IPS-1 Robust and accurate intrusion prevention

Similar documents
Symantec Network Security 7100 Series

Solution Brief. Integrated IP Appliances (formerly Nokia): Top Reasons to Migrate

CHECK POINT TOTAL SECURITY APPLIANCES. Flexible Deployment. Centralized Management.

OpenChoice Flexible Deployment. Centralized Management.

Check Point Appliance

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IBM Internet Security Systems Proventia Management SiteProtector

INFINIT Y TOTAL PROTECTION

The New Face of Intrusion Prevention. Check Point IPS Software Blade gives breakthrough performance and protection at a breakthrough price

Managed Endpoint Defense

Securing Your Microsoft Azure Virtual Networks

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Securing Your Amazon Web Services Virtual Networks

Symantec Client Security. Integrated protection for network and remote clients.

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Cisco Stealthwatch Endpoint License

Cisco ASA 5500 Series IPS Solution

ABSOLUTE REAL-TIME PROTECTION SERIES

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

CA Security Management

CA Host-Based Intrusion Prevention System r8

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

IBM Proventia Network Anomaly Detection System

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

McAfee Virtual Network Security Platform

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Comprehensive Database Security

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

CHECK POINT AND SECURITY SYSTEMS

Cisco 3300 Series Mobility Services Engine. Open, Appliance-Based Platform for Delivering Mobility Services

Check Point 4400 Appliance

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

McAfee Endpoint Threat Defense and Response Family

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Security Platform. Security. Availability. Manageability. Scalability.

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion

Cisco FirePOWER 8000 Series Appliances

TECHNOLOGY BRIEF EXTENDING YOUR INVESTMENT IN SNORT

SmartWall Threat Defense System - NTD1100

Check Point 4800 Appliance

Check Point Appliance

Vulnerability Management

McAfee Network Security Platform

HP S1500 SSL Appliance. Product overview. Key features. Data sheet

IBM Security Network Protection Solutions

McAfee Network Security Platform

Check Point DDoS Protector Introduction

Cisco Intrusion Prevention Solutions

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

WHITE PAPER. Applying Software-Defined Security to the Branch Office

locuz.com SOC Services

The New Face of Intrusion Prevention. Check Point IPS Software Blade gives breakthrough performance and protection at a breakthrough price

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology

Agile Security Solutions

Cisco SR 520-T1 Secure Router

Continuous protection to reduce risk and maintain production availability

ExtremeWireless WiNG NX 9500

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Security Analytics Appliances

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Symantec Security Monitoring Services

NX 9500 INTEGRATED SERVICES PLATFORM SERIES FOR THE PRIVATE CLOUD

Carbon Black PCI Compliance Mapping Checklist

SIEMLESS THREAT MANAGEMENT

Symantec Enterprise Support Services Manage IT Risk. Maximize IT Performance.

NCIRC Security Tools NIAPC Submission Summary Juniper IDP 200

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH

Cisco Firepower NGFW. Anticipate, block, and respond to threats

align security instill confidence

Compare Security Analytics Solutions

Network Security Protection Alternatives for the Cloud

Cisco 3300 Series Mobility Services Engine

White Paper February McAfee Network Protection Solutions. Encrypted Threat Protection Network IPS for SSL Encrypted Traffic.

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

TRUE SECURITY-AS-A-SERVICE

OSSIR. 8 Novembre 2005

Automating the Top 20 CIS Critical Security Controls

Data Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features

Features. HDX WAN optimization. QoS

Un SOC avanzato per una efficace risposta al cybercrime

T: +44 (0) F: +44 (0) E: W:

IBM Next Generation Intrusion Prevention System

IBM Proventia Network Enterprise Scanner

Trend Micro Deep Security

Imperva SecureSphere Appliances

Virtual Patching Solution: Increased Protection and Reduced Maintenance for Process Control Systems

NEXT GENERATION SECURITY OPERATIONS CENTER

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

McAfee Public Cloud Server Security Suite

Snort: The World s Most Widely Deployed IPS Technology

Transcription:

Security Check Point security solutions are the marketleading choice for securing the infrastructure. IPS-1 Robust and accurate intrusion prevention Today s s operate in an environment that is ever changing, with dynamic configurations, policy requirements, deployment needs, and security threats. Check Point IPS-1 is a dedicated intrusion detection and prevention system (IDS/IPS) that helps organizations secure their enterprise, and protect servers and critical data against worms, automated malware, and blended threats both known and unknown. IPS-1 provides the strong, robust, and dynamic security for which Check Point is known. In addition, IPS-1 features superior management tools that increase administrator efficiency and provide unique rapid-response mitigation. The highly intuitive IPS-1 centralized interface provides graphical management tools that allow a system administrator to quickly identify and act on threats to the. IPS-1 management and enforcement are unified with the Check Point security architecture, so administrators can implement IPS defenses seamlessly across an entire security infrastructure. Also, because of this unification, the familiar, intuitive Check Point interface helps reduce IPS-1 training costs and increase administrator effectiveness. Key benefits n Robust security to protect your and business against increasingly sophisticated attacks and attack vectors n Efficient management to overcome data overload with tools that provide direct, graphical focus only on important security events associated with critical business systems n Flexible deployment to deliver defense configurations to meet everchanging dynamics and policy requirements IPS-1 solutions are available both as turnkey Check Point appliances and software-only versions that can run on open servers. IPS-1 also offers multiple deployment modes inline, bridge, IDS that add to its flexibility. THE SECURITY TO PROTECT YOUR NETWORK IPS-1 utilizes multiple methods of defense to protect your and business against the multitude of increasingly sophisticated attacks and attack vectors. Accurate and granular attack prevention Designed to provide immediate and reliable blocking of unwanted traffic, IPS-1 systems not only stop backdoor and blended threats (such as Code Red, MS Blaster, Nimda, and SQL Slammer worms), but also attacks including SQL injection, command tampering, and polymorphic buffer overflows in real time before they can affect your organization. From its core outward, IPS-1 is built to deliver trusted intrusion prevention while minimizing the time, costs, and staff requirements associated with intrusions. * Hybrid Detection Engine At the heart of IPS-1 is the Hybrid Detection Engine, which uses multiple detection and analysis techniques including vulnerability signatures, exploit signatures,

IPS-1 anomaly detection, protocol analysis, operating system and application fingerprinting, smart IP reassembly, multi-element correlation, and dynamic worm mitigation. This robust detection engine enables broad coverage across the threat spectrum, ensuring IT assets are protected against known and unknown threats. Attack Confidence Indexing IPS-1 includes a unique feature called Attack Confidence Indexing that enables administrators to direct and calibrate prevention enforcement according to factors such as the threat and asset under attack. Attack Confidence Indexing allows known exploits to be blocked with no concern of blocking critical business traffic. Multi-alert Correlation Multi-alert Correlation identifies patterns in alert activity that would otherwise be reported as separate, unrelated events. For example, a single source IP launching multiple attacks across a geographically distributed would be correlated and raised as a higher priority correlated alert. Dynamic Worm Mitigation Dynamic Worm Mitigation recognizes rapidly propagating worms and automatically blocks them from proliferating across your entire. Aware, adaptive, and actionable security IPS-1 automatically recognizes threat points and dynamically protects them against inevitable attack. IPS-1 determines critical vulnerabilities and changes in the, alerts security managers to these threatened points, and automatically deploys the proper signature sets to protect them before they are attacked. Ongoing security updates via SmartDefense Services IPS-1 systems are backed by Check Point SmartDefense Services, which provide ongoing, real-time updates and security advisories, helping ensure that Check Point security solutions are continuously updated to stay ahead of today s constantly evolving threats. Security experts at the SmartDefense Research Center continuously monitor the Internet for new exploits and vulnerabilities and rapidly develop and deliver new protections to help ensure that your and business are protected from evolving threats. The IPS-1 Vulnerability Browser enables vulnerability scanning, viewing, and management from a single dashboard. THE MANAGEMENT TO SOLVE DATA OVERLOAD Only IPS-1 delivers the management tools required to keep your administrators from drowning in data and starving for critical, actionable information. Situational Visibility IPS-1 provides instant awareness of only what s important important security events associated with business-critical systems. A real-time graphical interface isolates and highlights critical attacks against essential business systems accelerating the ability to recognize, evaluate, and act upon truly critical events. This at a glance monitoring not only makes operators of any skill level more efficient, but a simple mouse click allows them to quickly and easily evaluate critical events, set response, and remediation actions. Advanced forensic analysis IPS-1 allows you to quickly sort through an overload of alert information to identify actionable events and their patterns, including the attack source, attack methods, severity, targets, frequency, and many others. From there, a single mouse click provides alert detail information including attack description, effect, importance, remediation, third-party information sources, and more. Packet capture View deep forensic analysis and packet capture information of attacks. Alert flood suppression Alert flood suppression recognizes and automatically consolidates bursts of alert floods and presents them as a single consolidated alert rather than an unmanageable flood of alerts on your screen. Top 10 graphs Delivers quick and exacting graphical views of the Top 10 attackers, attack targets, protocols, and so on. An intuitive Timeline View makes it easy for administrators to analyze alerts that appeared within a particular time period.

Robust and accurate intrusion prevention Check Point Eventia Analyzer Automate event correlation for compliance audits with Eventia Analyzer integration. Additionally, utilize Eventia Analyzer to correlate data from IPS-1 and other security devices to prioritize events for decisive, intelligent action. Intuitive, centralized management IPS-1 centralized management delivers simplicity with small deployments and intuitive, powerful centralized control and scalability for large enterprise deployments. Using graphics, automation, and wizard-driven features, IPS-1 saves your security staff time by making management of security more intuitive and more efficient. THE FLEXIBILITY TO MEET THE NEEDS OF TODAY S DYNAMIC NETWORKS IPS-1 delivers the flexibility to meet the ever-changing dynamics, policy requirements, and deployment needs of today s environments. inline bridge mode, or inline blocking mode with fail severed/ unsevered, and can be deployed to meet mixed IDS and IPS chokepoint requirements. Software-only option Build your own sensor for deployment, easy staging, or as a quick, hot spare with the IPS-1 software-only option. Leverage the fully hardened and secured Check Point operating system, SecurePlatform, which combines the simplicity and builtin security of an appliance with the flexibility of an open server. Then you can turn an off-the-shelf server into a high-performance IPS-1 sensor in less than 30 minutes. Open signatures and signature language IPS-1 signatures and its signature language are open, thus allowing you to see how IPS-1 works, and, more importantly, enabling you to meet any special, unforeseen security requirements such as supporting nonstandard protocols. Multiple deployment modes IPS-1 sensor appliances have a built-in hardware-level bypass function and can be deployed in passive IDS mode, IPS-1 Dashboard Check Point Unified Security Architecture Scalable, centralized management Graphical, Situational Visibility Granular forensic analysis Reporting and compliance IPS-1 Management Server Optimized data store Multi-alert Correlation Dynamic shielding Flexible Integration Check Point products Common third-party SIMs Nessus More s Hybrid Detection Engine (HDE) Attack Confidence Indexing Open signature language Multi-mode prevention appliance with fail severed or unsevered options The IPS-1 intrusion prevention system is based on a three-tier architecture, providing reliability and scalability. puresecurity

IPS-1 ApplianceS location Performance Throughput (IPS/IDS) Maximum number of CPU cores Attributes Monitoring interfaces 50 200 50/75 Mbps 200/250 Mbps 2 x Copper 4 x Mbps or Mixed 4 copper plus 4 1000 Mbps fiber 500 500 Mbps/ 1 Gbps Copper 8 x Mbps or Mixed 4 copper plus 4 1000 Mbps fiber IPS-1 Sensor 1000 Integrated Solution IPS-1 Power Sensor 2000 IPS-1 Software only Sensor 100 Sensor 200 1.3/2.3 Gbps 2/4 Gbps 100/200 Mbps 200/250 Mbps 8 x or 8 x 1000 Mbps fiber 8 x or 8 x 1000 Mbps fiber Sensor 500 500 Mbps/ 1 Gbps Sensor 1000 1/2 Gbps 1 2 4 8 Maximum of 4 Maximum of 4 Maximum of 6 Maximum of 8 Management interfaces 1 x 10/100 Form factor 1U 1U 1U 2U 4U Dimensions, H x W x D in. (cm) 1.703 x 16.8 x 13.4 (4.325 x 42.6 x 37.98) 1.70 x 16.93 x 20 (4.325 x 43.0 x 50.8) 1.70 x 16.93 x 20 (4.325 x 43.0 x 50.8) 3.36 x 17.5 x 27.5 (8.54 x 44.36 x 69.8) 2 @ 3.5 x 17 x 22.5 (8.9 x 43.2 x 57.1) Weight lbs (kg) 15 (6.8) 31 (14.1) 35 (15.9) 46 (20.86) 2 @ 40 (18) Physical characteristics Redundant power supplies No No No Yes Yes Hardware-level bypass Yes Yes Yes Yes Yes Power Amps 6/3 6.5/3.2 6.7 10/5 10 (5 per box) Voltage (AC) 110/220 100/127 100/127 110/220 100/240 Input range (AC) 100 240 Environmental range Operating temperature Nonoperating temperature Relative humidity (nonoperating) RF emissions 0 C to 40 C (ambient) 10 C to 35 C 10 C to 35 C 10 C to 35 C 0 C to 40 C (ambient) -20 C to 80 C -40 C to 70 C -40 C to 70 C -10 C to 43 C 10% to 90% (non condensing) 10% to 90% (non condensing) FCC Part 15 Class A Subpart B (US/ Canada) *NSS-approved certification achieved on Sentivist Smart Sensor 100C v1.3. contact check point Worldwide Headquarters 5 Ha Solelim Street, Tel Aviv 67897, Israel Tel: 972-3-753-4555 Fax: 972-3-624-1100 Email: info@checkpoint.com U.S. Headquarters 800 Bridge Parkway, Redwood City, CA 94065 Tel: 800-429-4391; 650-628-2000 Fax: 650-654-4233 www.checkpoint.com 2003 2008 Check Point Software Technologies Ltd. All rights reserved. Check Point, the Check Point logo, Attack Confidence Indexing, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Hybrid Detection Engine, IPS-1, PURE Security, the puresecurity logo, Sentivist, SmartCenter, and SmartDefense are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, and 7,165,076 and may be protected by other U.S. Patents, foreign patents, or pending applications. May 19, 2008 P/N 503054

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback