Comprehensive network security monitoring for faster response to threats
Simplified network security management for maximum efficiencies
Integrated into Check Point Software Blade Architecture
The Monitoring Software Blade provides real-time information on Check Point gateways in the organization. Custom and predefined queries enable administrators to view in-depth information, such as system data, network activity, policy and license status about specific gateways.
The Monitoring Software Blade also delivers a comprehensive view of network usage. It can generate detailed or summary graphs and charts for analysis of network traffic patterns, audit and estimate costs of network use, identify departments and users that generate the most traffic, and detect and monitor suspicious activity.
The Monitoring Software Blade integrates the Check Point suspicious activity monitoring protocol for modifying access privileges upon detection of any suspicious network activity, such as attempts to gain unauthorized access. Alerts can also be automatically sent to administrators for certain predefined system events such as when free disk space is below an acceptable threshold or if a security policy has been changed. These alerts point to potential system security threats and provide information to assist in avoiding, minimizing or recovering from damage.
The Monitoring Software Blade enables system administrators to monitor connectivity between gateways. Permanent tunnels can be set up between Check Point gateways where uninterrupted connectivity is critical to the organization’s business. By constantly monitoring the status of VPN tunnels, including inbound and outbound tunnel traffic, the Monitoring Software Blade enables administrators to track normal tunnel function so that malfunctions and connectivity problems can be quickly accessed and resolved.
The monitoring of remote users offers valuable information for identifying and troubleshooting remote connectivity issues. The Monitoring Software Blade provides comprehensive information on various aspects of remote user traffic, such as current open sessions, overlapping sessions, route traffic and connection time.
The Cooperative Enforcement monitoring feature utilizes the endpoint security server compliance capability to verify connections arriving from internal and remote hosts across the network. The logs generated for authorized and unauthorized hosts can be monitored via the Monitoring Software Blade.
Using custom or predefined queries, administrators can drill down on a specific segment of traffic or specific gateways to isolate factors that may be affecting network performance. Multiple views can be displayed within the same window and viewed side-by-side to enable easy diagnoses of traffic or security problems.
The Monitoring Software Blade is part of Check Point Security Management solutions, a suite of powerful applications for centrally configuring, managing and monitoring Check Point perimeter, internal, Web and endpoint security gateways. This integration results in reduced complexity and lowers total cost of ownership.
The Monitoring Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Appliances or open server platforms, saving time and reducing costs by leveraging existing security infrastructure.
Full integration into the modular Software Blade Architecture allows for rapid and easy activation on any Check Point Security Management server.
|Secure status updates of remote modules||Via Check Point OPSEC APIs like AMON|
|Customizable system overview||Including:
|System information||OS, CPU, memory, hard disk free %, and network activity|
|Product status information||Including:
|Customizable threshold settings||Set actions globally or per gateway for when a threshold is met, e.g. when a remote gateway fails|
|Customizable actions||Log, alert, email, SNMP trap, and user- defined|
|Customizable reporting||Gateways, traffic, counters, tunnels, and remote users|
|Reset users and tunnels||Control user activity|
|Apply dynamic enforcement rule||Per gateway, source, destination, and service|
|ClusterXL member control||Start and stop the ClusterXL processes|