Rea u amohela sengoloa sa boraro letotong le mabapi le khomphutha e ncha ea taolo ea ts'ireletso ea komporo ea motho e thehiloeng marung - Check Point Point SandBlast Agent Management Platform. Ere ke u hopotse hore ka re ile ra tloaelana le Infinity Portal mme ra theha tšebeletso ea tsamaiso ea moemeli ea thehiloeng marung, Endpoint Management Service. Ho Re ithutile sebopeho sa tsamaiso ea marang-rang mme ra kenya moemeli ea nang le leano le tloaelehileng mochining oa mosebelisi. Kajeno re tla sheba dikahare tsa leano le tlwaelehileng la Thibelo ya Tshireletso le ho leka katleho ya lona ho lwantsheng ditlhaselo tse tlwaelehileng.
Leano le Tloaelehileng la Thibelo ea Litšokelo: Tlhaloso
Setšoantšo se ka holimo se bontša molao o tloaelehileng oa leano la Thibelo ea Tšokelo, oo ka ho sa feleng o sebetsang ho mokhatlo oohle (lihlahisoa tsohle tse kentsoeng) 'me o kenyelletsa lihlopha tse tharo tse utloahalang tsa likarolo tsa tšireletso: Tšireletso ea Web & Files, Tšireletso ea Boitšoaro le Analysis & Remediation. Ha re shebisiseng sehlopha ka seng.
Tšireletso ea Web & Files
Ho Hlahisa URL
URL Filtering e u fa monyetla oa ho laola phihlello ea basebelisi ho lisebelisoa tsa marang-rang, u sebelisa likarolo tse 5 tse boletsoeng esale pele tsa libaka. E 'ngoe le e 'ngoe ea mekhahlelo e 5 e na le likaroloana tse' maloa tse ikhethileng, tse u lumellang ho hlophisa, mohlala, ho thibela phihlello ea karoloana ea Lipapali le ho lumella ho fihlella karoloana ea Melaetsa ea Hang-hang, e kenyellelitsoeng sehlopheng se tšoanang sa Tahlehelo ea Tlhahiso. Li-URL tse amanang le likaroloana tse itseng li khethoa ke Check Point. U ka hlahloba sehlopha seo URL e itseng e leng ho sona kapa u kope ho feto-fetoha ha sehlopha ho sesebelisoa se ikhethileng .
Ketso e ka hlophisoa ho Thibela, Fumana kapa Koala. Hape, ha u khetha ketso ea Detect, tlhophiso e eketsoa ka bo eona e lumellang basebelisi ho tlola temoso ea ho Filtering ea URL ebe ba ea mohloling oa thahasello. Haeba Thibela e sebelisoa, peakanyo ena e ka tlosoa 'me mosebelisi a ke ke a khona ho kena sebakeng se thibetsoeng. Tsela e 'ngoe e bonolo ea ho laola lisebelisoa tse thibetsoeng ke ho theha Lethathamo la Li-block, tseo ho tsona u ka hlalosang libaka, liaterese tsa IP, kapa ho kenya faele ea .csv e nang le lethathamo la libaka tseo u lokelang ho li thibela.
Ho leano le tloaelehileng la ho Filtering ea URL, ketso e behiloe ho Fumana 'me ho khethoa sehlopha se le seng - Tšireletso, e leng liketsahalo tse tla fumanoa. Sehlopha sena se kenyelletsa batho ba fapaneng ba sa tsebahaleng ka mabitso, libaka tse nang le boemo ba kotsi bo Bohlokoa/Bo phahameng/Bohareng, liwebsaete tsa phishing, spam le tse ling tse ngata. Leha ho le joalo, basebelisi ba ntse ba tla khona ho fumana sesebelisoa ka lebaka la "Lumella mosebelisi ho hlakola tlhokomeliso ea ho Filtering ea URL le ho fihlella sebaka sa Marang-rang".
Khoasolla (web) Tshireletso
Emulation & Extraction e u lumella ho etsisa lifaele tse jarollotsoeng ka har'a lebokose la leru la Check Point le ho hloekisa litokomane hang-hang, ho tlosa lintho tse ka bang kotsi, kapa ho fetolela tokomane ho PDF. Ho na le mekhoa e meraro ea ts'ebetso:
- Thibela - e u lumella ho fumana kopi ea tokomane e hloekisitsoeng pele ho qeto ea ho qetela ea boemeli, kapa u emetse hore emulation e phethe le ho jarolla faele ea mantlha hanghang;
- Lemoga - e etsa emulation ka morao, ntle le ho thibela mosebelisi ho fumana faele ea mantlha, ho sa tsotelehe qeto;
- Off - lifaele life kapa life li lumelletsoe ho kopitsoa ntle le ho etsisoa le ho hloekisoa ha likarolo tse ka bang kotsi.
Hape hoa khoneha ho khetha ketso bakeng sa lifaele tse sa tšehetsoeng ke mohlala oa Check Point le lisebelisoa tsa ho hloekisa - u ka lumella kapa ua hana ho khoasolla lifaele tsohle tse sa tšehetsoeng.
Leano le tloaelehileng la Ts'ireletso ea Khoasolla le behiloe ho Thibela, e u lumellang ho fumana kopi ea tokomane ea mantlha e tlositsoeng linthong tse ka bang kotsi, hammoho le ho lumella ho khoasolla lifaele tse sa tšehetsoeng ke ho etsisa le lisebelisoa tsa ho hloekisa.
Tšireletso ea Bopaki
Karolo ea Tšireletso ea Boitsebiso e sireletsa boitsebiso ba mosebedisi mme e kenyelletsa likarolo tse 2: Zero Phishing le Tšireletso ea Phasewete. Zero Phishing e sireletsa basebelisi ho fumana lisebelisoa tsa phishing, le Password Tshireletso e tsebisa mosebedisi mabapi le ho se dumellwa ho sebedisa mangolo a bopaki a kgwebo kantle ho sebaka se sireleditsweng. Zero Phishing e ka hlophisoa ho Thibela, Fumana kapa ho Koala. Ha ketso ea Thibela e behiloe, hoa khoneha ho lumella basebelisi ho hlokomoloha temoso e mabapi le mohloli o ka bang teng oa phishing le ho fumana monyetla oa ho fumana mohloli, kapa ho tima khetho ena le ho thibela phihlello ka ho sa feleng. Ka ketso ea Detect, basebelisi ba lula ba na le khetho ea ho iphapanyetsa temoso le ho fihlella mohloli. Tšireletso ea Lekunutu e u lumella ho khetha libaka tse sirelelitsoeng tseo li-password li tla hlahlojoa ho tsona bakeng sa ho latela melao, le e 'ngoe ea liketso tse tharo: Fumana & Tlhokomeliso (ho tsebisa mosebelisi), Fumana kapa Koala.
Leano le tloaelehileng bakeng sa Tšireletso ea Credential ke ho thibela lisebelisoa leha e le life tsa phishing ho thibela basebelisi ho kena saeteng e ka bang kotsi. Tšireletso khahlanong le ts'ebeliso ea li-passwords tsa mekhatlo e boetse e lumelloa, empa ntle le libaka tse boletsoeng tšobotsi ena e ke ke ea sebetsa.
Tšireletso ea Lifaele
Tšireletso ea Lifaele e na le boikarabelo ba ho sireletsa lifaele tse bolokiloeng mochine oa mosebedisi 'me e kenyelletsa likarolo tse peli: Anti-Malware le Files Threat Emulation. Khahlano le malware ke sesebelisoa se lulang se lekola lifaele tsohle tsa basebelisi le sistimi se sebelisa tlhahlobo ea signature. Litlhophisong tsa karolo ena, u ka etsa litlhophiso tsa ho sekena khafetsa kapa linako tsa ho sekena ka tšohanyetso, nako ea ntlafatso ea tekeno, le bokhoni ba basebelisi ba ho hlakola ho sekena ho reriloeng. Lifaele li Tšosa Emulation e o lumella ho etsisa lifaele tse bolokiloeng mochining oa mosebelisi ka har'a sandbox ea leru ea Check Point, leha ho le joalo, karolo ena ea ts'ireletso e sebetsa feela ka mokhoa oa Detect.
Leano le tloaelehileng la Tšireletso ea Lifaele le kenyeletsa tšireletso ka Anti-Malware le ho lemoha lifaele tse kotsi ka Files Threat Emulation. Ho hlahlojoa khafetsa ho etsoa khoeli le khoeli, 'me li-signature mochining oa mosebelisi li ntlafatsoa lihora tse ling le tse ling tse 4. Ka nako e ts'oanang, basebelisi ba lokiselitsoe hore ba khone ho hlakola skena se reriloeng, empa pele ho matsatsi a 30 ho tloha ka letsatsi la tlhahlobo e atlehileng ea ho qetela.
Tšireletso ea Boitšoaro
Anti-Bot, Molebeli oa Boitšoaro & Anti-Ransomware, Anti-Exploit
Sehlopha sa Tšireletso ea Boitšoaro sa likarolo tsa tšireletso se kenyelletsa likarolo tse tharo: Anti-Bot, Behavioral Guard & Anti-Ransomware le Anti-Exploit. Khahlano le Bot e u lumella ho beha leihlo le ho thibela likhokahano tsa C&C u sebelisa database ea Check Point ThreatCloud e nchafalitsoeng khafetsa. Molebeli oa Boitšoaro & Anti-Ransomware e lula e lekola ts'ebetso (lifaele, lits'ebetso, litšebelisano tsa marang-rang) mochining oa mosebelisi mme e u lumella ho thibela litlhaselo tsa ransomware methating ea pele. Ntle le moo, karolo ena ea ts'ireletso e u lumella ho khutlisa lifaele tse seng li patiloe ke malware. Lifaele li khutlisetsoa ho li-directory tsa tsona tsa mantlha, kapa u ka hlakisa tsela e itseng moo lifaele tsohle tse hlakotsoeng li tla bolokoa. Khahlanong le Tšebeliso e o lumella ho bona litlhaselo tsa matsatsi a zero. Likarolo tsohle tsa Tšireletso ea Boitšoaro li tšehetsa mekhoa e meraro ea ts'ebetso: Thibela, Fumana le ho Koala.
Leano le tloaelehileng la Tšireletso ea Boitšoaro le fana ka Thibelo bakeng sa Anti-Bot le Behavioral Guard & Anti-Ransomware likarolo, ka tsosoloso ea lifaele tse patiloeng libukeng tsa tsona tsa pele. Karolo ea Anti-Exploit e koetsoe ebile ha e sebelisoe.
Tlhahlobo & Tokiso
Tlhahlobo ea Tlhaselo e Ikemetseng (Forensics), Tokiso & Karabelo
Likarolo tse peli tsa ts'ireletso li teng bakeng sa tlhahlobo le lipatlisiso tsa liketsahalo tsa ts'ireletso: Tlhahlobo ea Tlhaselo e Ikemetseng (Forensics) le Tokiso & Karabo. Tlhahlobo ea Tlhaselo e Ikemetseng (Forensics) e o lumella ho hlahisa litlaleho ka liphetho tsa litlhaselo tse lelekang ka tlhaloso e qaqileng - ho ea tlase ho sekaseka mokhoa oa ho sebelisa malware mochining oa mosebelisi. Hape hoa khonahala ho sebelisa ts'ebetso ea Threat Hunting, e etsang hore ho khonehe ho batlisisa ka mokhoa o sa tsitsang le boits'oaro bo ka bang kotsi u sebelisa li-filters tse boletsoeng esale pele kapa tse entsoeng. Tokiso & Karabelo e u lumella ho hlophisa litlhophiso tsa ho hlaphoheloa le ho arola lifaele ka mor'a tlhaselo: tšebelisano ea basebelisi le lifaele tsa karabelo e laoloa, hape hoa khoneha ho boloka lifaele tse behelletsoeng ka thoko bukeng e boletsoeng ke molaoli.
Leano le tloaelehileng la Analysis & Remediation le kenyelletsa ts'ireletso, e kenyeletsang liketso tse ikemetseng bakeng sa ho hlaphoheloa (mekhoa ea ho qetela, ho tsosolosa lifaele, joalo-joalo), 'me khetho ea ho romela lifaele ho arola batho e sebetsa,' me basebelisi ba ka hlakola lifaele feela ho tloha karantine.
Leano le Tloaelehileng la Thibelo ea Kotsi: Teko
Sheba Ntlha ea CheckMe Endpoint
Mokhoa o potlakileng le o bonolo oa ho lekola ts'ireletso ea mochini oa mosebelisi khahlano le mefuta e tsebahalang haholo ea litlhaselo ke ho etsa tlhahlobo o sebelisa sesebelisoa. , e etsang litlhaselo tse 'maloa tse tloaelehileng tsa mekhahlelo e fapaneng' me e u lumella ho fumana tlaleho ka liphetho tsa liteko. Tabeng ena, ho ile ha sebelisoa khetho ea tlhahlobo ea Endpoint, eo ho eona faele e sebetsang e jarolloang ebe e hlahisoa khomphuteng, ebe ts'ebetso ea ho netefatsa e qala.
Ts'ebetsong ea ho lekola ts'ireletso ea komporo e sebetsang, Moemeli oa SandBlast o fana ka matšoao mabapi le litlhaselo tse bonoang le tse bonts'itsoeng khomphuteng ea mosebelisi, mohlala: lehare la Anti-Bot le tlaleha ho fumanoa ha ts'oaetso, lehare la Anti-Malware le hlokometse le ho hlakola faele e mpe CP_AM.exe, 'me Lehare la Threat Emulation le kentse hore faele ea CP_ZD.exe e kotsi.
Ho ipapisitsoe le liphetho tsa liteko tse sebelisang CheckMe Endpoint, re na le sephetho se latelang: ho mekhahlelo e 6 ea tlhaselo, leano le tloaelehileng la Thibelo ea Tšokelo le hlolehile ho sebetsana le sehlopha se le seng feela - Browser Exploit. Lebaka ke hobane leano le tloaelehileng la Thibelo ea Tšokelo ha le kenyelletse lehare la Anti-Exploit. Ke habohlokoa ho hlokomela hore ntle le Moemeli oa SandBlast o kentsoeng, k'homphieutha ea mosebedisi e fetisitse scanning feela tlas'a sehlopha sa Ransomware.
KnowBe4 RanSim
Ho leka ts'ebetso ea lehare la Anti-Ransomware, o ka sebelisa tharollo ea mahala , e tsamaisang letoto la liteko mochining oa mosebelisi: maemo a ts'oaetso ea 18 ransomware le 1 boemo ba ts'oaetso ea cryptominer. Ke habohlokoa ho hlokomela hore ho ba teng ha li-blades tse ngata ka leano le tloaelehileng (Tshreat Emulation, Anti-Malware, Behavioral Guard) le ketso ea Thibela ha e lumelle tlhahlobo ena hore e sebetse ka nepo. Leha ho le joalo, esita le ka boemo bo fokotsehileng ba tšireletso (Threat Emulation in Off mode), teko ea Anti-Ransomware blade e bontša liphello tse phahameng: liteko tse 18 ho tse 19 li fetile ka katleho (1 e ile ea hlōleha ho qala).
Lifaele le litokomane tse kotsi
Ke sesupo sa ho lekola ts'ebetso ea li-blade tse fapaneng tsa leano le tloaelehileng la Thibelo ea Tšokelo ho sebelisoa lifaele tse mpe tsa lifomate tse tsebahalang tse jarollotsoeng mochining oa mosebelisi. Teko ena e ne e kenyelletsa lifaele tse 66 ho lifomate tsa PDF, DOC, DOCX, EXE, XLS, XLSX, CAB, RTF. Liphetho tsa liteko li bontšitse hore Moemeli oa SandBlast o khonne ho thibela lifaele tse kotsi tsa 64 ho tsoa ho 66. Lifaele tse tšoaelitsoeng li ile tsa hlakoloa ka mor'a ho khoasolla, kapa tsa hlakoloa ka litaba tse kotsi ka ho sebelisa Threat Extraction le ho amoheloa ke mosebedisi.
Litlhahiso tsa ho ntlafatsa leano la Thibelo ea Litšokelo
1. Sefa URL
Ntho ea pele e lokelang ho lokisoa ka leano le tloaelehileng ho eketsa boemo ba ts'ireletso ea mochine oa mochine ke ho fetola URL ea Filtering blade ho Thibela le ho bolela lihlopha tse loketseng bakeng sa ho thibela. Tabeng ea rona, lihlopha tsohle li khethiloe ntle le Tšebeliso e Akaretsang, kaha li kenyelletsa boholo ba lisebelisoa tseo ho hlokahalang ho thibela ho fihlella ho basebelisi mosebetsing. Hape, bakeng sa liwebsaete tse joalo, ho bohlokoa ho tlosa bokhoni ba basebelisi ba ho tlola fensetere ea temoso ka ho hlakola "Lumella mosebelisi ho leleka tlhokomeliso ea ho Filtering ea URL le ho fihlella sebaka sa marang-rang".
2.Download Tšireletso
Khetho ea bobeli eo u lokelang ho e ela hloko ke bokhoni ba basebelisi ba ho khoasolla lifaele tse sa tšehetsoeng ke mohlala oa Check Point. Kaha karolong ena re shebile lintlafatso ho leano le tloaelehileng la Thibelo ea Tšokelo ho latela pono ea ts'ireletso, khetho e ntle ka ho fetisisa e ka ba ho thibela ho jarolla lifaele tse sa tšehetsoeng.
3. Tšireletso ea Lifaele
U boetse u hloka ho ela hloko litlhophiso tsa ho sireletsa lifaele - haholo-holo, litlhophiso tsa ho hlahlojoa nako le nako le bokhoni ba hore mosebelisi a chechise ho skena ka likhoka. Tabeng ena, nako ea mosebedisi e tlameha ho tsotelloa, 'me khetho e ntle ho tloha sebakeng sa ts'ireletso le ts'ebetsong ke ho lokisa scan ninemanga. 00), mme mosebelisi a ka liehisa skena nako e fetang beke e le 'ngoe.
4. Khahlanong le Tšebeliso
Khaello e kholo ea leano le tloaelehileng la Thibelo ea Tšokelo ke hore lehare la Anti-Exploit le koaletsoe. Ho kgothaletswa ho thusa lehare lena ka ketso ea Thibela ho sireletsa setsi sa mosebetsi ho tloha litlhaselong tse sebelisang liketso. Ka tokiso ena, tlhahlobo ea CheckMe e phethela ka katleho ntle le ho bona bofokoli mochining oa tlhahiso ea mosebelisi.
fihlela qeto e
A re ke re akaretsa: sehloohong sena re tloaelane le likarolo tsa leano le tloaelehileng la Thibelo ea Tšokelo, re lekile pholisi ena re sebelisa mekhoa le lisebelisoa tse fapaneng, hape re hlalositse likhothaletso tsa ho ntlafatsa maemo a leano le tloaelehileng ho eketsa boemo ba ts'ireletso ea mochini oa mosebelisi. . Sehloohong se latelang letotong, re tla tsoela pele ho ithuta leano la Tšireletso ea Boitsebiso le ho sheba Litlhophiso tsa Leano la Lefatše.
. E le hore u se ke ua fetoa ke lingoliloeng tse latelang tse mabapi le Sethala sa Tsamaiso ea Moemeli oa SandBlast, latela lintlafatso ho marang-rang a rona a sechaba (, , , , ).
Source: www.habr.com