Get in Touch Close Menu

Is Your Security Policy Configured Correctly?

25 February 2022

Is Your Security Policy Configured Correctly?

Wouldn’t it be great if there was an in-built feature that checks your settings are aligned with security in mind? Your cyber security policy is not wide open to letting anyone in, something that offers peace of mind that everything is secure?

Is Your Security Policy Configured Correctly?

Well, you’ll be pleased to know; there is!

Security Best Practices Compliance

The compliance blade is available on the Check Point Management server; it’s a software package enabled by a simple tick box.  

As Check Point says:

The Compliance Blade uses Security Best Practices to make sure that Security Policy rules comply with Check Point configuration or policy recommendations.

Each Security Best Practice contains criteria that match specified parameters in Security Policy rules or configuration settings.

The software’s purpose is to ensure your configuration is monitored continuously for changes to your security posture in-line with your cyber security policy.

An in-built live view is available to help identify poor areas of compliance.

You can schedule a report to be generated and emailed. Alerts can be configured to be sent to administrators when your security posture has changed for the better or worse. 

Security Best Practices Compliance

The compliance blade is also available on Harmony Endpoint to monitor the endpoint.

Harmony Endpoint is one of my favourite security products by Check Point, and this feature is impressive on so many levels.

Business operations

With most users now working remotely, it’s challenging to monitor the current state of a user’s PC/Laptop. Is the endpoint missing any updates, software, or has the latest antivirus definitions been installed or performed a recent Antivirus scan? 

business operations

It’s fantastic that you can configure the compliance blade to react in several ways due to a failure of compliance.

The inability of compliance could be anything from a service not running, missing software, a file/folder present or not, a missing registry key/value, out-of-date Anti-Virus definitions or a routine antivirus scan not performed.

A restricted state can be imposed automatically, blocking all traffic at a network level but still allowing administrator connectivity to perform maintenance to rectify any issues. 

Security awareness for your business

I love how you can customise the remediation actions to act upon changes in compliance, anything from changing registry keys to replacing files on the file system to locking down the endpoint and blocking all network access. 

The above is just a tiny example highlighting the capabilities of the Check Point compliance blade. If you would like to know more, get in contact with our experts today! 

Related Articles

Amid CHAOS, There is Also Crypto Mining
30 January 2023

Sapphire’s SOC Team have been tracking a recent Crypto Mining campaign targeting Linux systems, utilising a proof-of-concept (PoC) hack tool hosted on GitHub known as ‘CHAOS’.

Find Out More
CASE STUDY: SAPPHIRE UTILITY SOLUTIONS
9 January 2023

Like all organisations, Sapphire Utility Solutions (SUS) is a target for cybercriminals. This is only exasperated by its rapid growth.

Whilst having extensive security experience within the team, SUS wanted to enhance its cybersecurity capabilities and provide the best resources for its team to take advantage of, so it decided to outsource its cybersecurity via Sapphire’s Managed Security service.

Find Out More
What Does SIEM Stand for?
6 January 2023

SIEM (Security Information and Event Management) is one of many approaches to security management. It combines SIM (Security Information Management) and SEM (Security Event Management) to aggregate data from a variety of sources as well as identify any deviations and act against them.  

Find Out More