Today it is very important to use a current web browser to surf the web to limit the attacks that can be delivered to the client while surfing a malicious web site.The use of Microsoft Internet Explorer 6 for example causes a high security risk. This is why Check Point has implemented an IPS protection to detect or prevent the use of IE6.

To achieve a more granular control over the Internet Explorer version or to detect an other browser one can use the Application Control blade.Just add the browser as Application to the policy:

Example scenario:

Your organisation uses only Internet Explorer 7 or higher and keeps this browsers updated over automatic software distribution mechanisms.

Internet Explorer version 6 or prior as well as other browsers are not supported and not updated automatically and thereby cause a security risk for your company.Maybe someone just installed this software on his own or uses a portable application.

With Application Control blade you can detect this and send a UserCheck notification to the user. So he’s informed that this software does not comply with the company policy and that he needs to contact desktop service to get a current software install.

I think this is a nice example on how to detect issues and inform the user to make him aware – without limiting his ability to work on the other hand.