IPS Software Blade
Overview
The Check Point IPS Software Blade provides complete, integrated, next generation firewall intrusion prevention capabilities at multi-gigabit speeds, resulting in industry-leading total system security and performance. The IPS Blade provides complete threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. The Multi-Tier Threat Detection Engine combines signatures, protocol validation, anomaly detection, behavioral analysis, and other methods to provide the highest levels of network IPS protection. By quickly filtering 90% of incoming traffic without requiring deep inspection, the IPS engine inspects for attacks only on relevant sections of the traffic, thus reducing overhead and increasing accuracy.
The IPS Blade is supported by the global Check Point Research and Response Centers that provided the best Microsoft vulnerability threat coverage amongst leading security vendors.
Check Point’s acclaimed management capabilities have been enhanced to support the dynamic management requirements of an IPS solution, allowing you to graphically monitor only what is important, easily isolate actionable information, and meet compliance and reporting requirements. Also, the entire Check Point IPS family – IPS Software Blade and standalone Check Point IPS-1 appliance –are managed from the same SmartDashboard IPS console, providing truly unified IPS management.
Application Awareness and Control
The Check Point Application Library enables application scanning and detection of more than 4,500 distinct applications and over 50,000 social networking widgets - regardless of port, protocol, or evasive technique used to traverse the network. To meet the dynamic nature of internet applications the Application Library is continuously updated.
The integration of the Application Library into Check Point Security Gateways allows customers to leverage the convenience of Web 2.0 technologies safely and securely.
Click here for the press release.
Key Benefits
- Complete IPS Protection – A fully functioning IPS integrated into your existing firewall
- Industry-Leading Performance – Multi-gigabit total system performance for IPS and Firewall
- Dynamic Management – A complete set of management tools including real-time event views and an automated protection process
- Protection Between Patches – Reinforces security during delays in the patching process
Features
- Complete Intrusion Prevention Functionality
- Industry-Leading Total System Performance
- Dynamic Threat Management
- Preemptive Security Updates
Complete Intrusion Prevention Functionality
The IPS Software Blade is a perfect compliment to your Check Point Firewall protection, further securing your network without degrading your gateway performance.
Fully-Featured IPS
The IPS Software Blade provides a complete IPS security solution, providing comprehensive network protection against malicious and unwanted network traffic, including:
- Malware attacks
- Dos and DDoS attacks
- Application and Server vulnerabilities
- Insider threats
- Unwanted application traffic, including IM and P2P
Trusted Security
- Real-Time Protections – The IPS Software Blade is constantly updated with new defenses against emerging threats. Many of Check Point’s IPS protections are pre-emptive, providing defenses before vulnerabilities are discovered or exploits are even created.
- Microsoft Vulnerability coverage - Check Point is ranked #1 in Microsoft threat coverage, including preemptive protections against emerging vulnerabilities and exploits.
Integrated IPS Advantages:
The IPS blade provides Total Security delivered at half the acquisition cost of multiple standalone solutions. Gain up to 10x better price/performance of existing integrated IPS solutions.
Integrated IPS has many advantages that are making it a new standard in security:
- Reduces costs by consolidating multiple independent solutions
By integrating an IPS Software Blade into your existing firewall, you save on:- Equipment purchase
- Hardware footprint
- Training and ongoing management
- Rack space
- Cabling
- Cooling
- Power
- Facilitates reduced latency
- By inspecting the traffic only once for both firewall and IPS protection, integrated IPS causes less bottlenecking.
- By inspecting the traffic only once for both firewall and IPS protection, integrated IPS causes less bottlenecking.
- Provides cohesive security policy
- An integrated solution drives a single, cohesive security policy.
- An integrated solution drives a single, cohesive security policy.
- Offers common management and training
- Reduced management and training expenses
- Reduces errors and oversights
- Better match with IT organizational structures
- Increased operational effectiveness and efficiency
- Makes IPS deployment easier
- Add IPS protection to your gateway with one checkbox
Industry-Leading Total System Performance
Check Point leads the industry with its multi-gigabit total system performance for firewall with integrated IPS. The IPS Blade provides up to 10x the performance of existing integrated security gateways with integrated IPS capabilities, and 22x faster performance with over 2000 security protections enabled.
Multi-Method Engine
The multi-method IPS engine provides pre-emptive and accurate detection by leveraging integrated behavioral and signature-based detection and analysis.
- Accelerated performance
- Increased protection accuracy
Dynamic Threat Management
With the IPS Software Blade and the IPS Event Analysis Software Blade you gain a new, dynamic management paradigm for today’s high volume, real-time and evolving threat environment.
Check Point’s threat management workflows allow you to handle constant change quickly and efficiently, reducing your management overhead and allowing you to confidently and promptly deploy protections- New Protections Sandbox - Builds confidence in a ‘sandbox’ environment with no impact on your network.
- Automatic Protection Activation – Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections is eliminated.
- Unified Management – The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other Security Gateway Blades and Check Point’s dedicated IPS.
- Configurable, Actionable Monitoring – Track events through detailed reports and logs of what is most important. The new Security Management blades for IPS and Provisioning simplify threat analysis and reduce operational overhead.
- Business–level Views – Customizable reports provide easy monitoring of critical security events associated with your business critical systems.
- Multi–Dimensional Sorting – Drag–and–Drop columns of event data and the information is automatically re–ordered.
- Actionable Event Logs– Edit the associated protection, create an exception, or view packet data directly from log entries.
Painless Deployment
- Deployed on Your Existing Firewall – Reduces deployment time and costs by leveraging existing security infrastructure.
- Granular Protection control- Easy-to-use protection profiles allow administrators to define signature and protection activation rules that match the security needs of your network assets.
- Predefined Default and Recommended profiles – Provide immediate and easy use out-of-the-box with profiles tuned to optimize security or performance.
- Optional Detect-Only Mode – Sets all your existing protections to only detect, but not block traffic to allow you to evaluate your profile without risking disruption.
Preemptive Security Updates
Patching is an incomplete security measure, which can leave your network open for attack. By taking a more comprehensive approach, which combines robust IPS functionality with a concerted patching strategy, network administrators can better equip themselves to handle Patch Tuesdays and secure the network between upgrades and patches. Find out how to leverage Check Point’s IPS offerings to make Patch Tuesday just another day.
Specifications
| Performance | |
|---|---|
| Integrated IPS Performance | Up to 15 Gbps |
| Gateway Load Threshold | Protect firewall performance under load through a configurable software bypass |
| Security | |
| Multi-Method Detection Engine |
|
| Microsoft Vulnerability Coverage | #1 for Microsoft protections in 2008 |
| Patch process reinforcement | Protect your network from attack while vendor patches are being applied |
| Real-Time Protection | Protection updates for:
|
| Application Intelligence | Application protections and controls including Instant Message and Peer-to-Peer |
| Open Signatures | Create your own signatures with an open signature language |
| DoS Mitigation Engine | Expanded protections against Denial-of-Service attacks |
| Deployment | |
| Profiles | Save administrative overhead by assigning the same protections to groups of assets |
| Predefined Profiles | Out-of-the-box Protection Profiles optimized for security or performance |
| Detect-Only Mode | Set your existing protections to detect, but not block malicious traffic |
| Sandbox New Protections | Provide a ‘sandbox’ environment to try out new protections without impacting your network |
| Management | |
| Activation Rules | Activate protections according to:
|
| Packet Capture | Gather traffic data for deep forensic analysis |
| Follow-up | Flag protections for later analysis |
| Timeline View | Easily configure custom views of only what’s important to you (e.g. security events associated with your critical network assets) |
| System Overview | IPS system status at-a-glance |
| Unified Management | Manage integrated and dedicated IPS from one interface |
| Network Exceptions | Make exceptions to protections |
| More Protection Information | Give detailed information on each protection, including:
|
Updates
In a constantly changing threat environment, defenses must continually advance. For defenses to evolve in real-time, an ongoing service is required. The Check Point IPS Blade is updated in real-time with defense updates and configuration advice against emerging threats and attacks.
- Pre-emptive Protection – Keep your defenses current between your regularly-scheduled product upgrades and security patches.
- Easy Management – Update your whole system in minutes. Each update comes with full configuration instructions and information about the associated threat.
- Automatic Activation – Optionally set the system to activate new protections that meet your criteria for severity, performance, and confidence.
- 24x7 Threat Coverage – Check Point Security Gateways with integrated IPS are supported by multiple Check Point Research and Response Centers around the globe.
The IPS Blade is supported by the same global Check Point Research and Response Centers that provided the best Microsoft vulnerability threat coverage amongst leading security vendors in 2008.
The IPS Blade comes with thousands of protections, and Check Point’s Research and Response Centers are continually monitoring for new threats and creating new protections. To see examples of protections these centers have created in the past, see SmartDefense Services. You can expect the same trusted level of pre-emptive protection for the IPS Software Blade.
Next Steps
- Find a Partner
- Call US sales: 1-866-488-6691
- Contact Us Online
Resources
Check Point Software Blade Architecture Brochure- Software Blades Demo
- Integrated IPS Engine Architecture White Paper
- Integrated IPS Performance White Paper
- Evolution of IPS White Paper
- Software Blade Architecture White Paper
Software Blades
Security Gateway Software Blades