Managed Cloud Security Services Provider, (MCSSP)
ThreatCloud Managed Security Service
As network threats grow in quantity and complexity, your organization needs expert help in continuous monitoring of your network, identifying the most important threats and effectively preventing them. Check Point’s new ThreatCloud™ Managed Security Service combines best-of-breed threat prevention technology with expert threat analysis to prevent attacks on your network, 24 hours a day, seven days a week.
Stop attacks with award-winning technology and expert analysis
Mitigate emerging threats rapidly with award-winning technology and Check Point experts
Block attacks, protect your assets and supervise your network around the clock
Execute clear, actionable alerts against advanced threats and bot activity
Update your protections with ThreatCloud collaborative intelligence
Up-to-date global threat intelligence using a worldwide network of threat sensors
Proactive mitigation of threats based on global threat information
Real-time protection tuning delivered to Check Point gateways
Provide security monitoring, visibility and compliance
24x7 fully-managed or monitoring service, to suit your needs
Access real-time alerts and comprehensive reports via intuitive web portal
Receive real-time push notifications on mobile devices, e-mail and phone
Based on Check Point IPS gateways (no additional products required)
Award-winning Check Point Technology
IPS, Anti-Bot and Antivirus Software Blades defend your network against both external and internal (bot) threats.
The IPS Software Blade provides industry-leading IPS protection with breakthrough performance. This full-featured IPS solution provides real-time and preemptive protection against emerging threats and vulnerabilities.
The Anti-Bot Software Blade detects infected hosts on your network with its unique multi-tier ThreatSpect™ engine. Receiving up-to-the-minute bot intelligence from the ThreatCloud knowledge base, it combines information on remote operator hideouts, botnet communication patterns and attack behavior to accurately identify bot outbreaks. It also prevents damage by blocking bot communication between infected hosts and the botnet’s command and control centers.
The Antivirus Software Blade uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the gateway, before users are affected.
Multiple Service Levels
You can choose a service level that fits your needs:
Monitoring & Alert Service (Standard and Premium) – The Standard level provides automated IPS log analysis and provides alerts to you when a significant event is detected. The Premium level adds the benefit of a Check Point analyst reviewing all alerts in order to determine if immediate action is required; if this occurs, a ticket is generated (see below). Both levels have the option of adding the Threat Prevention feature, which includes Anti-Bot and Antivirus log analysis.
Fully-Managed Threat Prevention Service (Elite) – Includes a dedicated Check Point security appliance, premium support including on-site replacement, licenses for the IPS, Anti-Bot, and Antivirus Software Blades, and remote management of the appliance.
ThreatCloud™ Real-time Security Intelligence Feeds
ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real time.
ThreatCloud’s knowledge base is dynamically updated using feeds from a network of global threat sensors, attack information from gateways around the world, Check Point research labs and the industry’s best malware feeds. Based on the resulting security intelligence, updated protections and signatures are created and transmitted to your Check Point gateway. In addition, correlated security threat information is available in your web-based Service Portal so that you can maintain a regional and global perspective of current threats.
What ever your need is or solution we have you covered!
NIST Cyber Security Framework Core
The Core is a set of desired cybersecurity activities and outcomes organized into Categories and aligned to Informative References. The Framework Core is designed to be intuitive and to act as a translation layer to enable communication between multi-disciplinary teams by using simplistic and non-technical language. The Core consists of three parts: Functions, Categories, and Subcategories. The Core includes five high level functions: Identify, Protect, Detect, Respond, and Recover. These 5 functions are not only applicable to cybersecurity risk management, but also to risk management at large. The next level down is the 23 Categories that are split across the five Functions. The image below depicts the Framework Core's Functions and Categories.
The Categories were designed to cover the breadth of cybersecurity objectives for an organization, while not being overly detailed. It covers topics across cyber, physical, and personnel, with a focus on business outcomes.
Subcategories are the deepest level of abstraction in the Core. There are 108 Subcategories, which are outcome-driven statements that provide considerations for creating or improving a cybersecurity program. Because the Framework is outcome driven and does not mandate how an organization must achieve those outcomes, it enables risk-based implementations that are customized to the organization's needs.
The five Subcategories pictured from the Business Environment Category (ID.BE) provide an example of the outcome focused statements that are found throughout the core. The column to the right, Informative References support the Core by providing broad references that are more technical than the Framework itself. Organizations may wish to use some, none, or all of these references to inform the activities to undertake to achieve the outcome described in the Subcategory.