Growing networks, disruptive technologies, and the proliferation of interconnected devices demand a new approach to managing security. Check Point Security Management Infinity architecture consolidates management of multiple security layers, providing superior policy efficiency and enabling to manage security through a single pane of glass. The single management centrally correlates all types of events across all network environments, cloud services and mobile infrastructures. The key to managing security complexity is to bring all security protections and functions under one umbrella. With R80.10, security consolidation is fully realized. One console: A single platform manages the entire IT infrastructure—from the data center to private/public cloud deployments—for security efficiency and consistency. Unified policy: Policy management is unified so you can create and monitor these policies harmoniously. One single policy manages your users, devices, applications, data and networks.
With Check Point Security Management unified policy, you also get unparalleled granular control over policy. The R80.10 API makes it easy to integrate securely with orchestration, change management and ticketing systems. With the ability to control exactly what that integration can and cannot do, organizations have the confidence to embed security into their IT ecosystem. Organizations need a single visual dashboard for event analysis, threat monitoring and mitigation to ensure full visibility into threats across the network. Data must be collected from all gateways deployed and correlated with external threat intelligence sources to provide contextual information. Risk managers are able to look at high-level alerts, drill down to specifics and analyze correlated data. Ability to turn on automated responses, stop attacks. With proactive threat mitigation, you can fine-tune defenses and anticipate the next attack.
Better align security to keep pace with dynamic business and network environments. Next Generation Policy now gives you the ability to have one policy for users, data, applications and networks provide unparalleled granular control and consistent security. Each policy can be segmented into manageable sections, or policy layers, to align with your network or business needs. Ensure security consistency across your entire organization. With Unified Policy Management, you have one policy for users, data, applications and networks. Each policy is also easily segmented into manageable sections, or policy layers, for easy delegation or automation of tasks. R80 Policy Management is integrated into the R80 Security Management platform. It is also available with SMART-1 Appliances. A single policy scales to manage the most complex environments, and is capable of managing millions of objects and thousands of rules.
The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly based protections from ThreatCloud, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected. ThreatCloud is a collaborative network and cloud—driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends.
ThreatCloud powers the Antivirus Software Blade allowing gateways to investigate always—changing malware signatures. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real—time. ThreatCloud’s knowledgebase is dynamically updated using attack information from worldwide gateways, feeds from a network of global threat sensors, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.
Using smartphones and tablets to access critical business information on the go has many benefits, but can expose your sensitive data to risk. Check Point’s SandBlast Mobile protects your devices from advanced mobile threats, ensuring you can deploy and defend devices with confidence. Check Point SandBlast Mobile is the industry’s only unified, cross—platform solution to protect enterprises from mobile breaches. An extension of Check Point’s SandBlast family of products, SandBlast mobile detects and blocks attacks before they become widespread.
Only Check Point provides a complete mobile security solution that protects devices from threats on the device (OS), in apps, and in the network, and delivers the industry’s highest threat catch rate for iOS and Android. Check Point SandBlast Mobile uses malicious app detection to find known and unknown threats by applying threat emulation, advanced static code analysis, app reputation and machine learning.
As part of the Check Point SandBlast Zero—Day Protection solution, Threat Emulation prevents infections from new malware and targeted attacks. This innovative zero—day threat sandboxing capability within the SandBlast solution delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. Highest catch rate to protect your organization from unknown malware, zero—day and targeted attacks. Detect and block new, unknown malware and targeted attacks found in email attachments, downloaded files, and URLs to files within emails.
Provide protection across one of the widest range of file types including, MS Office, Adobe PDF, Java, Flash, executables, and archives, as well as multiple Microsoft Windows OS environments. Uncover threats hidden in SSL and TLS encrypted communications. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches. Identify even the most dangerous attacks in their infancy using unique CPU—level inspection.
The Next Generation Threat Prevention software bundles provide organizations of all sizes—from small, midsize and large enterprises with comprehensive protection against known and unknown threats using two simple packages: Next Generation Threat Extraction (NGTX) and Next Generation Threat Prevention (NGTP). Comprehensive threat protection is available in two simple packages for Check Point appliances. Next Generation Threat Extraction (NGTX): Includes multi—layered protection from known threats AND zero—day attacks using SandBlast Threat Emulation, SandBlast Threat Extraction, Antivirus, Anti—bot, IPS, App Control, URL Filtering and Identity Awareness.
Next Generation Threat Prevention (NGTP): Includes multi—layered protection from known, signature—based threats including Antivirus, Anti-Bot, IPS, App Control, URL Filtering and Identity Awareness. Supported on small, midsize and large—scale data center appliances, the NGTX and NGTP software bundles provide advanced threat protection against known threats, zero-day malware and even the most sophisticated attacks.
The Check Point URL Filtering Software Blade provides optimized web security through full integration in the gateway to prevent bypass through external proxies. Integration of policy enforcement with Application Control means enhanced Web and Web 2.0 protection, and UserCheck technology empowers and educates users on web usage policy in real—time. The URL Filtering Software Blade is a key component of the Secure Web Gateway.
Utilize a dynamically updated database of over 200 Million Websites to allow, block or limit website access in real—time—all web site traffic, clear and SSL—encrypted. Choose from 64 pre—defined content categories. Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passing through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re—encrypts, sending the newly encrypted content to the receiver. Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy.