Check Point GO Secure Portable Workspace- Run un-approved Program in Virtual Desktop - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Saturday, September 20, 2014

Check Point GO Secure Portable Workspace- Run un-approved Program in Virtual Desktop

Checkpoint has nice starting tutorial page for GO stick user. I had a chance to play with it and found one interesting thing to run some un-approved application  in the Checkpoint GO Secure Portable Workspace.

With USB Checkpoint GO Stick, user got a chance to launch Check Point GO Virtual desktop. Based on Page 9 at CP_GO_UserGuide.PDF,
"only a limited number of pre-approved applications are allowed to run. By default, the virtual desktop does not allow you to:
  • Print
  • Customize the desktop
  • Perform any system configuration
If you need this kind of functionality, or another program added to the list of approved applications, contact
your system administrator.
After double clicked the GO.exe file from the GO usb stick, you will get a password window to launch GO Desktop.

You can log into Secure Workspace or Folder Mode.

In Advanced button, you can get more information regarding this Check Point GO Stick such as serial no, firmware version. Also change the password on the stick.

Later after you launched GO desktop, you can switch it back to host , or from host switch to GO desktop by right click GO icon at the task bar.

After GO.exe verified your password, GO desktop will show in the screen to replace your original desktop. It looks like windows remote desktop.

On the right bottom, there is remote vpn client for securely accessing resources on the corporate enterprise. After you right clicked icon, choose connect. Your pre-defined remote gateway will be connected and build remote vpn with it from your current Secure Desktop.

One interesting thing I found is to it is possible to run host application which is not approved by security policy. I did see a putty program icon on the virtual desktop. By right click it and click Properties, you will get application properties window. There is find target button and once you clicked it, a host system32 folder will be brought up. Then you could browse to other folder and run other applications on the host.

Why is it happening? I will continue working on to figure it out.

No comments:

Post a Comment