Data Loss Prevention Software Blade

• Check Point UserCheck
• Check Point MultiSpect
• Network-wide Protection Coverage
• Central Policy Management
• Rapid and Flexible Deployment

Check Point UserCheck
Check Point UserCheck empowers users to remediate incidents in real time. This innovative technology alerts users of suspected breaches, allowing for instant remediation, and allows quick authorisation of legitimate communications.

UserCheck empowers users to self-administer incident handling, with options to send, discard or review the issue, improving security by raising awareness of data use policies. Real-time notification based either on a pop-up from a thin agent or via a dedicated email sent to end user (no need to install agent). Organisations benefit in several ways:

• Full prevention - enables a practical move from detection to prevention
• Self-educating system - doesn't require IT/security personnel in incident handling while educating the users on proper data sharing policies

Check Point MultiSpect
Check Point's innovative MultiSpect data classification engine combines users, content and process into accurate decisions. Check Point DLP delivers exceptionally high accuracy in identifying sensitive data including personally identifiable information (PII), compliance-related data (HIPAA, SOX, PCI data, etc.), and confidential business data. This is achieved through the MultiSpect technology, a strong 3-tier inspection engine:

• Multi-parameter data classification and correlation - Multi-protocol inspection and enforcement - inspects content flows and enforces policies in the most widely used TCP protocols including SMTP, FTP, HTTP and webmail, pattern matching, and file classification for identifying content types regardless of the extension applied to the file or compression.
• Recognize and protect sensitive forms - file/ form matching (based on predefined templates)
• Identify unconventional business communication behavior - Out-of-the-box best practice policies

In addition, an open scripting language is available for creating custom data types. This unique flexibility provides virtually unlimited support for protecting sensitive data.

Network-wide Protection Coverage
Check Point's DLP solution is based on a new in-line network-based Software Blade which runs on any existing Check Point gateway. The Check Point DLP Software Blade is an advanced data loss prevention solution for data transmitted over networks with wide coverage of traffic transport types including deep application awareness protecting data in-motion including (SMTP, HTTP, FTP). DLP policies are created to define what to prevent and how to prevent, per policy, per network segment, per gateway and per user-group.

Central Policy Management
The DLP blade is managed centrally with Check Point Security Management through a user-friendly interface. Centralised management offers unmatched leverage and control of security policies, and enables organizations to use a single repository for user and group definitions, network objects, access rights, and security policies across their entire security infrastructure. Unified access policies are enforced automatically throughout the distributed environment, empowering them to securely provision access from anywhere.

Unified policy deployment across multiple gateways controls enforcement actions per policy; i.e. Detect (log only), or Quarantine (self-incident handling). Policy management includes the following features and options:

• Selection of data type(s) and user group(s) - also using Active Directory
• Enable exceptions - allowed users
• Traffic direction - enforce on outbound or inter-departmental traffic
• Pre-defined policies and content data types
• Incremental exposure of specific policies per different user groups
• Integrated Logging and Event correlation
• Customisation of internal quarantine

• Granular protection control - easy-to-use protection profiles allow administrators to define signature and protection activation rules that match the security needs of your network assets
• Predefined default and recommended profiles - provide immediate and easy use out-of-the-box with profiles tuned to optimise security or performance

Event Management
Separating the needle from the haystack, SmartEvent for DLP allows you to monitor and report only what is important. Event management includes the following features and options:

• Real-time and history graphing and reporting of DLP events
• Easy incident correlation
• Graphical incident timeline
• Easily configured custom views
• Event / incident management workflow

Rapid and Flexible Deployment
Organisations of any size can be protected from day one with pre-configured templates. A wide range of built-in policies and rules are included for common requirements, including regulatory compliance, intellectual property, and acceptable use.

The Check Point DLP Software Blade can be installed on any Check Point Security Gateway ( based on Check Point appliances or open server platforms). Deploy easily and rapidly on existing Check Point Security Gateways saving time and reducing costs by leveraging existing security infrastructure. In addition, a full range of powerful and highly scalable DLP-1 appliances are available to align with any network security requirements.