Check Point products consistently meet and exceed the stringent requirements established by internationally recognized standards, approval processes and independent security industry tests. That’s why Check Point solutions are essential for agencies and companies tasked with maintaining the highest level of security and confidentiality.
The following list summarizes third-party certifications received by Check Point products.
| Certification |
Check Point Solution |
Common Criteria Internationally recognized standard and an ISO standard (ISO-IEC 15408) for evaluating the security claims of IT products and systems. Certification provides customers with a higher level of assurance that the security of a product as evaluated meets the standards for security requirements.
|
Check Point offers EAL4 certified security solutions for firewall, VPN, IDS, IPS, management, secure logging, and endpoint security. Check Point Integrity is the only endpoint security solution from a major security vendor to achieve Common Criteria EAL4 certification.
- VPN-1 Power/UTM R65 HFA-30 is certified at Evaluation Assurance Level (EAL) 4 augmented with ALC_FLR.3 (Flaw Remediation). This includes all Check Point UTM-1, Power-1, IAS, and Nokia IP appliances. R65 is certified as a Firewall, VPN, IDS and remote access gateway including SNX.
VPN-1 conforms to the Intrusion Detection System Protection Profile, March 9, 2005 and meets the functional requirements of the Application-Layer Firewall Medium Robustness V1, June 2000, and the Traffic-Filter Firewall Protection Profile for Medium Robustness Environments, V1.4 June 2000.
- Endpoint Security Full Disk Encryption, Pointsec PC 6.3.1 is certified as EAL4
- Integrity 6.5 Agent Is certified as EAL4 with ALC_FLR.2, AVA_VLA.3
- NFR Sentivist™ (now Check Point IPS-1™) Is certified as EAL2, conformant to the US government IDS/IPS Protection Profile
In Evaluation:
The following products are listed by NIAP-CCEVS as In Evaluation. This listing is achieved after having successfully passed an iVOR (initial Validation Oversight Review)
- Check Point IP Appliances with R70 Software Blades
- Check Point Power-1/UTM-1 R70 Software Blades
- Check Point Endpoint Security Media Encryption
- Check Point VPN-1 Power VSX NGX R65 with HFA 10 in combination with Check Point Provider-1 R70
- Check Point Endpoint Security Version R71 (Total Security)
- Check Point VPN-1 Power/UTM NGX R65 Medium Robustness
- IP Appliances running IPSO 4.2 Build 051c with Check Point VPN-1 Power/UTM NGX R65 Medium Robustness
|
FIPS
Federal Information Processing Standard (FIPS) 140-2 defines security requirements for cryptographic modules for US government National Security Telecommunications and Information Systems. Security Policy (NSTISSP) #11.
|
The Network Security product VPN-1 R65 HFA-30 certificate 1219 is certified to FIPS 140-2
- Check Point Full Disk Encryption for Windows 770
- Check Point Full Disk Encryption for Mac OS X 770
- Check Point Full Disk Encryption for Symbian9 770
- Check Point Media Encryption 784
- Pointsec Mobile 1100
In Process:
The following products are listed by NIST-CMVP as In Process. This listing is achieved after a complete set of Vendor evidence is accepted by an accredited evaluation lab.
- Connectra
- VPN-1 NGX R65 HFA-30 IP Appliances
|
The CESG CCTM scheme verifies the claims security vendors make for their solutions for data confidentiality, integrity and availability in the modern government IT environment. Its test methodology is uniformly applied to all candidate products and services to ensure that certification provides a consistent and objective quality benchmark for network managers and purchasers. It is operated by CESG, the Information Assurance arm of the Government Communications Headquarters (GCHQ). More information is available at
|
Check Point has certified through the CESG CCTM:
- UTM-1 Edge W
- Endpoint Media Encryption
- Endpoint Full Disk Encryption
- Pointsec for Pocket PC
- Pointsec for PC Enterprise Workplace Edition
|
ICSA
Independent testing and certifications for Firewall and IPSec, including the security functions of data source authentication, data integrity and confidentiality.
|
- VPN-1 NGX HFA-30 is IPsec certified to ICSA IPsec 1.1D criteria
- VPN-1 is certified to ICSA corporate firewall criteria
- UTM-1 Edge W is certified to ICSA corporate firewall criteria
|
VPN Consortium
|
- VPN-1 NGX and UTM-1 have passed IPSec conformance testing
- Connectra has passed SSL VPN conformance testing
|
IPv6
Certified to include IPv6 mandatory core protocols and interoperability with other IPv6 implementations.
|
- VPN-1/FireWall-1 NGX has passed extensive interoperability testing
|
NSS
Leading independent security products testing organization evaluating performance, security effectiveness and usability.
|
- NFR Sentivist (now Check Point IPS-1™) is "NSS approved" for IDS/IPS
|
BITS Financial services security laboratory
|
- Check Point Full Disk Encryption is certified to meet the security needs of the financial services industry.
|
Section 508
Section 508 of the United States Rehabilitation Act of 1973 mandates that Federal agencies acquire products which enable people with disabilities to have access to information and data in a way that is comparable to the access and use experienced by people without disabilities.
|
- VPN-1 NG FP-1 complies with Section 508, and is compatible with assistive technology.
|
Euro Symbol
|
- Eventia Reporter, where accounting functions are utilized, implements the concept of 'units' in place of any specific currency. Since neither the EURO nor any other monetary symbol appears in our software products, Check Point therefore states that it is in EURO symbol compliance.
|
