1. Application that prevents computers from being controlled by hackers. 2. Check Point Software Blade that inspects network traffic for malicious bot software.
A solution to protect a computer or network against self-propagating programs or processes that can cause damage.
A searchable application library, for Check Point Application Control and URL Filtering, with details about known Web applications and social networking widgets. (Also: AppWiki)
1. To stop traffic before it reaches its destination. 2. To stop a command from execution. 3. To deny access by rule (though allowed by permission).
Malicious software that neutralizes Anti-Virus defenses, connects to a Command and Control center for instructions from cyber criminals, and carries out the instructions.
A performance-enhancing technology for Security Gateways on multi-core processing platforms.
Call Session Control Function. A set of roles for SIP servers or proxies that handle SIP signal packets in the IP Multimedia Subsystem (IMS).
A CLI tool that lets administrators make changes to objects in the Check Point databases. We recommend that administrators use the tool instead of when not using scripts.
An authentication, authorization and accounting protocol that has many features not included in the legacy RADIUS protocol.
An extension to the Diameter base protocol (as defined in RFC6733). Each application contains one or more commands and/or attributes. Applications are typically associated with an RFC.
Data Loss Prevention. Detects and prevents the unauthorized transmission of confidential information.
Dead Peer Detection. A methodology for the detection of a failed IKE peer. It can reclaim lost resources when a peer fails or trigger an IKE peer failover.
To not allow packets through the gateway, blocking the connection.
1. A record of a security incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy. 2. In Media Encryption, a device connects to an endpoint computer. 3. In SmartLSM, an object with schedule settings for the Security Gateway to fetch its security policy. 4. In Endpoint Security, an object with schedule settings for Active and Standby server synchronization.
Gateway GPRS Support Node. The main component of a GPRS network that is responsible for communication between the GPRS network and external, packet-switched networks, such as the Internet.
General Packet Radio Service. A packet-oriented, mobile data service that works over Global System for Mobile Communication (GSM) networks.
Global System for Mobile Communications. An international standard that defines protocols for second generation digital cellular networks used by mobile phones.
GPRS Tunneling Protocol. A set of IP-based communication protocols that handle GPRS traffic over GSM, UMTS and LTE networks.
A graphical interface tool for administrators to change objects in Check Point databases.
High Speed Packet Access. An improved third generation mobile communication protocol that significantly enhances data transfer. It is a combination of two protocols:
HSUPA - High Speed Uplink Packet Access
HSDPA - High Speed Downlink Packet Access
Internet Key Exchange. An Encryption key management protocol for IPSec that creates a shared key to encrypt and decrypt IP packets and establishes a VPN tunnel and Security Association.
Intrusion Prevention System. Check Point Software Blade that inspects and analyzes packets and data for numerous types of risks.
IPv4 embedded IPv6 address
An IPv6 address where the rightmost 32 bits are a valid IPv4 address.
Long Term Evolution. A fourth generation communication standard for high-speed wireless communication for mobile phone and data terminals. It is based on GSM and UMTS/HSPA network technologies.
Packet Data Protocol. A packet transfer protocol used in wireless GPRS/HSDPA networks.
Check Point product that accelerates IPv6 and IPv4 traffic. Installed on Security Gateways for significant performance improvements.
Public Land Mobile Network. A network established and operated by a recognized operating agency to supply land/mobile telephony and data services.
Public Switched Telephone Network. A collection of public circuit-switched telephone network, including telephone lines, fixed lines, microwave transmission links, cellular networks, and satellite communication.
Remote Access Community
A group of computers, appliances, and devices that access, with authentication and encryption, the internal protected network from physically remote sites.
Remote Access VPN
An encryption tunnel between a Security Gateway and remote access clients, such as Endpoint Security VPN, and communities.
A set of traffic parameters and other conditions that cause specified actions to be taken for a communication session.
The database that contains the rules in a security policy and defines the sequence in which they are enforced.
Security Association. A VPN tunnel where all hosts on one or more subnets are associated with the tunnel. By default, Check Point VPN tunnels are created between subnets, rather than hosts.
Stream Control Transmission Protocol. A message-based, multi-streaming transport layer protocol commonly used in telephony applications.
A computer or appliance that inspects traffic and enforces Security Policies for connected network resources.
Security Management Server
The application that manages, stores, and distributes the security policy to Security Gateways.
A collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources through the use of packet inspection.
Serving GPRS Support Node. The component of a GPRS network that is responsible for delivery of data packets to and from mobile stations in its geographical service area.
Session Initiation Protocol. A signaling protocol used for controlling multimedia communication sessions, such as voice and video calls over an IP network.
A Check Point client used to create and manage the security policy.
Physical server that hosts the events database.
A software blade is a security solution based on specific business needs.
Each blade is independent, modular and centrally managed. To extend security, additional blades can be quickly added.
A cloud database with more than 250 million Command and Control (C&C) IP, URL, and DNS addresses and over 2,000 different botnet communication patterns, used by the ThreatSpect engine to classify bots and viruses.
A unique multi-tiered engine that analyzes network traffic and correlates data across multiple layers (reputation, signatures, suspicious mail outbreaks, behavior patterns) to detect bots and viruses.
Gives users a warning when there is a potential risk of data loss or security violation. This helps users to prevent security incidents and to learn about the organizational security policy.
Universal Mobile Telecommunications System. A third generation, packet-based, mobile cellular technology for networks based on the GSM standard.