BeBroadband® as a Service Edge Appliance Device Protection
BeBroadband® as a Service Edge Appliances are equipped with integrated Device Protection based on Check Point™ Nano Agent technology. This specification document outlines the capabilities of the Device Protection which ensures robust security for the device and its associated functions.
Runtime Protection
- Comprehensive protection against known and unknown attacks, including Zero-day vulnerabilities.
- Mitigates risks associated with memory corruption, shell injection, import table hijacking, and control flow hijacking.
Minimal Impact on Device Performance
- Maintains optimal device performance while ensuring high-level security.
- Minimizes resource consumption to deliver efficient operations.
Anti-Shell Injection
- Monitors and analyzes shell commands executed by protected processes.
- Identifies potential malicious inputs that could exploit the system and gain unauthorized control.
- Safeguards against attacks aiming to manipulate the system through shell commands.
File Monitor
- Prevents unauthorized addition or overwriting of executable files within the file system.
- Ensures the integrity and authenticity of executable files, bolstering system security.
Import-Table Protection
- Safeguards against exploitation of import tables in software implementations.
- Protects against takeovers and manipulations of function-pointer tables used by multiple libraries.
- Ensures the security and reliability of software functionalities.
Control-Flow Integrity (CFI)
- Tracks and monitors the control-flow paths of software during runtime.
- Thwarts attempts by attackers to hijack control-flow paths and gain unauthorized access.
- Ensures that software runs as intended, maintaining the system’s integrity.
Dynamic-Memory Protection
- Monitors and protects dynamic memory allocations and writes.
- Guards against exploitation attempts targeting dynamic memory usage.
- Secures the handling of arbitrary-sized data, safeguarding against malicious actors.
Brute-Force Detection
- A BeBroadband® as a Service developed cutting-edge security feature, utilizes dynamic log parsing and real-time analysis to proactively identify and block malicious IP addresses attempting brute force attacks, effectively fortifying systems against unauthorized access attempts.
- The advanced brute force mechanism automatically detects, notifies, and responds to suspicious login activities, imposing temporary IP bans and reinforcing your security infrastructure to mitigate the risks associated with brute force attacks.
BeBroadband® as a Service Edge Appliance Device Protection offers comprehensive security features protecting against a range of threats. With minimal impact on device performance, our solution ensures device integrity, confidentiality, and availability. By leveraging advanced technologies such as anti-shell injection, file monitoring, import-table protection, control-flow integrity, brute force prevention and dynamic-memory protection, BeBroadband™ Edge Appliance Device Protection provides robust security to meet your business needs.
Sharing is caring