Check Point Software Technologies is one of three Gartner Magic Quadrant Leaders. It offers a security architecture for defending everything from the cloud to enterprise networks and down to mobile devices. The company, founded in 1993, protects more than 100,000 organizations of all sizes.
What Are Check Point Firewalls?
Check Point’s focus is on prevention rather than detection, to block known and unknown cyber-attacks and ensure business continuity. Part of the Check Point Infinity architecture, the company’s Advanced Threat Prevention is packaged with zero-day protection and next-generation firewall technologies. It includes application control, advanced URL filtering, IPS, antivirus, anti-bot, email security, policy management, monitoring and event management.
What Are the Key Features of Check Point’s Firewall?
Security and performance: Very Good. The Check Point 15600 Next Generation Threat Prevention appliance blocked 99.6% of attacks in NSS Labs tests, near the top of vendors tested. The device posted solid performance of 6,034 Mbps.
Value: Fair. NSS Labs gave Check Point a $13 TCO per protected Mbps, in eighth place among solutions tested. Gartner says Check Point is best for enterprises that need granular security features for complex and hybrid environments.
Implementation: ?Best. Despite a complex product, Check Point customers are generally satisfied with implementation and deployment.
Management: Best. Centralized management for complex networks and role-based administration are among Check Point’s strengths.
Support: ?Fair. A strong channel and partner program is a plus, but there are an above average number of complaints about responsiveness and support; Check Point hopes to alleviate this with more technical assistance centers.
Cloud features: Best. Check Point vSEC virtual appliances support a wide range of environments, including VMware, Cisco ACI, KVM, HyperV, OpenStack, AWS, Google Cloud and Azure.
Featured Next-Gen Firewall (NGFW) Software
Are Check Point Firewalls Secure?
Certifications include ICSA labs firewall and IPSEC-Basic, FIPS 140-2, Common Criteria EAL4+, NATO Information Assurance Product Catalogue, Common Criteria Medium Robustness, Defense Information Systems Agency (DoD certification of firewall, VPN, IDS and IPS), Commercial Solutions for Classified Program, IPv6 Ready and VPN Consortium.
How Intelligent Is Check Point Firewalls?
Check Point SandBlast Zero-Day Protection does inspection at the CPU-level to stop attacks before they have a chance to launch. There are thousands of vulnerabilities and millions of malware implementations, but there are very few methods that cyber criminals utilize to exploit vulnerabilities. The Check Point SandBlast Threat Emulation engine monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls. It conducts further investigation with OS-level threat emulation by intercepting and filtering inbound files and inspecting URLs linked to files within emails by running them in a virtual environment. Newly discovered threats are sent to the ThreatCloud intelligence database.?Each newly discovered threat signature is distributed across the ThreatCloud ecosystem to protect other Check Point connected devices.
How Are They Delivered?
It can run on premises, virtually, in public clouds or in any combination.
Do They Use Agents?
Aside from Check Point products that protect mobile, endpoint devices and data in transit when connecting remotely, the product is agentless.
How Much Do Check Point Firewalls Cost?
Prices range from $499 for the 730 small office threat prevention appliance up to a few hundred thousand dollars for the high-end chassis-based 64000 security system. The 15600 tested by NSS starts at around $60,000, with SandBlast, high-performance packages and virtual systems costing extra.
