"Secured by Check Point" Appliance Program

Security Testing
"Secured by Check Point" appliance features include security-related capabilities mandated by the program, such as secure remote administration. The appliances must also pass rigorous tests in Check Point's in-house certification laboratory.

Requirements include:

• Hardened operating system (OS) that secures appliance against OS-related attacks
  
• Encrypted local and remote administration that ensures management to module communication integrity is maintained
• Enforced customer change of manufacturer defaults for important system parameters on initial boot up (such as the root password) to ensure restricted access to gateway management
• Passing host vulnerability tests against denial of service (DoS) attacks, port scanners and more, to ensure appliance protects network
• Passing functional and load tests to ensure proper operation under expected operating conditions

Ease-of-Use Criteria
"Secured by Check Point" appliances must provide demonstrated ease-of-use to ensure efficient deployment and security management. Appliances are evaluated for ease-of-use in Check Point's in-house certification laboratory.

Requirements include:

• Pre-installed Check Point software for turnkey deployment
• Installation that requires only site-specific network configuration to ensure appliance can be efficiently deployed
• Clear documentation included with appliance to ensure you have useful, out-of-box reference materials
• Simple process to back up, restore and reset factory defaults so you can quickly respond to unexpected conditions
• Online upgrade process of Check Point software so you can easily update to the latest Check Point VPN and security features with software subscription

Check Point and OPSEC Interoperability

Check Point Software
All "Secured by Check Point" appliances are pre-installed with Check Point software. This means that as an appliance customer you can take advantage of a rich set of Check Point security innovations, including Check Point's market-leading Next Generation release.

"Secured by Check Point" appliances also support a range of Check Point management options, such as the award-winning Check Point SmartConsole, SiteManager-1, Provider-1, Eventia Reporter, and Eventia Analyzer. This support enables you to centrally manage Internet security across multiple gateways running Check Point security software.

OPSEC
OPSEC provides the world's most secure, flexible and comprehensive framework for building network security solutions. There are over 300 OPSEC partners with best-in-breed solutions that collectively cover five broad categories: security enforcement, e-business application security, management and reporting, performance and availability, and "Secured by Check Point" appliances.

All "Secured by Check Point" appliances support OPSEC products through standard APIs, with select appliances supporting OPSEC high availability and accelerator card solutions. This means that if you have a "Secured by Check Point" appliance, you can confidently pursue a complete Internet security architecture with assured interoperability.