off.
Files Protection
This protection includes two components:
-
Anti-Malware - Protection of your network from all kinds of malware threats, ranging from worms and Trojans to adware and keystroke loggers. Use Anti-Malware
A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers. to manage the detection and treatment of malware on your endpoint computers.
There are two configuration options for this protection:
-
Prevent - Prevents your files from malware threats.
-
Off - No protection from malware.
Note - Starting from E83.20 Endpoint Security client, Check Point has certified the E2 client version (the Anti-Malware engine is based on Sophos as opposed to Kaspersky) for Cloud deployments.
-
-
Files Threat Emulation - Emulation on files on the system.