Description
In this Checkpoint Threat Prevention course, we would learn how to protect the network using Checkpoint's Firewall. CheckPoint's Threat Prevention solution offers a multi-layered, pre-infection and post-infection defense approach and a consolidated platform that enables enterprise security to detect and block modern malware. In this course, we would learn how to configure the following blades: Application Control, URL Filtering, Anti-bot, Antivirus, IPS, Data Loss Prevention, Content Awareness, Threat Emulation, Threat Extraction and Infinity Threat Prevention. Topics Include: * Anti-bot * Antivirus * IPS * Threat Emulation * Threat Extraction * Infinity Threat Prevention * Data Loss Prevention* Content Awareness * Application Control * URL Filtering Each Software Blade gives unique network protections. When combined, they supply a strong Threat Prevention solution. Data from malicious attacks are shared between the Threat Prevention Software Blades and help to keep your network safe. IPS: A complete IPS cyber security solution, for comprehensive protection against malicious and unwanted network traffic, which focuses on application and server vulnerabilities, as well as in-the-wild attacks by exploit kits and malicious attackers. Anti-Bot: Post-infection detection of bots on hosts. Prevents bot damages by blocking bot C & C (Command and Control) communications. The Anti-Bot Software Blade is continuously updated from ThreatCloud, a collaborative network to fight cybercrime. Anti-Bot discovers infections by correlating multiple detection methods. Antivirus: Pre-infection detection and blocking of malware at the gateway. The Anti-Virus Software Blade is continuously updated from ThreatCloud. It detects and blocks malware by correlating multiple detection engines before users are affected. Threat Emulation: This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network. The Emulation service reports to the ThreatCloud and automatically shares the newly identified threat information with other customers. Threat Extraction: Protection against incoming malicious content. The extraction capability removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow. To remove possible threats, the blade creates a safe copy of the file, while the inspects the original file for potential threats.
