Check Point Next-Generation Threat Prevention
Home — PartnersCheck Point — Check Point Next-Generation Threat Prevention

Check Point Next-Generation Threat Prevention software bundles provide organizations of all sizes — from small, midsize and large enterprises with comprehensive protection against known and unknown threats using two simple packages — Check Point Next-Generation Threat Extraction (NGTX) and Check Point Next-Generation Threat Prevention (NGTP). Comprehensive threat protection is available in two simple packages for Check Point appliances. Next-Generation Threat Extraction (NGTX) — Includes multi-layered protection from known threats AND zero-day attacks using SandBlast Threat Emulation, SandBlast Threat Extraction, Antivirus, Anti-bot, IPS, App Control, URL Filtering and Identity Awareness. Check Point Next-Generation Threat Prevention (NGTP) — Includes multi-layered protection from known, signature-based threats including Antivirus, Anti-Bot, IPS, App Control, URL Filtering and Identity Awareness.

Real-time security intelligence delivered from ThreatCloud. Leverage the industry’s first collaborative network to fight cybercrime. Identify over 280 million addresses analyzed for bot discovery, over 12 million malware signatures and 1 million malicious websites. Dynamically update attack information from worldwide network of sensors and industry’s best malware feeds. Combine information on remote operator hideouts, botnet communication patterns and attack behavior to accurately identify bot outbreaks. Receive up-to-the-minute bot intelligence from the ThreatCloud knowledgebase, including zero-day bot attacks discovered by Check Point Next-Generation Threat Prevention. Protection from malicious downloads and applications. Identify website delivering malware and prevent malicious files from being downloaded, acceleration technologies ensure high threat prevention performance, and enable specific applications while blocking risky or insecure applications.

Check Point Next-Generation Threat Prevention — SandBlast Threat Emulation

As part of the Check Point SandBlast Zero-Day Protection solution, Threat Emulation prevents infections from new malware and targeted attacks. This innovative zero-day threat sandboxing capability within the SandBlast solution delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. Highest catch rate to protect your organization from unknown malware, zero-day and targeted attacks. Detect and block new, unknown malware and targeted attacks found in email attachments, downloaded files, and URLs to files within emails. Provide protection across one of the widest range of file types including, MS Office, Adobe PDF, Java, Flash, executables, and archives, as well as multiple Windows OS environments. Uncover threats hidden in SSL and TLS encrypted communications. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches. Identify even the most dangerous attacks in their infancy using unique CPU-level inspection.

Antivirus Software Blade

The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly based protections from ThreatCloud, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected. ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends. ThreatCloud powers the Antivirus Software Blade allowing gateways to investigate always-changing malware signatures. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real-time. ThreatCloud’s knowledgebase is dynamically updated using attack information from worldwide gateways, feeds from a network of global threat sensors, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.

URL Filtering Software Blade

The Check Point Next-Generation Threat Prevention URL Filtering Software Blade provides optimized web security through full integration in the gateway to prevent bypass through external proxies. Integration of policy enforcement with Application Control means enhanced Web and Web 2.0 protection, and UserCheck technology empowers and educates users on web usage policy in real-time. The URL Filtering Software Blade is a key component of the Secure Web Gateway. Utilize a dynamically updated database of over 200 Million Websites to allow, block or limit website access in real-time — all web site traffic, clear and SSL-encrypted. Choose from 64 pre-defined content categories. Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passing through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver. Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy.
Check Point Next-Generation Threat Prevention

Antivirus

The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly based protections from ThreatCloud, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected. ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends.

ThreatCloud powers the Antivirus Software Blade allowing gateways to investigate always-changing malware signatures. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real-time. ThreatCloud’s knowledgebase is dynamically updated using attack information from worldwide gateways, feeds from a network of global threat sensors, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.

Mobile Security

Using smartphones and tablets to access critical business information on the go has many benefits, but can expose your sensitive data to risk. Check Point’s SandBlast Mobile protects your devices from advanced mobile threats, ensuring you can deploy and defend devices with confidence. Check Point SandBlast Mobile is the industry’s only unified, cross-platform solution to protect enterprises from mobile breaches. An extension of Check Point’s SandBlast family of products, SandBlast mobile detects and blocks attacks before they become widespread.

Only Check Point provides a complete mobile security solution that protects devices from threats on the device (OS), in apps, and in the network, and delivers the industry’s highest threat catch rate for iOS and Android. Check Point SandBlast Mobile uses malicious app detection to find known and unknown threats by applying threat emulation, advanced static code analysis, app reputation and machine learning.

Sandboxing

As part of the Check Point SandBlast Zero-Day Protection solution, Threat Emulation prevents infections from new malware and targeted attacks. This innovative zero-day threat sandboxing capability within the SandBlast solution delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. Highest catch rate to protect your organization from unknown malware, zero-day and targeted attacks. Detect and block new, unknown malware and targeted attacks found in email attachments, downloaded files, and URLs to files within emails.

Provide protection across one of the widest range of file types including, Microsoft Office, Adobe PDF, Java, Flash, executables, and archives, as well as multiple Microsoft Windows OS environments. Uncover threats hidden in SSL and TLS encrypted communications. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches. Identify even the most dangerous attacks in their infancy using unique CPU-level inspection.

Threat Prevention

The Next-Generation Threat Prevention software bundles provide organizations of all sizes — from small, midsize and large enterprises with comprehensive protection against known and unknown threats using two simple packages: Next Generation Threat Extraction (NGTX) and Next-Generation Threat Prevention (NGTP). Comprehensive threat protection is available in two simple packages for Check Point appliances. Next-Generation Threat Extraction (NGTX): Includes multi-layered protection from known threats AND zero-day attacks using SandBlast Threat Emulation, SandBlast Threat Extraction, Antivirus, Anti-bot, IPS, App Control, URL Filtering and Identity Awareness.

Next-Generation Threat Prevention (NGTP): Includes multi-layered protection from known, signature-based threats including Antivirus, Anti-Bot, IPS, App Control, URL Filtering and Identity Awareness. Supported on small, midsize and large-scale data center appliances, the NGTX and NGTP software bundles provide advanced threat protection against known threats, zero-day malware and even the most sophisticated attacks.

URL Filtering

The Check Point URL Filtering Software Blade provides optimized web security through full integration in the gateway to prevent bypass through external proxies. Integration of policy enforcement with Application Control means enhanced Web and Web 2.0 protection, and UserCheck technology empowers and educates users on web usage policy in real-time. The URL Filtering Software Blade is a key component of the Secure Web Gateway.

Utilize a dynamically updated database of over 200 Million Websites to allow, block or limit website access in real-time — all web site traffic, clear and SSL-encrypted. Choose from 64 pre-defined content categories. Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passing through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver. Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy.