Check Point Abra

Abra is a USB drive that combines an encrypted USB flash drive with virtualization, VPN and computer security technologies to turn a PC into a secure corporate desktop. By plugging Abra into the USB port of a Microsoft Windows® OS-based PC or laptop, users can launch a secure virtual workspace that is segregated from the host PC. This allows users to securely access company files and applications from any remote location, including insecure host environments such as a hotel business center or Internet café.

Abra uses hardware and software encryption to protect user credentials, documents, and other sensitive data, so that data cannot be compromised in transit or in the event the device is lost. The system uses an authentication process that enforces minimum levels of password strength, as well as certificates and security tokens for multifactor authentication for remote connectivity. The device interfaces with software on a corporate server to support company policies and security updates through security gateways.

History

Abra was first introduced by Check Point Software Technologies Ltd. and SanDisk Corporation in March 2010 to address security and compliance issues for companies with remote employees. Workers have been increasingly demanding remote access to company applications and data. Personal equipment accessing the network can pose a risk to corporate networks, creating a potential avenue for corporate data loss or allowing unsecure connections.

The companies cite that the Abra system provides a solution for companies that want to let their employees purchase and manage their own PCs and laptops, for those needing high security (including encryption) for computing devices outside the workplace, as well as contractors/vendors who require access to the company network while working on site.

Since its release, the product has won industry awards including "IT Product of 2010" by Computerworld and was named one of the “25 Hot Products to Watch” at the 2010 RSA Conference by CRN Magazine.

Technology Architecture

When Abra is inserted into the USB port of any PC, the user is presented with a login screen. Upon successful login, a new explorer.exe instance is started in the Abra Secure Workspace. All subsequent processes are started as child processes of this new explorer.

Abra uses the software installed on the host PC to run applications such as Microsoft Word and Microsoft Excel, but the user’s documents remain secure in the Abra environment – a virtual workspace that runs parallel to the host environment. All file and registry input/output calls for the secure application inside Abra are redirected to the flash drive.

All applications running on the Abra desktop (including the new explorer) operate in a virtual file system and registry. The virtual files and registry data are instantly written to the flash drive and immediately encrypted.

Currently Abra works not on all windows workstations, due to incompatbilty with enterprise client settings, preventing a seamless use.

Specifications

Versions

Awards

• It was distinwished with "The best international innovation" award at the 2010 Information Security Day (ITBN) conference in Hungary.
• It Received the Computerworld Czech Republic's annual "IT Product of the Year" in 2010.

See also

• Check Point VPN-1
• Circuit-level gateway
• Comparison of firewalls
• Firewall
• List of Linux router or firewall distributions
• Packet
• Sandbox (computer security)
• Screened-subnet firewall
• Unified threat management
• Virtual firewall