Sarbanes-Oxley Act of 2002 (SOX) Solution

Implementation: DS5.3

COBIT Control Objective	Check Point Solution
DS5.3 Identity Management Ensure that all users are uniquely identifiable. Enable user identities via authentication mechanisms. Maintain user identities and access rights in a central repository. Deploy cost-effective technical and procedural measures, and keep them current to establish user identification, implement authentication and enforce access rights.	Access control is an essential element of all Check Point security solutions. Check Point's perimeter, internal, Web, and endpoint solutions allow for the creation of granular access and authorization rules. VPN-1 and InterSpect enforce access policies at the perimeter and on the internal network. Connectra and VPN-1 enforce access policies when providing remote access to users outside the perimeter. Check Point Endpoint Security uses desktop firewall rules and network zones to limit PC access to network resources and segments. These access policies define what resources an individual, group, or department is authorized to view. Check Point VARs, SIs, and business partners can provide consulting services to help an organization deploy and configure Check Point solutions so user access is restricted as required in section DS5.3.

COBIT Control Objective

Check Point Solution

DS5.3 Identity Management

Ensure that all users are uniquely identifiable. Enable user identities via authentication mechanisms.
Maintain user identities and access rights in a central repository.
Deploy cost-effective technical and procedural measures, and keep them current to establish user identification, implement authentication and enforce access rights.

Access control is an essential element of all Check Point security solutions. Check Point's perimeter, internal, Web, and endpoint solutions allow for the creation of granular access and authorization rules. VPN-1 and InterSpect enforce access policies at the perimeter and on the internal network. Connectra and VPN-1 enforce access policies when providing remote access to users outside the perimeter. Check Point Endpoint Security uses desktop firewall rules and network zones to limit PC access to network resources and segments. These access policies define what resources an individual, group, or department is authorized to view.

Check Point VARs, SIs, and business partners can provide consulting services to help an organization deploy and configure Check Point solutions so user access is restricted as required in section DS5.3.

Go to Check Point Product Info:

Return to Implementation