Infinity Threat Prevention Profiles

These are the 5 profiles supported by Infinity Threat Prevention:

  • Recommended for Perimeter Profile

    Optimized security for perimeter gateway to prevent cyberattacks. Includes protection for users browsing the web, data centers, incoming emails, and FTP. This is the default profile and the recommended profile for multiple protections on the same gateway (for example, when both Perimeter protection and Internal network protection are needed).

    Recommended for Perimeter is the most similar profile to the Optimized profile in the traditional Threat Prevention policy.

  • Data Center East/West Profile

    Optimized security to prevent cyberattacks on data centers. Includes extensive protection over servers and east–west traffic.

  • Internal Network Profile

    Maximum security to prevent cyberattacks over internal traffic between internal users and internal servers.

  • Strict Security for Perimeter Profile

    Maximum security for perimeter gateways to prevent cyberattacks. Includes protection for users browsing the web, data centers, incoming emails and FTP.

  • Recommended for Guest Network Profile

    ”Detect mode” security profile to monitor cyberattacks attempts through a guest network (Wi-Fi) non-intrusively.

Each profile consists of a wide range of industry-leading protections. This table summarizes the technologies used by each profile:

 

IPS Protections

File & URL Reputation

ThreatCloud

Sandbox

Sanitization (CDR)

C&C protection

Recommended for Perimeter Profile

Data Center East/West Profile

Internal Network Profile

Strict Security for Perimeter Profile

Recommended for Guest Network Profile

Here is a short explanation about each technology:

  • IPS Protections - Integrated Intrusion Prevention System with leading performance and unlimited scaling. IPS implements advanced protections from network-based attacks and protects all IT systems, including servers, endpoints, industrial systems and IoT.

  • File & URL Reputation - Files and URLs are checked through the ThreatCloud repository for reputation.
  • ThreatCloud- A cloud-based real-time global threat intelligence using Check Point worldwide network of threat sensors.

  • Sandbox - Prevents unknown, zero-day and advanced polymorphic attacks by executing suspicious files in evasion-resistant sandbox and applying advanced AI techniques.

  • Sanitization (CDR) - Provides pro-active prevention of unknown attacks from day zero, by sanitizing incoming files before delivering them to users.

  • C&C protection - Detects infected and compromised devices on the network. It blocks attacks and prevents damages by blocking malware Command & Control (C&C) communications.