Network Security

  Check Point logo  
Pure Advantage Check Point CCSP
  Check Point Pure Advantage Silver Partner  

Find out about the IPS Blade...

Today's organizations face an increasing number of security threats across their network- at the perimeter, across the LAN and WAN, and at endpoints.

Check Point Network Security Solutions offer advanced security features such as integrated intrusion prevention, virtualization, gateway antivirus, anti-spam, web content filtering, as well as IPsec and SSL VPN remote access for computers and mobile devices.

Check Point also offers standalone intrusion prevention and SSL VPN solutions that can integrate with your security architecture for a consistent, high level of security throughout your entire organization.

 

  • Firewall / VPN Solutions
  • UTM Appliances
  • Remote Access
  • IPS

Check Point firewall and VPN solutions are used by 100% of the Fortune 100. They enable organizations to protect the entire network infrastructure with a unified security architecture that simplifies management and ensures consistent, up-to-date security everywhere.

In a range of formats with feature sets required for every different size of organization from single site through to enterprise, Check Point's VPN-1 firewall and VPN solutions are available as software only, on a variety of platforms including Check Point's own Secure Platform, in versions optimized for leading platforms including Nokia, IBM and Crossbeam and as appliances.

VPN-1 UTM

Includes firewall, intrusion prevention, antivirus, antispyware, Web application firewall, and both IPSec and SSL VPN, within a single integrated solution.

It includes Check Point's SmartCenter management for completely centralized control, and is supported by SmartDefense Services, which provide real-time updates and configuration advisories for defenses and security policies.

DownloadDownload the Check Point VPN-1 UTM datasheet

VPN-1 Power

Includes an integrated firewall, VPN, and intrusion prevention solution that keeps your business safe and your information available. As part of Check Point's Unified Security Architecture, VPN-1 Power integrates with other Check Point solutions to simplify security management and deployment.

DownloadDownload the Check Point VPN-1 Power datasheet

Secure Platform

Check Point software can be deployed on the dedicated Check Point operating system, Smart Platform (SPLAT) on open servers such as Dell or HP. There is a strong argument for this.

SecurePlatform is a complete hardened operating system specifically optimised for Check Point's own security products. It comes on a CD from which both the operating system and the products are installed.

SecurePlatform is termed a virtual appliance with all the benefits of an appliance but none of the costs.

Benefits of SecurePlatform

  • The operating system is hardened by Check Point
  • No incompatibility issues, because Check Point provides both the O/S and the products
  • SecurePlatform offers incredible performance compared to equivalent platforms. An standard entry level PC will do 200Mbps of firewall throughput.
  • Rock solid, mature and robust platform.
  • Easy to manage remote SecurePlatform systems.
  • Upgrades to both the SecurePlatform operating system and the products can be installed on SmartCenter Management and pushed out to remote sites
  • Provides additional features including automated backups security configuration
  • Offers fast recovery of failed hardware systems. The SecurePlatform CD can be booted in a new or repaired machine and point it at a backup.
  • There is no charge for SecurePlatform it is free.

Metadigm and Secure Platform

Metadigm has installed many SecurePlatform systems from single sites to multisite high performance HA systems for multi-national companies around the globe.

The most common solution used by our customers is to build SecurePlatform systems on 1U rackmount servers from Dell or HP. Most 1U platforms have two-gigabit ethernet ports onboard. Typically we use VLANs so each firewall has a gigabit trunked port connected to a switch.

DownloadDownload the SecurePlatform Datasheet

High Availability Gateway and Management: Low cost and High Value

A typical 3 machine configuration two Check Point Firewall/VPN gateways and a separate Smartcenter management station providing a High Availability cluster can be built for less than £2,000 plus the cost of the Check Point software.

If you are a Dell, HP/Compaq or IBM house you can buy the machines from your current supplier to slot into your existing infrastructure under your maintenance contract. Alternatively, we are happy to supply hardware. SecurePlatform works on a wide range of other platforms.

Back to top

Check Point UTM appliances combine a unified set of proven security technologies with easy to use deployment and management features, all with a single point of support for both hardware and software.

The UTM-1 appliance range offers a choice of models to suit any size of requirement for small and medium-sized sites up to large enterprise deployments.

With a firewall, VPN gateway, anti virus and anti spyware, intrusion prevention, web security, URL filtering and messaging security, as well as management and support, these appliances provide a complete solution.

All Check Point appliances are built around a unified security architecture, enabling organizations to perform all aspects of security management via a single, unified console. This offers customers the flexibility to deploy a complete security solution on their choice of hardware platform.

DownloadDownload the Check Point Open Choice brochure

Mid-to-large scale deployments: UTM-1 Total Security appliances

For mid-to-large scale deployments, and based on the same Check Point technologies that secure the Fortune 500, UTM-1 Total Security Check Point UTM-1 Total Securityappliances offer a complete set of security features including:

  • Firewall
  • Intrusion prevention with SmartDefense type-based protections and security updates
  • IPSec and SSL VPN for remote access connectivity
  • Antivirus
  • Anti-spyware
  • Messaging security including anti-spam
  • VoIP security
  • Instant messaging (IM) and peer-to-peer (P2P) blocking
  • Web security with URL filtering and integrated security for Web applications
  • Centralized management via a single console for multiple sites 

DownloadDownload the UTM-1 Total Security datasheet

Check Point UTM-1 1070, Check Point UTM-1 2070

The UTM-1 Total Security solution offers a 3-year, all-inclusive package that includes the appliance-based UTM features, hardware warranty, and software and security updates.

Talk to Metadigm about enhancing your Check Point Total Security Solution with a Metadigm Remote Support or Management Contract.

UTM-1 Total Security appliances can be managed on a standalone basis via a single console and interface that is pre-installed and licensed on the system. UTM-1 Total Security and standard UTM appliances contain both the gateway and SmartCenter server, so both the gateways and the SmartCenter servers can be clustered to provide a High Availability solution.

Alternatively, if the UTM-1 Total Security appliance is to be used as part of an existing or wider Check Point estate, it can be managed via your Check Point SmartCenter.

Request an evaluation of a Check Point UTM-1 Total Security appliance

Small to mid-size deployments: UTM-1 Edge appliances

UTM-1 appliances offer easy-to-use deployment, a range of security features and in-built management features for small to medium size sites with small numbers of users

There are different UTM-1 Edge appliance models, both wired and wireless, for different sizes of deployments and offices. All Edge appliances offer a range of security applications in a single, easy-to-manage solution including:Check

  • Firewall
  • Intrusion prevention
  • IPSec VPN for remote access connectivity*
  • Antivirus
  • Instant messaging (IM) and peer-to-peer (P2P) blocking
  • Option of integrated wireless LAN or ADSL interfaces
  • Option of chassis designed for industrial environments

*Requires Endpoint Security Single Agent on client machine

DownloadDownload the UTM-1 Edge datasheet:

Quality of Service for VPN-1

Traffic congestion on your network can be eliminated with FloodGate-1, a policy-based Quality of Service (QoS) solution for VPNs, private WANs, and Internet links.

FloodGate-1 optimizes network performance by assigning priority to business-critical applications and end users. Employee productivity remains high, your business is properly supported, and online experiences are positive. FloodGate-1 can be deployed with VPN-1/FireWall-1 or act as a standalone solution.

Benefits

  • Integrated VPN, firewall, and QoS devices
  • Guaranteed bandwidth
  • Optimal performance for mission-critical traffic
  • Proactive management of network costs

DownloadDownload a datasheet on Check Point Floodgate-1

Check Point secure Remote Access Solutions allow travelling, home-based and other remote employees to securely gain access to partners to the information they need, without creating a security risk for the organization.

Solutions include client and clientless VPN access to connect a diverse mix of remote users with the strong security safeguards and unified management.

Connectra is a complete Web Security Gateway that provides SSL VPN access and comprehensive endpoint and integrated intrusion prevention security in a single, unified remote access solution.

Check Point Connectra Available in either software or appliance format, the Connectra SSL VPN gateway provides secure browser-based remote access to email, web applications and file shares. Included with Connectra, the SSL Network Extender browser plug-in provides network-level access to client/server applications over SSL.


Benefits

  • Secure SSL VPN remote access
  • Comprehensive endpoint security
  • Integrated intrusion prevention
  • Protects against new threats through SmartDefense Services
  • Appliance or software platforms

See also:  Authentication: Solutions for secure 2-factor strong remote network log on
Aladdin eToken:  Multi purpose token-based strong authentication solutions
RSA:  Strong authentication solutions

DownloadDownload the Connectra datasheet

DownloadDownload the AT Kearney case study on Connectra

SSL Network Extender

SSL Network Extender is a browser plug-in that provides SSL VPN-based clientless remote access, while delivering full network connectivity for any IP-based application.

SSL VPNs are a great remote access solution because they don't require IT departments to upgrade and manage client software - all a user needs is a Web browser.

However, remote users still need to access network applications. SSL Network Extender is a browser plug-in that provides clientless remote access, while delivering full network connectivity for any IP-based application.

SSL Network Extender adds SSL VPN functionality to the IPSec VPN capabilities of VPN-1 gateways, simplifying remote access deployment while providing maximum flexibility for any type of remote access scenario. SSL Network Extender is also available with Connectra.

Benefits

  • Network-level connectivity over SSL VPN
  • Support for all IP-based applications
  • IPSec and SSL VPN deployment flexibility
  • Integrated with Check Point VPN-1

DownloadDownload the SSL Network Extender White Paper

Back to top

Check Point intrusion prevention solutions provide precise, real-time attack mitigation, granular forensic analysis and flexible deployment options. They are delivered as dedicated IPS appliances or software, and as intrusion prevention functionality integrated into Check Point gateways.

Check Point IPS-1

The IPS-1 is a dedicated intrusion detection and prevention system (IDS/IPS) available as an appliance or as open platform software, that helps organizations secure their enterprise network, and protect servers and critical data against worms, automated malware, and blended threats both known and unknown.

IPS-1 includes management tools via an intuitive centralized interface with graphical management tools that allow a system administrator to quickly identify and act on threats to the network. These are unified with the Check Point security architecture, providing the familiar, intuitive Check Point interface, and this reducing training costs and Administrator overhead.

DownloadDownload the Check Point IPS-1 datasheet

SmartDefense

Check Point integrates SmartDefense intrusion prevention functionality into all its enforcement points and gateways. Its protections are updated by SmartDefense Services which maintain current preemptive security for the Check Point security infrastructure via ongoing and real-time updates and configuration advisories for defenses and security policies.

Components of SmartDefense Services include:

  • Advisories:  Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities - usually before exploits are created by hackers
  • Security Best Practice:  The latest security recommendations from Check Point.
  • Defence Updates:  Pre-emptive, ongoing and real-time updates to defenses and security policies.
  • Program Advisor for Check Point Endpoint Security:  A database of malicious and benign applications; automates creation of network access and malware termination policies.
  • Anti-Virus and Anti Spyware Information

DownloadDownload a white paper on IPS Best Practice

Back to top


 

What next?

Contact Check Point Partner Metadigm about Check Point R70 Software Blades Email Metadigm

Name* Phone* Company Email
           

Related:  Check Point overview | Check Point services | Network security | Endpoint security | Software Blades | Management