Product: Blink Endpoint Intrusion Prevention 2.1
Family: Blink Endpoint Intrusion Prevention

Product Description: As the industry’s first endpoint security solution to incorporate multiple layers of proven technologies, Blink combines and extends the technologies of

• Protocol based intrusion prevention
• Anti-spyware technology
• Identity theft protection
• Personal firewall (application and system level)
• Local vulnerability assessment (based on eEye's Retina Network Security Scanner)

Blink’s integrated layers of protection work hand-in-hand to provide the most comprehensive protection from targeted and propagated attacks. Blink protects from both known and undefined vulnerabilities, through periodic vulnerability assessments and non-intrusive process activity monitoring, designed to protect assets from zero-day attacks.

Key Features & Benefits:

• Business Continuity- Blink allows enterprises to defer patching until regularly scheduled maintenance cycles, saving millions of dollars in lost business disruption and the associated IT resource drain caused by “panic” patching. Blink also provides organizations the ability to secure operating systems that are no longer supported by their software vendors.
• Policy Compliance – Blink can be configured to ensure specific policies (e.g. HIPAA, SOX) are always in effect on individual systems, providing enterprises with a centrally deployed, centrally managed means to guarantee policy compliance, even for networks with hundreds of thousands of machines.
• Complete Security for Borderless Networks - Blink provides the means to isolate and evaluate each machine prior to its reconnection to the network, protecting remote and mobile workers who unintentionally acquire vulnerabilities “in the wild” and introduce them into the corporate network once they reconnect, bypassing perimeter-level network security.   
• System Availability - Blink is unique in that it focuses on the methods of exploitation to protect users from attacks leveraging yet unknown vulnerabilities. This enables Blink to stop the attack before it infects the system without having to identify the unique signature of the attack itself, and therefore keep businesses up and running.

Highlights: Put simply, Blink’s approach to IPS is superior to any other Host-based IPS on the market by a wide margin. Blink is able to protect from any known or unknown intrusion without requiring a signature or having to “learn” system behavior – it does this “out of the box.” Blink’s approach to IPS also enables business continuity, as it does not shut down a system or service in order to protect it (often the goal of the attack). Rather, Blink is able to scan traffic at the TDI and NDIS layers, looking for commands that may result from malware, as opposed to the file itself. If this activity is detected, Blink simply drops the packets and the service continues to operate normally.

As an example, Continental Airlines (a Blink customer) used an anomaly based or “learning” approach, their network “learned” the Blaster worm. Upon installation of a patch, the network blocked this activity, since patching was a significant change and wasn’t “learned,” thus resulting in all systems having to be shut down, the patch installed and run in “learning” mode to operate properly. Blink however, was able to immediately identify the worm—without knowing Blaster’s specific signature—and allowed a patch to be installed without disruption to the network.

Such protection also allows enterprises to defer patching vulnerable machines until regularly scheduled maintenance cycles, thereby saving millions of dollars in lost business disruption and the associated IT resource drain caused by "panic" patching. Blink FORTUNE 500 customers have already moved to a quarterly patching process due its protection.

End-Users: Enterprises of all sizes.

eEye Digital Security
1 Columbia,
Aliso Viejo, CA 92656 USA
Tel: 1-949-900-4100