Firewall Software Blade – Network Firewall

The Check Point Firewall builds on the award-winning technology first offered in Check Point’s FireWall-1 solution to provide the industry’s strongest level of gateway security and identity awareness. Check Point’s firewalls are trusted by 95% of the Fortune 100 and deployed by over 100,000 customers, and have demonstrated industry leadership and continued innovation since the introduction of FireWall-1 in 1994.




Proven gateway security with industry-leading firewall performance

  • Protects over 100,000 customers and 95% of Fortune 100
  • Includes patented stateful packet inspection
  • Up to 539 Gbps firewall throughput with real-world traffic mix (SecurityPower benchmark)

User and machine identity awareness balance security and business need

  • Enables granular policy definitions per user and group
  • Seamless integration with Active Directory
  • Ideal for protecting environments with social media and Internet applications

Integrated into the Check Point Infinity Architecture

  • Centralized management, logging and reporting via a single console
  • Automatic activation of the Firewall on Check Point Security Gateways


Access Control

The Check Point Firewall enables network administrators to securely control access to clients, servers and applications. With detailed visibility into users, groups, applications, machines and connection types, the Check Point Firewall enables network administrators to provide superior protection across the entire organization.


To ensure the security of your network, you need to be able to confirm the identity of all users attempting to access it. Authentication assigns access permissions to individuals and groups, based on their level of responsibility and role within the organization.

Based on the industry’s most advanced Identity Awareness, the Check Point Firewall provides robust authentication capabilities to confirm the identity of all users and establish their rights and privileges.

The authentication component of the Firewall Software Blade offers:

  • Multiple and complementary methods for gaining identity awareness
  • Integrated user and machine awareness functionality across the security gateway and management

User and Machine Awareness

User and machine awareness balances security with business needs by enabling granular policy definitions per user and group.

Seamless and agent-less integration with Active Directory provides complete user identification, enabling simple application-based policy definition per user or group directly from the firewall.

Users’ identification may be acquired from:

  • Active Directory (AD) Query
  • Browser-based Authentication
  • Identity Agents (installed on the Endpoint)
  • Terminal Servers Agents
  • Radius Accounting
  • Remote Access Clients
  • Identity Collector (Cisco ISE/pxGrid and Active Directory)
  • Web API

Bridge Mode

A Security Gateway in bridge mode operates as a regular firewall, inspecting traffic and dropping or blocking unauthorized or unsafe traffic, and is invisible to all Layer-3 traffic. When authorized traffic arrives at the gateway, it is passed from one interface to another through a procedure known as bridging. Bridging creates a Layer-2 relationship between two or more interfaces, whereby any traffic that enters one interface always exits the other. This way, the firewall can inspect and forward traffic without interfering with the original IP routing.

Network Address Translation (NAT)

Whether computers have routable or non-routable addresses, administrators may want to conceal their real addresses, to ensure that addresses cannot be seen from outside the organization or from other parts of the same organization. A network’s internal address contains the topology of the network and therefore hiding this information greatly enhances security.


Geo-protections enforce or monitor traffic based on the source or destination country. In the unified access control policy create a geo-protection policy with exceptions to allow legitimate traffic through while blocking or monitoring traffic from unknown and untrusted sources. Monitor activity with SmartEvent.

Integrated into the Check Point Infintiy Architecture

The Check Point Firewall is integrated into the Check Point Infinity Architecture and included when you purchase a Security Gateway product.

Learn More

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO