Security Management Portal (SMP)
Cost-effective managed security
Security Management Portal (SMP) introduces a central management and service provisioning platform that answers your needs as a Managed Security Service Provider (MSSP) targeting SMBs and vertical markets. It features an intuitive, Web-based user interface and uses robust and resilient architecture to support the management of up to tens of thousands of Check Point Safe@Office gateways. SMP can easily be integrated with existing billing, CRM and other back-office systems to support existing business processes and provides a host of capabilities specifically tailored to increase your revenue with minimal administrative and support costs.
- Creates new revenue opportunities
- Reduces administrative overhead to lower operational costs
- Supports existing business processes
- Enhances brand awareness
- Demonstrates added value
- Grows with your needs
All-in-one managed services solution
SMP integrates a wide array of built-in managed services into a single turnkey solution:
- Network and firewall management
- Dynamic VPN management
- Gateway firmware updates
- Antivirus and anti-spam
- URL filtering
- Gateway antivirus signature updates
- Logging, monitoring, and reporting
- Notifications and custom alerts
- Dynamic DNS
- Vulnerability scanning
These services enable service providers to deliver a flexible and comprehensive value-added managed security service offering to small businesses, while maintaining cost effectiveness. SMP allows complete remote management of all network security aspects and significantly reduces the need for onsite configuration and troubleshooting. In addition, Safe@Office gateways can be preconfigured before being shipped to the customer, thereby minimizing deployment time and costs.
Streamlined provisioning and maintenance
SMP simplifies the deployment and maintenance of Safe@Office gateways by using group-based management tools. Administrators can define multiple service plans, each consisting of a template that defines the plan’s expiration date, gateway properties, VPN settings and security policy, as well as additional services such as antivirus protection and content filtering.
Once a subscription-based service plan has been defined, it can be associated with an unlimited number of Safe@Office gateways. Each gateway that is assigned a particular service plan inherits all of that plan’s properties, but specific aspects can be overridden if required. When the administrator updates the plan via SMP’s Web-based user interface, the changes are automatically applied to all the appropriate gateways. By eliminating the need to make repetitive policy changes to thousands of individual devices, SMP delivers unparalleled scalability and time savings.
SMP includes a user-friendly, Web-based interface, which allows you to provide efficient customer support and reduce customer representative training costs. The tree-based interface provides an intuitive display for viewing and editing service plans, customers, gateways, VPN communities and security policies. The interface also provides a single, centralized snapshot of all rules, objects, logs, statuses and alerts for Safe@Office gateways.
Granular role-based administration
SMP provides a flexible and granular method for distributing management responsibility among a group of administrators by dividing responsibilities according to type of service plan, customer or specific functional tasks. System administrators can create and customize system user roles with a fine level of detail, specifying exactly which objects can be viewed, edited or created.
All administrator activity is logged and reported, thus improving security by providing information that can identify unauthorized policy changes.
Integration with back-office operations
SMP includes a comprehensive SOAP/XML standards-compliant API that allows easy integration with third-party billing systems, customer service applications and other third-party systems so you can leverage your back-office infrastructure and support existing business processes.
SMP provides the option of enabling a Web-based Self-Provisioning Portal (SPP) that allows customers to control certain aspects of their security services, thus reducing customer support overhead and operating costs. For example, customers can be permitted to change their personal details or to modify their list of Web Filtering categories.
Logging, reporting, monitoring and alerts
SMP turns the vast amount of data collected from security devices into understandable information that can be used to demonstrate security services’ effectiveness and value-for-money to customers. Security reports are automatically generated and emailed to customers at predefined intervals and can also be viewed directly from the SMP management interface. Security reports include information about blocked attacks, detected viruses, filtered Web sites, detected spam and more.
In addition, SMP offers powerful real-time monitoring tools that enable you to see the status of the SMP server and connected devices at a single glance. These tools include real-time load visualization graphs, status displays and customizable alerts. You can use real-time alerts and notifications to proactively support your customers and notify them of connection outages, VPN tunnel drops or attacks, all before the customers become aware of these problems.
Resilient management infrastructure
SMP provides a fully redundant management infrastructure that enables extensive control of customer security. Service providers can deploy more than one management server in a NOC with full load balancing and automatic failover, thereby enabling around the clock business availability, fault tolerance, high performance and scalability.
Automatic firmware updates
Ensuring that thousands of gateways all enforce the highest level of security can be a daunting administrative task. To alleviate this problem, Safe@Office gateways use “pull” technology for automatic and scheduled firmware updates: gateways automatically detect and download new firmware whenever it becomes available on the management server, instead of the management server initiating communications with each individual gateway. This reduces the load on the management server. In addition, updates can be scheduled to minimize gateway downtime, and administrators also have the option to override group settings and push unique firmware and settings to specific gateways.
Virtual portal management
Service providers, value-added resellers (VARs) and system integrators can leverage their SMP deployment to create new business opportunities, in which they provide turnkey security management solutions to their business partners. SMP owners can create multiple virtual portals, each representing a “virtual SMP”, and sell them to partners that directly target end users in the SMB market segment. Such a business model allows SMP owners to further extend their product and service offering, while generating new revenue opportunities.
Gateway user authentication management
SMP can be used to remotely create and manage gateway administrator permissions, remote access VPN permissions, web filtering override permissions, hotspot authentication and remote desktop permissions.
Comprehensive web access policy
SMP supports a URL-based Web Filtering service that allows businesses to create Web access policies based on up to 60 categories of objectionable or malicious Web sites. In addition, service providers can also use Web rules to define gateway-specific or global white and black lists that allow or block access to specific URLs. By providing two ways of filtering content, SMP provides business owners with the flexibility to customize their Web Access policies to meet their needs.
Antivirus and anti-spam
SMP can ensure the content entering the network is scanned for viruses and spam. SMP offers support for Safe@Office automatic gateway antivirus updates and features a centralized, network-based email antivirus and anti-spam scanning solution. The integrated anti-spam service allows scanning email traffic for security threats before they ever reach the customer’s network, SMP ensures the content entering the network is free of malicious code and no bandwidth is wasted on downloading infected files.
Dynamic vpn community management
Many businesses use Virtual Private Networks (VPNs) to secure traffic between headquarters and remote offices and users. However, VPN management can be a time-consuming and complex task. SMP simplifies this by providing the Dynamic VPN (DVPN) module. In one step, administrators can define VPN communities and set security parameters for the entire VPN. By grouping a customer’s VPN endpoints in a community the administrator can automatically create fully meshed, star and nested VPN topologies establishing site-to-site tunnels between VPN peers. Once the VPN community is created all changes to gateways and internal networks are distributed to the entire community with the click of a button. New sites that are added automatically inherit the appropriate properties and establish secure IPSec sessions with the rest of the community. To ensure strong security in site-to-site VPN communications, the SMP internal Certificate Authority (CA) automatically issues X.509 digital certificates to all Safe@Office gateways that are part of a DVPN community and renews the certificates as needed.
Vulnerability scanning service
SMP integrates with a Vulnerability Scanning Service (VSS) that scans subscriber networks for security vulnerabilities. Vulnerability scanning reports include information about security vulnerabilities and information obtained by port scanning and can be generated automatically at user-defined intervals and emailed to customers. These reports are HTML-based and customizable and are an excellent tool for a service provider to demonstrate the added value
Integrated dynamic DNS
Tracking and monitoring customer gateways that use dynamic IP addresses can be difficult since their IP addresses change each time they connect to the Internet. SMP alleviates this issue by fully supporting the management and monitoring of dynamically addressed gateways. SMP can act as a secure Dynamic Domain Name Service (Dynamic DNS or DDNS) server, which constantly checks and updates the mapping of a domain name to a gateway’s corresponding IP address. Each time the gateway’s IP address changes, Dynamic DNS maps the domain name to the new IP address. With SMP, service providers can become Dynamic DNS providers for gateway owners, without any need for a third party provider.
Microsoft Windows 2000/2003 Server
Security Management Platform (SMP) - 10 Gateways
Security Management Platform (SMP) - 50 Gateways
Security Management Platform (SMP) - 250 Gateways
Security Management Platform (SMP) - 500 Gateways
Security Management Platform (SMP) - 1000 Gateways
Security Management Platform (SMP) - 5000 Gateways
1 Year of Gateway Software Updates - 5 Nodes
1 Year of Gateway VStream Antivirus Signature Updates - 5 Nodes
1 Year Category-based Web Filtering - 5 nodes
Security Management Platform (SMP) - 10 Gateways
- Products A-Z
- Appliances Overview
- 600 Appliances
- 1100 Appliances
- 2200 Appliances
- 4000 Appliances
- 12000 Appliances
- 21000 Appliance
- 41000 Security System
- 61000 Security System
- DDoS Protector Appliances
- Secure Web Gateway Appliance
- Threat Prevention Appliance
- Series 80
- UTM-1 Edge
- Virtual Systems
- Integrated Appliance Solution
- Software Blades
- Software Blades Overview
- Security Gateway
- IPSec VPN
- Mobile Access
- Application Control
- Identity Awareness
- Web Security
- URL Filtering
- Anti-Spam & Email Security
- Advanced Networking & Clustering
- Voice over IP (VoIP)
- Threat Prevention
- ThreatCloud IntelliStore
- ThreatCloud Emulation Service
- ThreatEmulator Portal
- Security Management
- Network Policy Management
- Endpoint Policy Management
- Logging & Status
- Management Portal
- User Directory
- Multi-Domain Security Management
- Virtualization Security
- Security Gateway Virtual Edition
- Cloud Security
- Virtual Appliance for Amazon Web Services
- Security Systems
- Security Systems Overview
- Endpoint Security
- Endpoint Security
- Full Disk Encryption
- Media Encryption
- Anti-Malware & Program Control
- Remote Access VPN
- Firewall & Compliance
- Remote Access
- Consumer Products
- ZoneAlarm Antivirus
- ZoneAlarm ForceField
- ZoneAlarm Internet Security Suite
- Time to Shore up Security on Wireless Networks
- More than Passwords: Five Rules to Ward off Wireless Pests
- Five Keys to Secure Wireless LANs
- Success Stories