Content Awareness Software Blade

This Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. provides data visibility and enforcement in unified Access Control Policy.

You can set the direction of the data in the Access Control Policy to one of these:

• Download Traffic - Into the organization

• Upload Traffic - Out of the organization

• Any Direction

You can set Data Types in the Access Control Policy to one of these:

• Content Types - Classified by analyzing the file content (for example: PCI - credit card numbers, International Bank Account Numbers - IBAN)

• File Types - Classified by analyzing the file ID (for example: Viewer File - PDF, Executable file, Presentation file)

You can select one of these services:

• CheckPointExchangeAgent

• ftp

• http

• https

• HTTP_proxy

• HTTPS_proxy

• smtp

• Squid_NTLM

For more information, see the:

• R81.10 Security Management Administration Guide

• SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. Online Help (press F1)

• sk119715 - ATRG: Content Awareness (CTNT) (requires Advanced access to Check Point Support Center)

Note - Content Awareness Check Point Software Blade on a Security Gateway that provides data visibility and enforcement. See sk119715. Acronym: CTNT. and Data Loss Prevention Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. (see Data Loss Prevention Software Blade) use Data Types in the Access Control Policy. However, they have different features and capabilities. They work independently, and the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. / ClusterXL / Scalable Platform Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. enforces them separately.