Check Point Cooks Up Technology That Battles Botnets


Check Point Software Technologies says it has developed an effective technology for dealing with the scourge of botnets, which have evolved from their origins in spam-slinging into key enablers for Advanced Persistent Threats (APTs).

Check Point's new Anti-Bot Software Blade, unveiled Wednesday and slated for launch in the first quarter of 2012, identifies bots on the network side as opposed to the endpoint. It stops bots from communicating with their command-and-control centers and keeps them from wreaking havoc on the network, Check Point President Amnon Bar-Lev said in an interview.

Bots are devilishly designed to avoid detection, and that has allowed botnets to evolve with monstrous efficiency into advanced distribution frameworks. "It's a really big problem," said Bar-Lev. "It's a sort of espionage that remains asleep for a while, waiting for someone to wake them up."

Beta versions of Check Point's Anti-Bot Software Blade deployed on customers' networks have provided a wake-up call to many, according to Bar-Lev. "We've found bots in every single organization that has installed the product," he said.

Check Point's is planning to integrate Anti-Bot Software Blade with all of its gateways, and it works with IPS to prevent exploits on Web sites -- a move that reflects the company's philosophy of layered security.

"If you look at how organizations are being affected by bots, they're either coming in through drive by downloads, or by software installed through attachments," said Bar-Lev.

Bar-Lev, who took over as president in August after five years as Check Point's channel chief, said the 'secret sauce' of the technology lies in the way it identifies bots on the network. "There are about 250 million addresses we inspect for bots and 2,000 families of specific communication patterns we're familiar with. We see different things happening on a daily basis," he said.

Check Point's ability to shield customers from the damage that botnets can cause is an important differentiator for the company, Bar-Lev said. "Prevention is very critical. We're not just out there, we actually prevent the damage from happening," he said.

Check Point hasn't yet finalized pricing for the Anti-Bot Software Blade, but a company spokesperson told CRN it will be aligned with the company's other annual service blades.

Meanwhile, Check Point on Wednesday also unveiled its first update to its security appliance line in more than two years. The seven new models range from SMB-focused to high-end and feature triple the performance of their predecessors, and they also support more software blades that can add IPS, application control and other security mechanisms, Bar-Lev said.

All seven new security appliances, which are available now and priced starting at $3,600, feature local management and mobile access for smartphones and tablets.

"We're seeing more demand for integrated security happening on the gateway, including IPS," said Bar-Lev. "Most recent attacks that have happened could have been stopped by IPS, including the RSA SecureID attack," he said.