VULNERABILITY MANAGEMENT

eEye Digital Security

Blink End Point Vulnerability Prevention 

Blink is eEye’s award-winning endpoint vulnerability prevention solution. As the industry's first security solution to incorporate multiple layers of proven technologies, Blink addresses today's most pressing security challenges: preventing attacks and lessening the burden created by resource-draining patching activities. No longer is shielding assets from known attacks sufficient; they must be protected from the vulnerability, becoming resilient to attacks, even when patches aren't available or installed. Blink combines and extends the technologies of: protocol analysis, intrusion prevention, system and application firewalls and eEye's Retina Network Security Scanner to deliver the most comprehensive threat protection solution available.

Features and Benefits

Blink combines the best elements of an intrusion prevention system, system and application firewall, internal policy enforcer, and vulnerability assessment engine into a single, comprehensive product. Blink delivers maximum host-level protection via continuous, non-intrusive multi-layer vulnerability monitoring and prevention.

Intrusion Prevention Technology
Blink performs network traffic reconstruction and protocol analysis and is able to detect and block ‘zero-day’ attacks that bypass standard signature checking solutions. Blink is also able to detect and block unknown attacks using pattern matching analysis.

For the added protection of individual digital assets, Blink includes the following features:

Malicious Application Control Prevention: protects against Application Hijacking via DLL control hooking

Application Policy Control: Prevents abusive user behaviour within applications, such as downloading files via P2P or Instant Messenger applications

Buffer Overflow Protection: Protects against known and unknown buffer overflow attacks against network applications

Non-Signature Based Attack Prevention: Detects and blocks attacks without the need or use of attack signatures. This translates into complete protection, even when an attack is circulating, but the vendor has not yet created signatures or patches. This also removes the administrative burden associated with updating signatures files

Inbound and Outbound Port Blocking: Blink controls all aspects of network traffic including all inbound and outbound connections. Blink also controls traffic based on protocol, port, and communicating host address

Configurable rules: Blink’s policies are customisable by the administrator and can be tailored to each particular worker’s access or configuration requirement

Operating System Hardening: Blink acts as Windows hardening solution, preventing attacks from modifying critical OS binary files or configuration settings

System and Application Firewall Technology: Performing analysis of each packet of network traffic entering the system, Blink is able to allow or deny traffic based on a set of predetermined firewall rules. Blink also monitors the source of network traffic in real time and will only allow traffic only from authorised applications

Non-Intrusive Protocol Analysis: Blink’s non-intrusive protocol analysis technology examines network traffic before it reaches the application layer, preventing malicious activity before it is allowed to execute. This allows Blink to remain non-intrusive and support business continuity, unlike other end-point solutions, which resort to stopping services or processes as a means of protection

Local Vulnerability Assessment Scanning Engine: Blink’s local vulnerability assessment engine is based on eEye’s award-winning Retina Network Scanner technology, the industry standard for vulnerability assessment. The Retina scanning engine performs non-intrusive system-level scanning and provides a list of recommended remediation actions

Suitable For Any Size Enterprise Through the Blink Security Console: Users can secure assets throughout their enterprise - without end-user intervention - easily deploying, administering and managing their Blink environment from a central management console

Network Asset Discovery: Leveraging the Blink Console, system administrators are able to discover network assets via various methods (Active Directory, ARP, NetBIOS) and create logical machine groupings according to such categories as operating system, machine type or business group

Centralised Policy Management:  Security administrators can create policies to be implemented to one, many or all of the Blink agents in the environment. This allows for the enforcement of internal corporate policies such as application version control, application usage and configuration standards. All policies can be centrally managed through Blink Security Console

Integrates with the REM Security Management Console: As with all eEye products, Blink seamlessly integrates with the REM console for advanced reporting and analysis under REM’s workflow approach to vulnerability management