Check Point Abra
Encyclopedia
Check Point GO is a USB drive that combines an encrypted USB flash drive
USB flash drive
A flash drive is a data storage device that consists of flash memory with an integrated Universal Serial Bus interface. flash drives are typically removable and rewritable, and physically much smaller than a floppy disk. Most weigh less than 30 g...

 with virtualization
Hardware virtualization
Computer hardware virtualization is the virtualization of computers or operating systems. It hides the physical characteristics of a computing platform from users, instead showing another abstract computing platform...

, VPN and computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...

 technologies to turn a PC
Personal computer
A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...

 into a secure corporate desktop. By plugging Check Point GO into the USB port of a Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...

® OS-based PC or laptop
Laptop
A laptop, also called a notebook, is a personal computer for mobile use. A laptop integrates most of the typical components of a desktop computer, including a display, a keyboard, a pointing device and speakers into a single unit...

, users can launch a secure virtual workspace that is segregated from the host PC. This allows users to securely access company files and applications from any remote location, including insecure host environments such as a hotel business center or Internet café
Internet cafe
An Internet café or cybercafé is a place which provides internet access to the public, usually for a fee. These businesses usually provide snacks and drinks, hence the café in the name...

.

Check Point GO uses hardware and software encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...

 to protect user credentials, documents, and other sensitive data, so that data cannot be compromised in transit or in the event the device is lost. The system uses an authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...

 process that enforces minimum levels of password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....

 strength, as well as certificates and security tokens for multifactor authentication for remote connectivity. The device interfaces with software on a corporate server to support company policies and security updates through security gateways.

History

Check Point GO (formerly Abra) was first introduced by Check Point
Check Point
Check Point Software Technologies Ltd. is a global provider of IT security solutions. Best known for its firewall and VPN products, Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology...

 Software Technologies Ltd. and SanDisk Corporation in March 2010 to address security and compliance issues for companies with remote employees. Workers have been increasingly demanding remote access to company applications and data. Personal equipment accessing the network can pose a risk to corporate networks, creating a potential avenue for corporate data loss or allowing unsecure connections.

The companies cite that the Check Point GO system provides a solution for companies that want to let their employees purchase and manage their own PCs and laptops, for those needing high security (including encryption) for computing devices outside the workplace, as well as contractors/vendors who require access to the company network while working on site.

Since its release, the product has won industry awards including "IT Product of 2010" by Computerworld and was named one of the “25 Hot Products to Watch” at the 2010 RSA Conference by CRN Magazine.

Technology Architecture

When Check Point GO is inserted into the USB port of any PC, the user is presented with a login screen
Screen
- Separation or partitioning :* Window screen, a wire mesh that covers a window opening* Fire screen, a device to put in front of a fireplace* Windbreak of trees or shrubs* Windshield , protects the driver of a vehicle...

. Upon successful login, a new explorer.exe instance is started in the Check Point GO Secure Workspace. All subsequent processes are started as child processes of this new explorer.

Check Point GO uses the software installed on the host PC to run applications such as Microsoft Word
Microsoft Word
Microsoft Word is a word processor designed by Microsoft. It was first released in 1983 under the name Multi-Tool Word for Xenix systems. Subsequent versions were later written for several other platforms including IBM PCs running DOS , the Apple Macintosh , the AT&T Unix PC , Atari ST , SCO UNIX,...

 and Microsoft Excel
Microsoft Excel
Microsoft Excel is a proprietary commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Mac OS X. It features calculation, graphing tools, pivot tables, and a macro programming language called Visual Basic for Applications...

, but the user’s documents remain secure in the Check Point GO environment – a virtual workspace that runs parallel to the host environment. All file and registry input/output calls for the secure application inside Check Point GO are redirected to the flash drive
USB flash drive
A flash drive is a data storage device that consists of flash memory with an integrated Universal Serial Bus interface. flash drives are typically removable and rewritable, and physically much smaller than a floppy disk. Most weigh less than 30 g...

.

All applications running on the Check Point GO desktop (including the new explorer) operate in a virtual file system and registry. The virtual files and registry data are instantly written to the flash drive and immediately encrypted.

Currently, Check Point GO does not work on all Windows workstations, due to incompatibility with enterprise client settings.

Specifications

Check Point GO Host Platform Support
Operating systems Windows 7 (32 & 64-bit, Home Premium, Enterprise, Ultimate)

Windows Vista (32 & 64-bit, Home and Professional, SP2+)

Windows XP (32-bit, Home and Professional, SP3+)
SmartCenter Management Server
Operating systems Check Point SecurePlatform™

Windows Server 2000/2003

Solaris 8/9/10

Red Hat Linux Enterprise 3.0
SmartCenter GUI
Operating systems Windows 2000/2003, ME, XP, Vista

Solaris 8/9/10
Encrypted USB Drive
SanDisk USB Drive Available capacities: 4, 8 GB

High-speed USB 2.0 interface

AES 256-bit hardware encryption

FIPS 140-2 Level 2 certified drives available

Versions

Version R65 Installed with:
Security Gateway R65 HFA60

R65 HFA60 Check Point GO Hotfix
SmartCenter server R65 HFA60

R65.4 or R66 Connectra plug-in

R65 HFA60 Check Point GO Hotfix
SmartDashboard Version R65.4 with Check Point GO R70.1 update
Version R70.20 or R70.40 Installed with:
Security Gateway No additions
Security Management Server No additions
SmartDashboard Version SmartDashboard for versions with Check Point GO R70.1 update
Version R71.1 Installed with:
Security Gateway No additions
Security Management Server No additions
SmartDashboard Version R71.1 for versions with Check Point GO R70.1 update

Awards

  • It was distinguished with "The best international innovation" award at the 2010 Information Security Day (ITBN) conference in Hungary.
  • It Received the Computerworld Czech Republic's annual "IT Product of the Year" in 2010.


See also

  • Check Point VPN-1
  • Circuit-level gateway
    Circuit-Level Gateway
    A circuit-level gateway is a type of firewall.Circuit level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is...

  • Comparison of firewalls
    Comparison of firewalls
    The following tables compare different aspects of a number of firewalls, starting from simple home firewalls up to the most sophisticated Enterprise firewalls.-Firewall software:...

  • Firewall
    Firewall (computing)
    A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....

  • List of Linux router or firewall distributions
  • Packet
  • Sandbox (computer security)
    Sandbox (computer security)
    In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers, untrusted users and untrusted websites....

  • Screened-subnet firewall
    Screened-subnet firewall
    In network security, a screened subnet firewall is a variation of the dual-homed gateway and screened host firewall. It can be used to separate components of the firewall onto separate systems, thereby achieving greater throughput and flexibility, although at some cost to simplicity...

  • Unified threat management
    Unified threat management
    Unified Threat Management is a comprehensive solution that has recently emerged in the network security industry and since 2004, has gained widespread currency as a primary network gateway defense solution for organizations...

  • Virtual firewall
    Virtual firewall
    A virtual firewall is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall...

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK