Sarbanes-Oxley Act of 2002 (SOX) Solution

Implementation: DS5.5

COBIT Control Objective	Check Point Solution
DS5.5 Security Testing, Surveillance and Monitoring Test and monitor the IT security implementation in a proactive way. A logging and monitoring function will enable the early prevention and/or detection and subsequent timely reporting of unusual and/or abnormal activities that may need to be addressed.	Check Point's SmartCenter and Eventia Suite — Eventia Reporter and Eventia Analyzer — centralize logging, updates, monitoring, and reporting of system events and activity, enabling enterprises to gain a holistic picture of their security and network activity trends. The consistent presentation of data across the enterprise enables more effective data collection, analysis, and response. The Eventia Suite collects, audits, correlates, and reports on logs and event activity across all Check Point products and across a diverse range of third-party products. Eventia Reporter gathers information to report on cross-product attacks, blocked traffic, login activity, and network activity. Eventia Reporter endpoint security reports include centralized reporting of Check Point Endpoint Security data on compliance violations, firewall events, blocked programs, Check Point Endpoint Security MailSafe events, spyware, Malicious Code Protector outcomes, and client errors. Eventia Reporter also provides reports on antivirus activity, Connectra, InterSpect, and VPN-1 Power VSX log reports. The Eventia Suite enables enterprises to build audit trails of user access to cardholder data, administrator actions, invalid logical access attempts, and much more. Eventia Analyzer supports the initialization of audit logs, secure access to audit information, and allows for creation and deletion of system-level objects. In addition, Eventia Analyzer provides alerts when the audit logs are initialized and when system objects are created and deleted. Check Point user authentication and logging features allow customers to implement audit trails to reconstruct and analyze system events.

COBIT Control Objective

Check Point Solution

DS5.5 Security Testing, Surveillance and Monitoring

Test and monitor the IT security implementation in a proactive way.
A logging and monitoring function will enable the early prevention and/or detection and subsequent timely reporting of unusual and/or abnormal activities that may need to be addressed.

Check Point's SmartCenter and Eventia Suite — Eventia Reporter and Eventia Analyzer — centralize logging, updates, monitoring, and reporting of system events and activity, enabling enterprises to gain a holistic picture of their security and network activity trends. The consistent presentation of data across the enterprise enables more effective data collection, analysis, and response.

The Eventia Suite collects, audits, correlates, and reports on logs and event activity across all Check Point products and across a diverse range of third-party products. Eventia Reporter gathers information to report on cross-product attacks, blocked traffic, login activity, and network activity.

Eventia Reporter endpoint security reports include centralized reporting of Check Point Endpoint Security data on compliance violations, firewall events, blocked programs, Check Point Endpoint Security MailSafe events, spyware, Malicious Code Protector outcomes, and client errors. Eventia Reporter also provides reports on antivirus activity, Connectra, InterSpect, and VPN-1 Power VSX log reports.

The Eventia Suite enables enterprises to build audit trails of user access to cardholder data, administrator actions, invalid logical access attempts, and much more. Eventia Analyzer supports the initialization of audit logs, secure access to audit information, and allows for creation and deletion of system-level objects. In addition, Eventia Analyzer provides alerts when the audit logs are initialized and when system objects are created and deleted.

Check Point user authentication and logging features allow customers to implement audit trails to reconstruct and analyze system events.

Go to Check Point Product Info:

Return to Implementation