Check Point SmartEvent

The Check Point SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, actionable threat management information. Administrators can quickly identify critical security events, stop threats directly from the event screen, add protections on-the-fly to remediate attacks, all via a single console.

Benefits
Features
Model Specs
Data Sheets

Increased visibility of critical events across all security systems

Event correlation for firewall, IPS, DLP, endpoints via a single console
Quickly identify critical security events using timelines, charts and maps
Move from business view to forensics in just three clicks

Faster remediation with real-time, actionable threat management data

Stop threats and attacks directly from the event screen
Add protections on-the-fly to remediate attacks
Block malicious traffic from rogue nations with geo-protection

Integrated into Check Point Software Blade Architecture

Activate unified event analysis on any Check Point security gateway
Supported gateways include: UTM-1, Power-1, IP Appliances and IAS Appliances

Single, Unified Event Console for More Visibility

SmartEvent provides several security event management real-time views to help you quickly grasp your security situation and act based on what you see, all via a single console. The timeline view enables you to see trends and the propagation of attacks. The charts view provides event statistics in either a pie chart or a bar graph format. The maps view allows you identify potential threats by country.SmartEvent provides centralized event correlation management for all Check Point products as well as third-party devices. Administrators can quickly identify critical security events, stop threats directly from the event screen and add protections on-the-fly to remediate attacks, all via a single console. The same interface enables you to deal with auditing and reporting to achieve unified compliance reporting and simplify network security management.

data-overload

Focus on What is Important

data-over-time

See How Event Data Differs Over Time

threats-by-country

Quickly Indentify Potential Threats by Country

Security Event Analysis Tools for Faster Remediation

SmartEvent provides various tools to help you conduct quick security event analysis and simplify network security management. Events can be dynamically filtered, searched, sorted and grouped to quickly understand your network security status. Based on what you see, you can stop attacks straight from the event screen. Remediate attacks by adding protections on-the-fly. Block malicious traffic from rogue nations with geo-protection.

geo-protection

Blovk Malicious Traffic from Rogue Nations

Easy Integration, Flexible Scalability, Simplified Deployment

For easy integration, the SmartEvent Software Blade supports both Check Point Provider-1 and security management environments, eliminating the need to configure each device log server separately for log collection and analysis. All objects defined in security Management or Provider-1 are automatically accessed and used by the SmartEvent server for event policy definition and enforcement.The SmartEvent Software Blade delivers a flexible, scalable platform capable of managing millions of logs per day per correlation. Through its distributed architecture, SmartEvent can be installed on a single server but has the flexibility to spread its processing load across multiple event correlation units.

Predefined and Custom Events for Ease-of-use

The SmartEvent Software Blade provides a large number of predefined, but easily customizable, security events for quick deployment. IT security administrators can easily create their own events using a wizard for their particular needs.

Integrated into Check Point Software Blade Architecture

The SmartEvent Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Security Gateways (Check Point appliances including UTM-1, Power-1, IP Appliances and IAS Appliances, or open server platforms) saving time and reducing costs by leveraging existing security infrastructure.

In addition, a dedicated, plug-and-play Smart-1 SmartEvent appliance is available.

Specifications

Data Sources
Built-in Integration to Check Point Products	See real-time information, trends and anomalies at a glance with security events displayed graphically to clearly represent the number, time and severity of the events
Supported Products	Multiple Check Point and third-party devices
Graphical Log Parser	Graphical log-parser to manually parse and ready any third-party log file
Multiple Log Collection Methods	Agent-based and agent-less log collection capabilities
Visibility
Timelines Views	See real-time information, trends and anomalies at a glance with security events displayed graphically to clearly represent the number, time and severity of the events
Chart Views	View events statistics in bar charts or pie graphs
Maps	Geo-locate event source or destination IP on a map
Events Quick-Views	Immediate event grouping by top event type, event source, destination, user, country
Security Event Analysis
Predefined Security Events and Best-practice Event Correlation Management Rules	Predefined events and correlation rules for industry-common security concerns based on Check Point best practice
Customized Security Events	Custom build event correlation rules to monitor any security event
Forensics	Drill down to event information by double-clicking on timelines, charts or maps; rapid data drilldown up to packet level
Events Grouping & Search	Easy-to-use search and data grouping for event analysis
Identity Logging	Map IP address to user name based on Active Directory
ClientInfo Application	Get full machine information (processes, hotfixes and vulnerability indications) for any device by right-clicking on device IP
Intelligent Learning Mode	Baselines activity to discover normal trends
Vulnerability Assessment for Security Events	Built-in vulnerability assessment of applicable security events
Actionable Security
Event Ticketing	Assign events to administrators with ticketing workflow
Global and Event Specific Exceptions	Customize alerts to exclude events by product, source, destination and service
Actionable Security	Automatically or manually deal with a security event and change security policy based on event analysis
Other
Scalable Distributed Architecture	Log server, event correlation server and event server can be deployed on separate systems
Turn-key Appliance-based Solution	Appliance-based solution for easy deployment
Packaging
Full SmartEvent	Centralized, real-time security event correlation management for all Check Point products and third-party devices
SmartEvent Intro	Centralized, real-time security event correlation management for a single Check Point security Software Blade

Data Sheets

Software Blade White Paper

Check Point SmartEvent

Single, Unified Event Console for More Visibility

Security Event Analysis Tools for Faster Remediation

Easy Integration, Flexible Scalability, Simplified Deployment

Predefined and Custom Events for Ease-of-use

Integrated into Check Point Software Blade Architecture

Specifications

Data Sheets

Free Consultation

Unbeatable Prices

Pro Services

24x7 Tech Support