Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Frequently Asked Questions

January 8, 2007


Why is Check Point acquiring NFR Security?

Check Point is expanding its intrusion detection and prevention capabilities with the acquisition of NFR Security, a technology innovator in the area of real-time threat protection. This acquisition is an important step in Check Point's strategy to continuously raise the level of security available to enterprises for protecting their mission-critical networks.

Check Point recently announced an expanded strategy to provide comprehensive security for enterprise data by evolving its core network security offering and adding new products for data security. This acquisition expands Check Point's leadership in network security by further expanding its intrusion detection and prevention capabilities with NFR Security's award-winning products and technologies.

Check Point plans to combine NFR Security technologies into our unified security architecture, providing a network security solution that provides the highest level of intelligence, adaptability and manageability to ensure information networks remain safe in a constantly changing threat environment.

What is the status of the acquisition process?

Check Point announced the completion of the acquisition on January 8, 2007. NFR Security products will be available on the Check Point price list and orderable via Check Point resellers in early Q1, 2007.

How does this announcement impact Check Point's strategy?

Intrusion detection and prevention is a part of Check Point's core strategy. With the acquisition of NFR Security, Check Point is further extending its position as the vendor of choice for companies of all sizes seeking a unified security architecture.

How will this acquisition benefit customers?

  • Network security that is more intelligent, adaptable and manageable. This enables intelligent application of security policies in a dynamic environment – making networks more secure while simplifying the job of managing security.
  • Precise, real-time attack protection from the combination of preemptive protection of Check Point SmartDefense with the highly granular and accurate attack detection provided by NFR Security's Hybrid Detection Engine (HDE).

Who is NFR Security?

NFR Security is a leading provider of Real-Time Threat Protection systems that secure business networks against the primary threat points of today – automated malware, vulnerability windows and unsanctioned network changes. The company's award-winning Sentivist security solution uniquely combines an array of powerful features including a hybrid detection engine, inline prevention, a fully functional firewall, and the Dynamic Shielding Architecture, NFR Security's core technology that uses situational intelligence to dynamically protect network services and assets against compromise, to deliver highly sought-after peace-of-mind security.

What solutions does NFR Security offer?

Sentivist – Intrusion Prevention System (IPS). Based on powerful detection and prevention capabilities, Sentivist Smart Sensors and Enterprise Sensors offer industry unique features such as patent-pending Confidence Indexing, customization capabilities and minimal design. Sentivist's intrusion prevention system also supports central management of distributed environments in both small- and large-scale enterprises.

The Sentivist Dynamic Shielding Architecture (DSA) is aware of, and alerts security managers to critical vulnerabilities and unsanctioned network changes. The Sentivist Dynamic Shielding Architecture automatically recognizes these stealth attack threat points that exist on the network and dynamically protects those threat points from inevitable attack by pushing out updates.

In addition, Sentivist delivers Network Node Intelligence Information so that security managers can quickly and easily assess the threat points in their network and plan the appropriate remediation strategies. Sentivist does this by correlating and graphically displaying threat point information through a unique graphical presentation and data massaging capabilities.

What are NFR Security's core technologies?

  • Hybrid Detection Engine – An IDS/IPS engine capable of deep packet inspection with full protocol decoding, vulnerability signature detection, OS and application detection, protocol anomaly detection, worm detection, and support for emerging threat vectors such as IPv6, IM, VoIP and P2P.
  • N-Code Language – Complementing Check Point INSPECT and often a requirement for large enterprises with proprietary applications, Sentivist allows security managers to write both new protocol decoders, a capability unique to NFR, and new signatures, as well as customize pre-shipped signatures.
  • Confidence Indexing – Offers the unique ability to direct and calibrate prevention enforcement according to various factors such as the threat and asset under attack, thus delivering the trust that only legitimate traffic is getting through, and reducing the chances for false positives.
  • Dynamic Shielding Architecture - A powerful set of features that recognize changes in the network (such as new servers, applications, etc.) and provides security actions to protect assets from new vulnerabilities.
  • High Performance Protection – Purpose-built, multi-processor platforms, engineered specifically to meet the most demanding enterprise IT requirements, the Enterprise Series Smart Sensor offers hot swappable and redundant main components, hardware-level bypass built-in and data rates from 100Mbps-4Gbps (10Gbps solution to be available during 2007). The sensor can be deployed in either in-line blocking mode, learning mode or in passive mode.
  • Enterprise Central Management – Provides security administrators the real-time information and tools to manage, monitor and act upon threats to the enterprise. Security administrators can customize a set of Sentivist Real-Time Attack Graphs and Attack Vector Timelines, forming their own Protection Center, as a window to monitor real-time attack and prevention activity.

How are Check Point's and NFR Security's technologies complementary?

Check Point and NFR Security use different, yet complementary mechanisms for intrusion detection and prevention. Check Point security products use type-based intrusion prevention technologies in which Check Point gateways enforce the proper and expected usage of protocols. NFR Security IDS/IPS solutions leverage, among other capabilities, signature-based intrusion detection and prevention. By combining technologies, Check Point will be able to offer precise and granular intrusion prevention that will raise the total level of security against both known and future threats.

Where is NFR Security located?

NFR Security is headquartered in Rockville, Maryland, in the United States.

Who are NFR Security's customers?

NFR Security serves customers worldwide in corporate enterprises, government agencies, service providers and academic institutions through an extensive worldwide network of channel partners and through direct sales.

Who is Check Point Software Technologies?

Check Point Software Technologies Ltd. is a leader in securing the Internet. It is a market leader in the worldwide enterprise firewall, consumer Internet security and VPN markets. Through its NGX platform, the company delivers a unified security architecture for a broad range of perimeter, internal, Web, and endpoint security solutions that protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company's ZoneAlarm Internet Security Suite and additional consumer security solutions are among the highest rated in the industry today, proactively protecting millions of people from hackers, spyware, viruses and identity theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from hundreds of leading companies. Check Point solutions are sold, integrated and serviced by a network of thousands of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.

Where is Check Point located?

Check Point's international headquarters is located in Ramat-Gan, Israel. The United States headquarters is located in Redwood City, California. Check Point also has more than 70 locations around the world and two support centers that are located in the United States and Israel.

How does Check Point plan to integrate NFR Security products into its current portfolio?

Check Point is committed to NFR Security's customers and existing security portfolio. In addition, Check Point plans to incorporate NFR Security technology into its existing line of network security and management solutions, continuing to ensure the highest level of security for enterprise networks while continuing to simplify the job of managing security.

Will Sentivist continue as a standalone product?

Check Point intends to continue to sell, support, and develop an independent NFR Security product line.

How does the acquisition affect Check Point's and NFR Security's channel partners?

Check Point intends to deliver NFR Security's award-winning products through the Check Point worldwide distribution channel. This will enable our partners to offer comprehensive network security solutions that include powerful intrusion detection and prevention capabilities that are easy to manage.

How does the acquisition of NFR Security affect Check Point's InterSpect solution?

Check Point will combine the InterSpect and Sentivst product lines to deliver industry-leading intrusion detection and prevention solutions.

What is Check Point's integration roadmap?

Check Point intends to incorporate NFR Security technologies into its existing firewall, VPN and security management solutions – based on the Check Point unified security architecture. This will add even more intelligence to Check Point solutions and help ensure network security systems can quickly adapt to changing threats, cooperate with other systems to enforce security policy and enable central administrative control. Check Point will provide more details on its product integration plans at a future date.