049
ENTERPRISE SECURITY BLUEPRINT
CHECK POINT SOFTWARE-DEFINED PROTECTION
CP
SDP
It is critical that threat prevention controls are fed with up-to-date threat intelligence. To that effect,
Check Point built a unique cloud-based threat intelligence big data and protection generator, Check
Point ThreatCloud™.
Check Point ThreatCloud enables a collaborative way to fight cybercrime, delivering real-time
security threat intelligence converted into security indicators to the control layer.
At last count, ThreatCloud contained over 11 million
malware signatures, 2.7 million malware-infested sites and
over 5,500 different botnet communication patterns.
ThreatCloud is constantly updated with new threat
information from a worldwide network of sensors, third party feeds, Check Point security
researchers, security research organizations and Check Point gateways. Check Point enforcement
points get updated with real time security indicators from ThreatCloud. In this collaborative
process, if one company is attacked with malware, the relevant attack information is instantly shared
with ThreatCloud. A signature of the attack is added to the massive database, and is leveraged
instantaneously by all other customers.
Next Generation Firewall and Data Protection
Access control and data protection are critical to secure desired business processes by defining the
interactions between users and data within the network.
Check Point access control is based on our next generation firewall combined with multiple
software blades and enables a unified context-based security policy. It includes the following capabilities:
Next Generation Firewall and VPN
– Check Point patented Stateful Inspection
provides a flexible infrastructure for layering security protections by providing an
engine for network inspection at all network, application and data layers.
Data and Content Awareness
– is based on Check Point DLP software
blade and features a large set of automatic classifications technologies
available to determine the specific importance of each document.
Application Control
–offers protectionwith the industry’s largest web application
library, supporting over 5,000 applications and 300,000 widgets. Application traffic
is monitored, selectively blocked and/or rate-limited to enforce any enterprise
security policy. Tightly integrated with URL Filtering, Application Control also
supports reputation and categorization-based protections for enforcing dynamic
enterprise security policies.
User Identity Awareness
– User identity Awareness - supports advanced
security policies based on the user’s identity. Check Point security gateways and
endpoint hosts share user identity and endpoint status information, providing a
cooperative enforcement capability across the enterprise.
