终端防护
和威胁防护

如今的无边界网络正在重新定义终端防护。随着各种终端随意访问网络，它们正在存储敏感的企业数据。因为 70% 的成功数据泄露始于终端，¹ 因此，终端安全防护方式可帮助阻止网络攻击。SandBlast Agent 是保护贵组织的高级终端防护和威胁防护解决方案。

WATCH THE VIDEO

¹ “Cybercrime: The Credential Connection,” IDC

Webinar: "Endpoints at the Edge: The Stakes are Rising

WATCH REPLAY

创新型威胁防护技术

Uses static, dynamic, and behavioral detection and prevention technologies with advanced artificial intelligence to provide high catch rates and low false positives

见解深入的检测和响应

Assures continuous collection of comprehensive and complete raw forensics data, employing full attack remediation capabilities

完整的终端安全解决方案

Integrates into Check Point Infinity to get maximum prevention across all attack surfaces, shared intelligence, and a single point of management (cloud service or on premise)

SandBlast Agent 被 NSS 评定为“推荐”评级

这标志着我们自 2010 年起获得了第 18 个整体 NSS 推荐评级。

高级终端保护 (AEP) 测试重点：

100% HTTP 拦截率
100% 电子邮件拦截率
100% 离线威胁拦截率
100% 躲避拦截率
0% 误报

主要产品优势

成熟的终端功能，可防御已知和未知的网络攻击
行业最佳做法，提升终端安全，可对抗具有针对性和隐蔽性的攻击
高捕获率和低误报，确保高效的安全效能和有效防护
自动取证数据分析，提供有关威胁的详细洞察
全面攻击防护和修复，快速恢复任何受感染的系统

SandBlast Agent 功能

SandBlast Agent 是一个完整的终端安全解决方案，提供一系列的高级终端威胁防护功能，可令您在当今凶险的威胁环境下保持安全。

它提供一个综合系统，可主动防御、检测并修复善于躲避的恶意软件攻击。

Threat Emulation

Evasion-resistant sandbox technology detects malicious behavior and prevents potential attacks

Threat Extraction

Reconstructs downloaded files, delivering clean, risk-free files to users in real time

Anti-Exploit

Protects and prevents vulnerable applications and systems from exploit attacks

Anti-Bot

Detects, contains, and remediates infected hosts

Zero-Phishing

Blocks deceptive phishing sites and alerts on password reuse in real time

Behavioral Guard

Prevents, detects, and remediates even the most evasive attacks

Anti-Ransomware

Detects and quarantines the most evasive ransomware variants

Forensics

Records and analyzes all endpoint events to provide actionable attack forensic report

其他功能

Anti-Malware

Protects endpoints from known viruses, worms, and Trojan horse malware and it serves as the baseline endpoint threat prevention engine against known attacks using signature and heuristics.

Full Disk Encryption

Combines pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops.

Media Encryption and Port Protection

Protects data stored on the computers by encrypting removable media devices and allowing tight control over computers’ ports (USB, Bluetooth, and so on).

Remote Access VPN

Provides secure, seamless, and remote access to corporate networks.

Firewall and Compliance Check

Stops unwanted traffic, prevents malware, and blocks targeted attacks, ensuring protected computers comply with security requirements; assigns different security levels according to the compliance state of the endpoint computer.

Cloud Management or On-premise

SandBlast Agent offers unified, scalable, and granular management available as a cloud service or installed on your premise.

Unified – Manage all your endpoint security needs from a single console
Scalable – Use one management infrastructure to manage your endpoints, from a few to hundreds of thousand devices
Granular – Choose the management granularity that fits your needs. Relay product best practices based on defaults; go deeper by configuring everything on your system, or anywhere in between

SandBlast Agent cloud management service is fully deployed,maintained, and optimized by Check Point enabling rapid deployment, elastic growth, constant server updates and location independent.

SandBlast Agent 选择和规格

Features	Data Protection	Basic	Advanced	Complete	Unified Endpoint Security Advanced	Unified Endpoint Security Complete
Deployment
Agent	✓	✓	✓	✓	✓	✓
Browser Extension		✓	✓	✓	✓	✓
Mobile App					✓	✓
Reduce Attack Surface
Endpoint Firewall	✓	✓	✓	✓	✓	✓
Application Control	✓	✓	✓	✓	✓
Endpoint Compliance	✓	✓	✓	✓	✓	✓
Port Protection (Peripheral control)	✓	✓	✓	✓	✓	✓
Remote Access VPN	✓	✓	✓	✓	✓	✓
Data Protection: Full disk and removable storage encryption	✓			✓		✓
Prevent Attacks Before They Run
Endpoint Anti-Virus: Known signatures, heuristics		✓	✓	✓	✓	✓
Static Analysis: Machine learning-based prevention		✓	✓	✓	✓	✓
Anti-Exploit		✓	✓	✓	✓	✓
Zero-Phishing: Anti-phishing, credentials reuse prevention		✓	✓	✓	✓	✓
Threat Emulation (SandBox)			✓	✓	✓	✓
Threat Extraction (Document sanitization)			✓	✓	✓	✓
Runtime Detection and Protection
Anti-Ransomware		✓	✓	✓	✓	✓
Behavioral Guard: Mutations of known malware, generic unknown malware		✓	✓	✓	✓	✓
Behavioral Guard: File-less attacks		✓	✓	✓	✓	✓
Anti-Bot: Malicious Command and Control (C&C) traffic detection		✓	✓	✓	✓	✓
Anti-Evasion: Evasion techniques detection		✓	✓	✓	✓	✓
Contain and Remediate
Block traffic to Command and Control (C&C) servers		✓	✓	✓	✓	✓
Lateral movement prevention and infected machine isolation		✓	✓	✓	✓	✓
Process termination and file quarantine		✓	✓	✓	✓	✓
Encrypted file restoration		✓	✓	✓	✓	✓
Full attack chain sterilization		✓	✓	✓	✓	✓
Attack Investigation and Response (EDR)
Forensics collection		✓	✓	✓	✓	✓
Automated event forensics analysis report		✓	✓	✓	✓	✓
Threat hunting		✓	✓	✓	✓	✓
Multi-surface attack immunization (IoC and IoA sharing)		✓	✓	✓	✓	✓
Cloud Management	✓	✓	✓	✓	✓	✓
SandBlast Mobile (iOS and Android threat prevention)					✓	✓