Check Point has become one of the first security appliance vendors to offer customers a way share security threat data in real time through a new cloud system called ThreatCloud.
The system collects details of malware and bot activity from participating organisations using a distributed network of cloud sensors, relaying this information “in a matter of seconds” to others connected to it.
It backs this up with data from the company’s own malware research teams plus the Kaspersky Lab signatures which power the AV engine in the company’s consumer ZoneAlerm software.
Available as an update to the R75.40 release of the company’s software blade architecture, threat data ends up on Check Point gateways and blades, including its dedicated new Anti-Bot Software Blade designed to spot and control bot activity within an organisation’s own network.
The concept is one that has shown promise in the antivirus, albeit that it remains untested and immature, namely crowdsource data on security outbreaks and events. If one customer encounters a new threat, all others see it too, offering a kind of ‘herd’ protection.
Rounding off a raft of inter-twined announcements, Check Point has also unified the software layer of its appliances, open servers and virtualised gateways under a new operating system it calls 'GAiA'.
R75.40 updates the capabilities of the company’s appliances with 100 small tweaks, the company said, but it is the unifying GAiA layer that is the real story. ThreatCloud, then, is the cloud intelligence that distributes security data to this.
“With new forms of malware being generated on a daily basis, ThreatCloud expands an organisation’s security footprint, bringing customers significantly more information and analysis about attacks than they would have otherwise had before,” said Check Point VP, Dorit Dor.
“ThreatCloud is based on a global collaboration to increase the volume, quality and speed of threat intelligence – enabling customers to quickly respond to threats that may have happened next door and apply the appropriate protections to their gateways before they can spread,” he said.
Check Point launched its blade architecture in early 2009, since when it has become the core of the company's strategy, distributing security functions between different software modules across a consistent range of hardware.
Release R75.40 is a free upgrade for existing customers; the new Anti-Bot Blade is available now.