Analyzing Threats

Networks today are more exposed to cyber threats than ever. This creates a challenge for organizations in understanding the security threats and assessing damage.

SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. helps the security administrator find the cause of cyber threats, and remediate the network.

The Logs & Events > Logs view presents the threats as logs.

The other views in the Logs & Events view combine logs into meaningful security events. For example, malicious activity that occurred on a host in the network in a selected time interval (the last hour, day, week or month). They also show pre- and post-infections statistics.

You can create rich and customizable views and reports for log and event monitoring, which inform key stakeholders about security activities. For each log or event, you can see a lot of useful information from the ThreatWiki and IPS Check Point Software Blade on a Security Gateway that inspects and analyzes packets and data for numerous types of risks (Intrusion Prevention System). Advisories about the malware, the virus or the attack.

For information, see the:

• R82 Threat Prevention Administration Guide.

• R82 Logging and Monitoring Administration Guide.