Check Point Next Generation Firewall (NGFW)

Benefits Detects and controls application usage

• Identify, allow, block or limit usage of applications, and features within them
• Enable safe Internet use while protecting against threats and malware
• Leverage the world's largest application library with more than 6,600 web 2.0 applications

Supports advanced identity awareness for stress-free policy enforcement

• Create granular policy definitions per user and group
• Integrate seamlessly with Active Directory
• Protect environments with social media and Internet applications

Provides proven gateway security in a single, dedicated appliance

• Rely on 24/7 advanced protection
• Reap the benefits of application control and intrusion protection (IPS), as well as extensibility support for additional security capabilities
• Get greater understanding into security events with integrated, easy-to-use centralized management
• Join more than 170,000 customers, including 100 percent of Fortune 100 companies

Features Identity awareness Great security involves limiting and tracking access to sensitive data and resources. With the Next Generation Firewall, your administrators get detailed visibility into the users, groups, applications, machines and connection types on your network so they can assign permissions to the right users and devices. The firewall makes it easy and cost-effective to enforce security policy, giving granular permission control over these entities; this results in superior protection across the entire security gateway. Seamless and agent-less integration with Active Directory provides complete user identification, enabling simple, application-based policy definition per user or group directly from the firewall. Users’ identification may be acquired in one of three simple methods:

• Querying the Active Directory
• Through a captive portal
• Installing a one-time, thin client-side agent

Application control Employees are using more apps than ever, and you’re on the hook to protect them regardless of what they use. Check Point Next Generation Firewall has the industry’s largest application coverage, with more than 6,600 applications and 260,000 social network widgets included. You can create granular security policies based on users or groups to identify, block or limit usage of web applications and widgets like instant messaging, social networking, video streaming, VoIP, games and more. Logging and status To help you make sense out of your security event data, we included SmartLog, an advanced log analyzer that delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains. Integrated security management Our unified security management simplifies the monumental task of managing your security environment. You’ll see and control threats, devices and users with a highly intuitive graphical interface providing views, details and reports on your security health. Manage all your Check Point gateways and software blades from one comprehensive, centralized security dashboard. Intrusion prevention Next Generation Firewall includes the Check Point IPS Software Blade, which secures your network by inspecting packets traversing through the gateway. It is a full-featured IPS, providing geo-protections and frequent, automated threat definition updates. Because the IPS is part of the integrated Software Blade Architecture, you’ll get all the deployment and management advantages of a unified and extensible solution.