Firewall Software Blade

The Check Point Firewall Software Blade builds on the award-winning technology first offered in Check Point’s FireWall-1 solution to provide the industry’s strongest level of gateway security and identity awareness. Check Point’s firewalls are trusted by 100% of the Fortune 100 and deployed by over 100,000 customers, and have demonstrated industry leadership and continued innovation since the introduction of FireWall-1 in 1994.


Proven gateway security with industry-leading firewall performance

  • Protects over 100,000 customers and 100% of Fortune 100
  • Includes patented stateful packet inspection
  • Up to 120 Gbps firewall throughput with real-world traffic mix (SecurityPower benchmark)

User and machine identity awareness balance security and business need

  • Enables granular policy definitions per user and group
  • Seamless integration with Active Directory
  • Ideal for protecting environments with social media and Internet applications

Integrated into Check Point Software Blade Architecture

  • Centralized management, logging and reporting via a single console
  • Automatic activation of Firewall Software Blade on security gateway systems


Access Control

The Firewall Software Blade enables network administrators to securely control access to clients, servers and applications. With detailed visibility into the users, groups, applications, machines and connection types, the Check Point Firewall Software Blade enables network administrators to provide superior protection across the entire security gateway.


To ensure the security of your network, you need to be able to confirm the identity of all users attempting to access it. Authentication assigns access permissions to individuals and groups, based on their level of responsibility and role within the organization.

Based on the industry’s most advanced identity awareness, the Firewall Software Blade provides robust authentication capabilities to confirm the identity of all users and establish their rights and privileges.

The authentication component of the Firewall Software Blade offers:

  • Multiple and complementary methods for gaining identity awareness
  • Integrated user and machine awareness functionality across the security gateway and management

Bridge Mode

A security gateway in bridge mode operates as a regular firewall, inspecting traffic and dropping or blocking unauthorized or unsafe traffic, and is invisible to all Layer-3 traffic. When authorized traffic arrives at the gateway, it is passed from one interface to another through a procedure known as bridging. Bridging creates a Layer-2 relationship between two or more interfaces, whereby any traffic that enters one interface always exits the other. This way, the firewall can inspect and forward traffic without interfering with the original IP routing.

User and Machine Awareness

User and machine awareness balances security with business needs by enabling granular policy definitions per user and group.

Seamless and agent-less integration with Active Directory provides complete user identification, enabling simple application-based policy definition per user or group directly from the firewall.

Users’ identification may be acquired in one of three simple methods:

  • Querying the active directory
  • Through a caprive portal
  • Installing a one-time, thin client-side agent

Network Address Translation (NAT)

Whether computers have routable or non-routable addresses, administrators may want to conceal their real addresses, to ensure that addresses cannot be seen from outside the organization or from other parts of the same organization. A network’s internal address contains the topology of the network and therefore hiding this information greatly enhances security.

Integrated into Check Point Software Blade Architecture

The Firewall Software Blade is integrated into the Software Blade Architecture and included in the Security Gateway container when you purchase a Security Gateway product.

This website uses cookies to ensure you get the best experience. More Info Got it, Thanks!