eEye Digital Security — Blink End-Point Vulnerability Prevention

Blink is eEye’s award-winning endpoint vulnerability prevention solution. Network security vulnerabilities are being detected on a daily basis - over 10,000 in the last two years alone. At the same time, the window of opportunity to remediate these vulnerabilities is decreasing - from months to days. In today's complex network architectures, relying on open source tools or a simple port scanner is no longer sufficient for comprehensive vulnerability assessment.

Network landscapes have evolved from traditional client-server architectures to now include various platforms and components, including support for mobile, wireless and remote users. These advancements have dissolved the network perimeter, dramatically increasing the opportunity for worms and viruses to propagate.

To better combat these evolving threats, organizations must look beyond a traditional personal firewall and intrusion detection systems, which weren't designed for internal network security threats. Each individual device must have proactive protection to shield it from costly attacks and ensure business continuity.

As the industry’s first endpoint security solution to incorporate multiple layers of proven technologies, eEye Digital Security’s Blink Endpoint Vulnerability solution addresses today's most pressing security challenge: preventing the attack. No longer is shielding assets from individual attacks sufficient; they must be protected from vulnerabilities, becoming resilient to attacks, even when patches aren't available or installed.

To provide this level of security, Blink combines and extends the technologies of:

• Protocol based intrusion prevention
• Anti spyware technology
• Identity theft protection
• Personal firewall (application and system level)
• Local vulnerability assessment based on eEye's Retina® Network Security Scanner

Blink’s integrated layers of protection work hand-in-hand to provide the most comprehensive protection from targeted and propagated attacks. Blink protects from both known and undefined vulnerabilities, through periodic vulnerability assessments and non-intrusive process activity monitoring, designed to protect assets from "zero-day attacks.”

Blink combines and extends the best elements of an intrusion prevention system, system and application firewall, internal policy enforcer and local vulnerability scanner into a single, comprehensive product. Blink delivers maximum host-level protection via continuous, non-intrusive multi-layer vulnerability monitoring and prevention.

Industry Leading Intrusion Prevention Technology

Through its innovative approach to protocol analysis, Blink is able to detect and block ‘zero-day’ attacks that bypass standard signature checking solutions. Much more than just standard Internet security software or a network firewall, Blink can thwart previously undefined attacks, significantly reducing the need for panic patching, enabling a more planned approach to patch management.

For organizations with large mobile workforces, laptop and wireless security are significant challenges. These dynamic platforms require aggressive protection, which must be capable of being centrally managed. Blink provides a new level of wireless network security like no other product available today.

Blink includes the following features:

• Application Policy Control: Protection against abusive application behavior, such as downloading files via P2P, Instant Messenger, running a port scanner, and against application hijacking via DLL control hooking. By strictly monitoring approved applications, policies can be implemented and administered as part of a security policy program.

• Anti-Spyware Protection: Blink will actively block malware instances from being loaded into memory and give the option to quarantine or remove the suspected code.

• Identity Theft Protection/Anti-Phishing: Leveraging its protocol analysis engine, Blink is able to detect and classify phishing attempts made via various protocols. This includes images used to convey these phishing attacks.

• System and Application Firewall Technology: Performing analysis of each packet of network traffic entering the system, Blink is able to allow or deny traffic based on a set of predetermined firewall rules.

• Instant Messenger Policy Enforcement: Not only can Blink enforce which IM clients are implemented, it can also limit IM traffic to a set of predefined contacts. This feature can be used to enforce a policy of only allowing traffic to and from people that are white listed for IM.

• Generic Buffer Overflow Protection: Protection against known and unknown buffer overflow attacks against network applications.

• Non-Signature Based Attack Prevention: Blink detects and blocks attacks without the need for signature profiles. This translates into complete protection, even when security threats are circulating prior to vendors issuing a patch or created a signature profile.

• Inbound and Outbound Port Blocking: Blink controls all aspects of network traffic including all inbound and outbound connections. Blink controls traffic based on protocol, port and communicating host address.

• Non-Intrusive Protocol Analysis: Blink’s non-intrusive protocol analysis technology examines network traffic before it reaches the application layer, preventing malicious activity before it is allowed to execute.

Designed For Small Businesses or Large Enterprises

Through the Blink central management console you can secure each of your network assets throughout the enterprise – with or without end-user intervention – easily deploying, administering and managing your network security requirements.

• Network Asset Discovery: System administrators can discover network assets via various methods (Active Directory, ARP, NetBIOS) and create logical machine groupings according to such categories as operating system, machine type or business group.

• Centralized Policy Management: Security administrators can create policies to be implemented to one, many or all of the Blink agents through a centrally managed security console, allowing for enforcement of internal corporate policies such as application version control, application usage and configuration standards.

• Integrates with the REM Security Management Console: As with all eEye products, Blink seamlessly integrates with the REM console for advanced reporting and analysis under REM's workflow approach to vulnerability management.

Product Specifications

• WINDOWS 2000 SERVER
• WINDOWS SERVER 2003 AND 2008 (32-BIT AND 64-BIT)
• WINDOWS SERVER 2008 R2 (64-BIT)
• INTEL PENTIUM III 800MHZ (OR COMPATIBLE)
• MEMORY: 512MB FOR PROFESSIONAL; 512MB FOR SERVER
• HARD DRIVE: 80MB FOR PROFESSIONAL; 125MB FOR SERVER
• NETWORK INTERFACE CARD (NIC) WITH TCP/IP ENABLED
  

PROFESSIONAL ONLY:

• WINDOWS 2000 PROFESSIONAL
• WINDOWS XP (32-BIT AND 64-BIT)
• WINDOWS VISTA SP1 (32-BIT AND 64-BIT)
• WINDOWS 7 (32-BIT AND 64-BIT)

Enquiry