Check Point Advanced Threat Protection: NGFW Overview and Analysis

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

See our complete list of top next-generation firewall vendors.

Company Description

Check Point Software Technologies is another of the Gartner Leaders. It offers a security architecture for defending everything from the cloud to enterprise networks and down to mobile devices. The company, founded in 1993, protects more than 100,000 organizations of all sizes.

Product Description

Check Point's focus is on prevention rather than detection, to block known and unknown cyber-attacks and ensure business continuity. Part of the Check Point Infinity architecture, the company's Advanced Threat Prevention is packaged with zero-day protection and next-generation firewall technologies. It includes application control, URL filtering, IPS, antivirus, anti-bot, email security, policy management, monitoring and event management.

Markets and Use Cases

Check Point secures systems from the home office to the largest enterprise. It protects on premises and in public and private clouds. It is strong in retail, financial services, government and federal institutions, healthcare, service providers, telco, power generation, water treatment and manufacturing.


Firewall throughput varies from 90 Mbps in small office devices to 128 Gbps in high-end chassis-based systems.

Security Qualifications

Certifications include ICSA labs firewall and IPSEC-Basic, FIPS 140-2, Common Criteria EAL4+, NATO Information Assurance Product Catalogue, Common Criteria Medium Robustness, Defense Information Systems Agency (DoD certification of firewall, VPN, IDS and IPS), Commercial Solutions for Classified Program, IPv6 Ready and VPN Consortium.


Check Point SandBlast Zero-Day Protection does inspection at the CPU-level to stop attacks before they have a chance to launch. There are thousands of vulnerabilities and millions of malware implementations, but there are very few methods that cyber criminals utilize to exploit vulnerabilities. The Check Point SandBlast Threat Emulation engine monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls. It conducts further investigation with OS-level threat emulation by intercepting and filtering inbound files and inspecting URLs linked to files within emails by running them in a virtual environment. Newly discovered threats are sent to the ThreatCloud intelligence database. Each newly discovered threat signature is distributed across the ThreatCloud ecosystem to protect other Check Point connected devices.


It can run on premises, virtually, in public clouds or in any combination.


Aside from Check Point products that protect mobile, endpoint devices and data in transit when connecting remotely, the product is agentless.


Prices range from $499 for the 730 small office threat prevention appliance up to a few hundred thousand dollars for the high-end chassis-based 64000 security system.

Submit a Comment

Loading Comments...