The combined solution provides maximum protection for vital web services and applications (online banking systems, electronic trading platforms, public service portals, and various business applications) across the business spectrum. "Our research shows that 71% of web applications tested were found to contain critical vulnerabilities. The attack vector for malicious intrusion into a company's internal network is based primarily on the exploitation of vulnerabilities in the code of web applications. This prevents traditional systems from implementing information security countermeasures in full, as the classic set of perimeter control tools are ineffective," says Johan Nordstrom, VP Business Development, Application Security at Positive Technologies. "So not only is it vital to use protection tools such as Web Application Firewall and Network Firewall on a standalone basis, but there must be a technological tandem of tools to exchange information in online mode. This guarantees a new level of protection for corporate resources, fully covering the network and application level." As part of the integration, rules were implemented for the exchange of information between both companies' products with corresponding connectors developed. The two technologies interact in "machine-to-machine" format, ensuring comprehensive protection of web resources: PT Application Firewall detects and blocks attacks, and forwards information about the attacker's IP address with the lock timeout to Check Point devices, which in turn then blocks requests from the suspicious source at the network level.
The joint solution for securing the corporate perimeter (including web resources) offers protection against zero day attacks (thanks to machine-learning mechanisms embedded in PT Application Firewall) and DDoS attacks on applications, and detects anomalies. In addition, it greatly facilitates the investigation of incidents and features flexible scalability.
"The joint solution provides real-time protection of network perimeter and web applications with automated notifications about incidents. Our approach is to combine the cutting-edge technologies by Check Point and Positive Technologies as a way for creating a new level of protection for corporate information resources. We have already demonstrated successful variations of the joint solution with companies of all sizes, from small businesses to major corporations and large datacenters," notes Alon Kantor, Vice President of business development, Check Point Software Technologies.