Check Point IPS Software Blade
Delivers complete and proactive intrusion prevention

Benefits:

Next-generation security prevention, protection and performance

• Industry-leading IPS and firewall-as tested NSS Labs-delivers 1,000s of signature, behavioral and preemptive protections
• Check Point is ranked #1 in Microsoft and Adobe threat coverage
• Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall

Unrivaled, multi-Gigabit performance in an integrated IPS

• Up to 15 Gbps of IPS and 30 Gbps of firewall throughput
• Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput
• CoreXL technology provides the most efficient and high-performance use of multi-core technologies

Lowest TCO and fastest ROI of any enterprise-class firewall solution

• One-click activation of IPS and firewall protection on any Check Point gateway
• Delivers unmatched extensibility and flexibility-all without adding CapEx
• Integrated into Check Point Software Blade Architecture for on-demand security

Features:

Preemptive Security Updates

Patching is an incomplete security measure, which can leave your network open for attack. By taking a more comprehensive approach, which combines robust IPS functionality with a concerted patching strategy, network administrators can better equip themselves to handle ‘Patch Tuesdays’ and secure the network between upgrades and patches. Let your Check Point Next-Gen Firewall do the security updates for you. Virtual patching is seamless when protections are updated automatically every 2 hours on the Check Point management server and security gateways. In addition new protections are flagged for follow-up ensuring admins stay on top of any changes to their IPS policy.

Painless Deployment

Reduce deployment time and costs by leveraging existing security infrastructure. Optional detect-only mode sets all your existing protections to only detect, but not block, traffic to allow you to evaluate your profile without risking disruption. Simply enable IPS on your existing Check Point Next Generation Firewall. IPS is included in the NGFW package. Want protection from more advanced zero-day and threats in files? Enable antivirus, Anti-bot and SandBlast (sandboxing) Zero-day protection. IPS is also included in the Next Gen Threat Prevention and the SandBlast packages.

Predefined default and recommended profile settings allows for immediate and easy out-of-the-box use with profiles tuned to optimize security or performance.

Each protection is described with 3 attributes; Severity, Confidence and Performance Impact. Protection profiles allow administrators to define signature and protection activation rules that match the security needs of their network assets.

Unified Threat Management

IPS is configured and managed through a single Check Point management interface. This includes tightly integrated event management. Achieve an unmatched level of visibility to detect and prevent threats. Check Point IPS seamlessly integrates with SmartEvent enabling SOC (Security Operations Center) staff to respond to the highest priority events first, saving them time.

Track events through detailed reports and logs of what is most important to simplify threat analysis and reduce operational overhead. Customizable reports provide easy monitoring of critical security events associated with your business-critical systems. Directly from the security event, go to the associated protection, create an exception or view packet captures.

IPS Tags

In addition to severity, confidence and performance impact you can also activate and deactivate IPS protections using these attributes or tags; vendor (400+), product (600+), threat year, file type, protocol and the effect of the vulnerability such as information disclosure and DoS. This allows security administrators to create an IPS policy that better fits their environment. Profiles and protection attributes greatly simplify management of over 8,000 IPS protections. In your security logs there is a wealth of information about your organization. This includes newly installed applications that may be vulnerable. Analysis will identify these applications and you can then use an IPS tag to activate IPS protections to virtually patch any vulnerable applications found.

IPS Best Practices

SmartEvent pre-defined views reveals IPS protections in Detect mode that can safely be moved to prevent mode. Most important are the ones where a detect event occurred, but the connection was not prevented by the IPS because of the Detect setting. IPS security best practice number one is to follow up on these events.

Scalable Tbps IPS Performance

Check Point was the first to exploit the performance capabilities of industry standard multi-core processors for IPS, bringing intelligent load-balancing among cores to enable fast, fully-integrated IPS functions in one firewall. Now with Maestro Hyperscale network security, customers can distribute load across multiple Check Point firewalls in N + 1 clusters to achieve over a Terabit per second of IPS throughput. With Check Point IPS technologies, you can have confidence that your organization’s network will get top performance and full functionality without compromising on security.

Specifications:

Documentation:

Download the Check Point Intrusion Prevention Systems Datasheet (PDF).