According to Terry Greer-King, Check Point's UK managing director, the anti-bot software blade uses approach of cutting off any IP communications between a computer on the blade-protected network and the command-and-control servers that typically control a botnet swarm.
“At the moment, there are no real systems to protect from the botnet problem. This new blade, which ships to customers from next March onwards, will solve this problem. It looks for botnets and servers – and can support data speeds of up to 5Gbps – and simply locks them down”, he told Infosecurity.
As with all of Check Point's previous blade systems, Greer-King says that one of the key USPs of the technology is its total cost of ownership, which is a lot less with a blade than a more conventional hardware-oriented appliance.
First announced at the start of last year, Check Point's blade architecture is now very popular with the firm's clients and, most interestingly of all, Infosecurity notes, still has no competition from the competition - something that Greer-King says is down to the innovative architecture that the blade platform is designed around.
“Security these days is no longer about a discrete appliance. CSOs don't talk about single appliances – single appliances are in the past. It's all about flexibility and multiple layers of security”, he explained.
So how does the new anti-bot blade system work?
Check Point says that its central core is a multi-tier ThreatSpect, a detection engine that analyses traffic on every gateway, identifies millions of outbreak types and discovers bots by correlating multiple risk factors - such as botnet patterns, remote operator hide-outs and attack behaviors.
When a bot is identified, the firm says that customers can quickly analyze their level of risk through dashboards that highlight bots and their business implications - such as data loss or an increase in fraudulent spam distribution – and allowing IT admins to investigate infections with extensive forensic capabilities, helping security teams enforce multi-layered protection and accelerate remediation time.
The new blade is also billed as providing customers with multi-layered protection on every gateway by integrating with existing security protections - such as IPS, anti-virus and anti-spam plus URL filtering.