Complete Intrusion Prevention System (IPS) Functionality
The IPS Software Blade complements firewall protection, further securing your network without degrading gateway performance.
The IPS Software Blade provides a complete IPS security solution, providing comprehensive network protection against malicious and unwanted network traffic, including:
- Malware attacks
- Dos and DDoS attacks
- Application and server vulnerabilities
- Insider threats
- Unwanted application traffic, including IM and P2P
Geo-protectionsGeo-protections enforce or monitor traffic based on the source or destination country. Create a geo-protection policy with exceptions to allow legitimate traffic through while blocking or monitoring traffic from unknown and untrusted sources. Monitor activity with the SmartEvent Software Blade.
- Real-Time protections- The IPS Software Blade is constantly updated with new defenses against emerging threats. Many of the IPS protections are pre-emptive, providing defenses before vulnerabilities are discovered or exploits are even created.
- Microsoft vulnerability coverage - Check Point is ranked #1 in Microsoft threat coverage, including preemptive protections against emerging vulnerabilities and exploits.
The IPS Software Blade, with integrated IPS, provides total security at a lower acquisition cost (up to 50% less) than multiple standalone solutions, all with up to 10x better price/performance than existing integrated IPS solutions.Integrated IPS has many advantages that are making it a new standard in security, including:
- Reducing costs by consolidating multiple independent solutions
By integrating an IPS Software Blade into your existing firewall, you save on:
- Equipment purchase
- Hardware footprint
- Training and ongoing management
- Rack space
- Facilitating reduced latency
- By inspecting the traffic only once for both firewall and IPS protection, integrated IPS causes less bottlenecking.
- Providing cohesive security policy
- An integrated solution drives a single, cohesive security policy.
- Offering common management and training
- Reduces management and training expenses
- Reduces errors and oversights
- Better match with IT organizational structures
- Increased operational effectiveness and efficiency
- Making IPS deployment easier
- Add IPS protection to your gateway with the check of one box
Multi-gigabit integrated IPS performance
Delivers up to 15 Gbps of IPS throughput with the default IPS profile. The IPS Software Blade incorporates a high-speed pattern matching engine that does multi-layered, 2-tier inspection for maximum performance with thousands of protections enabled.
Inspect SSL Encrypted Traffic
Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passed through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver.
Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy. Some encrypted content passing through the gateway should not be inspected, and therefore can be bypassed with a simple administrator policy definition.
Dynamic Threat Management
With the IPS Software Blade and the SmartEvent Software Blade you gain a new, dynamic management paradigm for today's high volume, real-time and evolving threat environment.Check Point threat management workflows allow you to handle constant change quickly and efficiently, reducing your management overhead and allowing you to confidently and promptly deploy protections.The IPS Software Blade offers:
- New protections sandbox - Build confidence in a 'sandbox' environment with no impact on your network.
- Automatic protection activation - Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections are eliminated.
- Unified Management - The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other security gateway Software Blades and Check Point dedicated IPS.
- Configurable, actionable monitoring- Track events through detailed reports and logs of what is most important. The new Security Management Software Blade for IPS and Security Provisioning Software Blade simplify threat analysis and reduce operational overhead.
- Business-level views - Customizable reports provide easy monitoring of critical security events associated with your business-critical systems.
- Multi-dimensional sorting - Drag-and-drop columns of event data and the information will be automatically re-ordered.
- Actionable event logs - Edit the associated protection, create an exception or view packet data directly from log entries.
- Deployed on your existing firewall - Reduces deployment time and costs by leveraging existing security infrastructure.
- Granular protection control - Easy-to-use protection profiles allow administrators to define signature and protection activation rules that match the security needs of your network assets.
- Predefined default and recommended profiles - Allows for immediate and easy out-of-the-box use with profiles tuned to optimize security or performance.
- Optional detect-only mode - Sets all your existing protections to only detect, but not block, traffic to allow you to evaluate your profile without risking disruption.
Preemptive Security Updates
Patching is an incomplete security measure, which can leave your network open for attack. By taking a more comprehensive approach, which combines robust IPS functionality with a concerted patching strategy, network administrators can better equip themselves to handle 'Patch Tuesdays' and secure the network between upgrades and patches. Find out how to leverage Check Point IPS offerings to make Patch Tuesday just another day.
Integrated into Check Point Software Blade Architecture
The IPS Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Security Gateways (Check Point appliances including UTM-1, Power-1, IP Appliances and IAS Appliances, or open server platforms) saving time and reducing costs by leveraging existing security infrastructure.