Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Protocols & Related Defenses
Network Layer

Check Point's perimeter, internal and web security gateway solutions block many attacks and provide numerous attack prevention safeguards. This table lists some of these defenses and organizes them by protocol and OSI Model layer.

Note: Check Point continually expands the breadth of defenses provided. This table is a snapshot not an exhaustive list

Application Layer
Session Layer
Transport Layer
Network Layer

Network Layer
Attack Prevention Safeguards
Attacks Blocked

IP
  • Enforce minimum header length
  • Restrict IP-UDP fragmentation
  • Enforce that header length indicated in IP header is not longer than packet size indicated by header
  • Enforce that packet size indicated in IP header is not longer than actual packet size
  • Scramble OS fingerprint
  • Control IP options
  • IP Address Sweep Scan
  • IP Timestamp Attack
  • IP Record Route Attack
  • IP Source Route Attack
  • IP Fragment Denial-of-Service Attack
  • Loose Source Route Attack
  • Strict Source Route Attack
  • IP Spoofing Attack

ICMP
  • Block large ICMP packets
  • Restrict ICMP fragments
  • Match ICMP requests and responses
  • Ping-of-Death Attack
  • ICMP Flood