Total Access Protection
Check Point and MetaInfo

IT professionals are challenged to manage threats to network security caused by viruses, spyware, worms, and other malware. Infected or vulnerable machines should be automatically isolated from the corporate network until the infection is removed or the vulnerability remediated. Leveraging DHCP in this process can greatly reduce the complexity required to deploy this level of protection in existing networks. Unlike solutions that require broad upgrades and replacements to the entire network infrastructure, this solution only requires an upgrade to the DHCP servers.

MetaInfo and Check Point have teamed up to deliver an easy-to-deploy joint solution based on MetaInfo SAFE DHCP Quarantine Appliance and Check Point Integrity Clientless Security (ICS). At the time of connection to the network, SAFE DHCP assigns all new machines an IP address and parameters that place them in quarantine. When users open a web browser, SAFE DHCP automatically directs them to the ICS server for an on-demand (ActiveX) scan of their machine. PCs compliant with corporate security policy are immediately assigned a new IP address with full access to the corporate network. Non-compliant machines are directed toward remediation servers to resolve the issues affecting their compliance and stay in quarantine.

Benefits

• Automatic enforcement of corporate security standards
• Quarantine of infected endpoints at the time of network access
• Ease of deployment, based on minimal changes to existing network

MetaInfo SAFE DHCP® Quarantine
MetaInfo SAFE DHCP Quarantine forces all network users to pass site-specific host integrity scanning and authentication procedures before consideration for full network access. Network users that fail the procedures remain quarantined from the rest of the network. SAFE DHCP requires no changes to the DHCP client software and complies with all DHCP protocol standards.

The SAFE DHCP Host Integrity Module uses the Check Point Integrity Clientless Security solution to identify DHCP clients, scan for malware, and verify site policy compliance before issuing an authenticated lease with access to a protected network.

Check Point Integrity
Check Point Integrity Clientless Security mitigates the risks posed by employee and guest endpoints accessing enterprise resources via the Web. It disables spyware automatically, ensures session confidentiality, and enforces network access security policy via an easily downloaded browser plug-in. Network bandwidth and CPU cycles lost to adware and spyware activity are restored.

Benefits

• Worms and other malware stopped
• Remote access PC risks reduced
• Network access policy enforced
• Confidential data on third-party PCs secured
• Network protected from non-compliant PC

More on Metainfo