The Check Point Intrusion Prevention System (IPS) Software Blade combines industry-leading IPS protection with breakthrough performance at a lower cost than traditional, stand-alone IPS solutions. The IPS Software Blade delivers complete and proactive intrusion prevention—all with the deployment and management advantages of a unified and extensible next-generation firewall solution.
BenefitsNext-generation security prevention, protection and performance
- Industry-leading IPS and firewall—as tested NSS Labs—delivers 1,000s of signature, behavioral and preemptive protections
- Check Point is ranked #1 in Microsoft and Adobe threat coverage
- Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall
- Up to 15 Gbps of IPS and 30 Gbps of firewall throughput
- Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput
- CoreXL technology provides the most efficient and high-performance use of multi-core technologies
- One-click activation of IPS and firewall protection on any Check Point gateway
- Delivers unmatched extensibility and flexibility—all without adding CapEx
- Integrated into Check Point Software Blade Architecture for on-demand security
The IPS Software Blade complements firewall protection, further securing your network without degrading gateway performance.
The IPS Software Blade provides a complete IPS security solution, providing comprehensive network protection against malicious and unwanted network traffic, including:
- Malware attacks
- Dos and DDoS attacks
- Application and server vulnerabilities
- Insider threats
- Unwanted application traffic, including IM and P2P
Geo-protections enforce or monitor traffic based on the source or destination country. Create a geo-protection policy with exceptions to allow legitimate traffic through while blocking or monitoring traffic from unknown and untrusted sources. Monitor activity with the SmartEvent Software Blade.
- Real-Time protections - The IPS Software Blade is constantly updated with new defenses against emerging threats. Many of the IPS protections are pre-emptive, providing defenses before vulnerabilities are discovered or exploits are even created.
- Microsoft vulnerability coverage - Check Point is ranked #1 in Microsoft threat coverage, including preemptive protections against emerging vulnerabilities and exploits.
The IPS Software Blade, with integrated IPS, provides total security at a lower acquisition cost (up to 50% less) than multiple standalone solutions, all with up to 10x better price/performance than existing integrated IPS solutions.
Integrated IPS has many advantages that are making it a new standard in security, including:
- Reducing costs by consolidating multiple independent solutions
By integrating an IPS Software Blade into your existing firewall, you save on:
- Equipment purchase
- Hardware footprint
- Training and ongoing management
- Rack space
- Facilitating reduced latency
- By inspecting the traffic only once for both firewall and IPS protection, integrated IPS causes less bottlenecking.
- Providing cohesive security policy
- An integrated solution drives a single, cohesive security policy.
- Offering common management and training
- Reduces management and training expenses
- Reduces errors and oversights
- Better match with IT organizational structures
- Increased operational effectiveness and efficiency
- Making IPS deployment easier
- Add IPS protection to your gateway with the check of one box
Delivers up to 15 Gbps of IPS throughput with the default IPS profile. The IPS Software Blade incorporates a high-speed pattern matching engine that does multi-layered, 2-tier inspection for maximum performance with thousands of protections enabled.
Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passed through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver.
Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy. Some encrypted content passing through the gateway should not be inspected, and therefore can be bypassed with a simple administrator policy definition.
With the IPS Software Blade and the SmartEvent Software Blade you gain a new, dynamic management paradigm for today’s high volume, real-time and evolving threat environment.
Check Point threat management workflows allow you to handle constant change quickly and efficiently, reducing your management overhead and allowing you to confidently and promptly deploy protections.
The IPS Software Blade offers:
- New protections sandbox - Build confidence in a ‘sandbox’ environment with no impact on your network.
- Automatic protection activation - Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections are eliminated.
- Unified Management - The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other security gateway Software Blades and Check Point dedicated IPS.
- Configurable, actionable monitoring - Track events through detailed reports and logs of what is most important. The new Security Management Software Blade for IPS and Security Provisioning Software Blade simplify threat analysis and reduce operational overhead.
- Business-level views - Customizable reports provide easy monitoring of critical security events associated with your business-critical systems.
- Multi-dimensional sorting - Drag-and-drop columns of event data and the information will be automatically re-ordered.
- Actionable event logs - Edit the associated protection, create an exception or view packet data directly from log entries.
- Deployed on your existing firewall - Reduces deployment time and costs by leveraging existing security infrastructure.
- Granular protection control - Easy-to-use protection profiles allow administrators to define signature and protection activation rules that match the security needs of your network assets.
- Predefined default and recommended profiles - Allows for immediate and easy out-of-the-box use with profiles tuned to optimize security or performance.
- Optional detect-only mode - Sets all your existing protections to only detect, but not block, traffic to allow you to evaluate your profile without risking disruption.
Patching is an incomplete security measure, which can leave your network open for attack. By taking a more comprehensive approach, which combines robust IPS functionality with a concerted patching strategy, network administrators can better equip themselves to handle ‘Patch Tuesdays’ and secure the network between upgrades and patches.
The IPS Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Security Gateways saving time and reducing costs by leveraging existing security infrastructure.
|Integrated IPS Performance||Up to 15 Gbps|
|Gateway Load Threshold||Protect firewall performance under load through a configurable software bypass|
|Multi-Method Detection Engine||Vulnerability and exploit signatures Protocol validation Anomaly detection Behavior-based detection Multi-element correlation|
|Microsoft Vulnerability Coverage||#1 for Microsoft protections|
|Patch Process Reinforcement||Protect your network from attack while vendor patches are being applied|
|Real-Time Protection||Protection updates for:
|Application Intelligence||Application protections and controls including Instant Message and Peer-to-Peer|
|Open Signatures||Create your own signatures with an open signature language|
|DoS Mitigation Engine||Expanded protections against denial-of-service attacks|
|Profiles||Save administrative overhead by assigning the same protections to groups of assets|
|Predefined Profiles||Out-of-the-box protection profiles optimized for security or performance|
|Detect-Only Mode||Set your existing protections to detect, but not block malicious traffic|
|Sandbox New Protections||Provide a 'sandbox' environment to try out new protections without impacting your network|
|Activation Rules||Activate protections according to:
|Packet Capture||Gather traffic data for deep forensic analysis|
|Follow-up||Flag protections for later analysis|
|Timeline View||Easily configure custom views of only what's important to you (e.g., security events associated with your critical network assets)|
|System Overview||IPS system status at-a-glance|
|Unified Management||Manage integrated and dedicated IPS from one interface|
|Network Exceptions||Make exceptions to protections|
|More Protection Information||Give detailed information on each protection, including: