dcsimg

Check Point Advanced Threat Protection: NGFW Overview and Analysis

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

See our complete list of top next-generation firewall vendors.

Bottom Line

Check Point's breadth of offerings and features make it applicable to all enterprise use cases, and centralized management and role-based administration are market-leading features. The firewalls combine perimeter, endpoint, cloud and mobile security, and also offer application control, advanced URL filtering and data loss prevention.

Company Description

Check Point Software Technologies is one of three Gartner Magic Quadrant Leaders. It offers a security architecture for defending everything from the cloud to enterprise networks and down to mobile devices. The company, founded in 1993, protects more than 100,000 organizations of all sizes.

Product Description

Check Point's focus is on prevention rather than detection, to block known and unknown cyber-attacks and ensure business continuity. Part of the Check Point Infinity architecture, the company's Advanced Threat Prevention is packaged with zero-day protection and next-generation firewall technologies. It includes application control, advanced URL filtering, IPS, antivirus, anti-bot, email security, policy management, monitoring and event management.

Features

Security and performance: Very Good. The Check Point 15600 Next Generation Threat Prevention appliance blocked 99.6% of attacks in NSS Labs tests, near the top of vendors tested. The device posted solid performance of 6,034 Mbps.

Value: Fair. NSS Labs gave Check Point a $13 TCO per protected Mbps, in eighth place among solutions tested. Gartner says Check Point is best for enterprises that need granular security features for complex and hybrid environments.

Implementation:  Best. Despite a complex product, Check Point customers are generally satisfied with implementation and deployment.

Management: Best. Centralized management for complex networks and role-based administration are among Check Point's strengths.

Support:  Fair. A strong channel and partner program is a plus, but there are an above average number of complaints about responsiveness and support; Check Point hopes to alleviate this with more technical assistance centers.

Cloud features: Best. Check Point vSEC virtual appliances support a wide range of environments, including VMware, Cisco ACI, KVM, HyperV, OpenStack, AWS, Google Cloud and Azure.

check point firewall review

Security Qualifications

Certifications include ICSA labs firewall and IPSEC-Basic, FIPS 140-2, Common Criteria EAL4+, NATO Information Assurance Product Catalogue, Common Criteria Medium Robustness, Defense Information Systems Agency (DoD certification of firewall, VPN, IDS and IPS), Commercial Solutions for Classified Program, IPv6 Ready and VPN Consortium.

Intelligence

Check Point SandBlast Zero-Day Protection does inspection at the CPU-level to stop attacks before they have a chance to launch. There are thousands of vulnerabilities and millions of malware implementations, but there are very few methods that cyber criminals utilize to exploit vulnerabilities. The Check Point SandBlast Threat Emulation engine monitors CPU-based instruction flow for exploits attempting to bypass operating system and hardware security controls. It conducts further investigation with OS-level threat emulation by intercepting and filtering inbound files and inspecting URLs linked to files within emails by running them in a virtual environment. Newly discovered threats are sent to the ThreatCloud intelligence database. Each newly discovered threat signature is distributed across the ThreatCloud ecosystem to protect other Check Point connected devices.

Delivery

It can run on premises, virtually, in public clouds or in any combination.

Agents

Aside from Check Point products that protect mobile, endpoint devices and data in transit when connecting remotely, the product is agentless.

Pricing

Prices range from $499 for the 730 small office threat prevention appliance up to a few hundred thousand dollars for the high-end chassis-based 64000 security system. The 15600 tested by NSS starts at around $60,000, with SandBlast, high-performance packages and virtual systems costing extra.

Submit a Comment

Loading Comments...