Introduction to IoT Security
Check Point IoT Security secures your network's Internet of Things (IoT) assets from cyber attacks. IoT Security protects IoT assets that are discoverable by the Check Point Security Gateway and managed by the Check Point Security Management Server. It connects to the Check Point Security Gateway to discover the IoT assets in your network and uses the Check Point Security Management Server to enforce the security policies for the IoT assets.
IoT Security:
-
Automatically discovers IoT assets in your network.
-
Allows you to enforce security policies on the IoT assets.
-
Provides autonomous Zero Trust Network Access (ZTNA) protection.
How it Works
When you integrate IoT Security with your Check Point Quantum Security Gateway, it automatically creates the profiles necessary to discover IoT assets connected to the Security Gateway. During the integration, an agent is installed on the Security Gateway to collect and share the assets’ metadata with IoT Security. IoT policies are generated from the Check Point Portal, sent to the Security Management Server and then enforced on the Security Gateway.
Supported Security Gateways and Security Management Servers
IoT Security is supported on these Security Gateways and Security Management Servers:
|
Gateway / Server |
Supported Version |
|---|---|
|
Security Gateways |
|
|
Security Gateways in the Gateway mode |
R81.20 and higher |
|
Cluster* of Security Gateways |
R81.20 and higher |
|
Quantum Spark Appliances |
|
|
Quantum Spark Appliances |
R81.10.00 and higher |
|
Cluster* of Quantum Spark Appliances |
R81.10.00 and higher |
|
Security Management Server |
|
|
Security Management Server |
R81.20 and higher |
|
Multi-Domain Security Management Server with single domain |
R81.20 and higher |
|
ElasticXL, Quantum Maestro and Scalable Chassis (Scalable Platforms) |
R81.20 and higher |
* Supported cluster types are:
-
High Availability
-
Load Sharing
-
Active-Active
Limitations
IoT Security:
-
Does not support Security Gateways / Clusters in the VSNext mode.
-
Does not support VSX Cluster and Traditional VSX on Scalable Platforms (ElasticXL, Quantum Maestro and Scalable Chassis).
-
Does not support IPv6 enforcement and discovery.