Terms
Action
What a Software Blade does to traffic that matches a rule.
Affinity
The assignment of a specified process, Firewall instance, VSX Virtual System, interface or IRQ with one or more CPU cores.
Anti-Bot
1. Application that prevents computers from being controlled by hackers. 2. Check Point Software Blade that inspects network traffic for malicious bot software.
Ask
UserCheck rule action that blocks traffic and files and shows a UserCheck message. The user can agree to allow the activity.
Detect
UserCheck rule action that allows traffic and files to enter the internal network and logs them.
Event
A record of a security incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy.
Indicator
Pattern of relevant observable malicious activity in an operational cyber domain, with relevant information on how to interpret it and how to handle it.
Malware Database
The Check Point database of commonly used signatures, URLs, and their related reputations, installed on a Security Gateway and used by the ThreatSpect engine.
Observable
An event or a stateful property that can be observed in an operational cyber domain.
Policy
A collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources through the use of packet inspection.
Prevent
UserCheck rule action that blocks traffic and files and can show a UserCheck message.
Rule
A set of traffic parameters and other conditions that cause specified actions to be taken for a communication session.
Security Gateway
A computer or appliance that inspects traffic and enforces Security Policies for connected network resources.
Security Management Server
The application that manages, stores, and distributes the security policy to Security Gateways.
Security Policy
A collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources through the use of packet inspection.
SmartDashboard
A Check Point client used to create and manage the security policy.
SmartView Tracker
A Check Point SmartConsole used to track and give audit information on real-time traffic, status of Software Blades, connections, activities, and events.
STIX
Structured Threat Information eXpression. A language that describes cyber threat information in a standardized and structured way.
Threat Emulation
Protects against new malware. Virtual computers open files and are monitored for unusual and malicious behavior.
Threat Emulation Private Cloud Appliance
A Check Point appliance that is certified to support the Threat Emulation Software Blade.
ThreatCloud Repository
A cloud database with more than 250 million Command and Control (C&C) IP, URL, and DNS addresses and over 2,000 different botnet communication patterns, used by the ThreatSpect engine to classify bots and viruses.
ThreatSpect Engine
A unique multi-tiered engine that analyzes network traffic and correlates data across multiple layers (reputation, signatures, suspicious mail outbreaks, behavior patterns) to detect bots and viruses.
Traffic
The flow of data between network resources.
UserCheck
Gives users a warning when there is a potential risk of data loss or security violation. This helps users to prevent security incidents and to learn about the organizational security policy.
|
