Check Point 4400 Appliance
Enterprise-grade security appliance (223 SPU/5Gbps)-fast networking and fiber and copper connectivity options

מאפיינים עיקריים:

SecurityPower™

עד היום, בחירת מוצר אבטחה היתה מבוססת על בסיס הערכת ביצוע ספציפי לכל אפשרות אבטחה, בד"כ תחת תנאי מעבדה אופטימליים ובשימוש במדיניות אבטחה בעלת חוק אחד בלבד. כיום לקוחות יכולים לבחור מכשירי אבטחה בעזרת דירוג ה- SecurityPower™שלהם אשר מבוסס על תנועת אמת של הלקוח, אפשרויות אבטחה מרובות ומדיניות אבטחה טיפוסית.

SecurityPower הינו סימן היכר אשר מודד את היכולות והתפוקה של מכשיר על-מנת לבצע מספר רב של אפשרויות אבטחה מתקדמות (Software Blades) כמו IPS, DLP ושליטה באפליקציות בתנאי תנועה אמיתיים.

פתרון אבטחה "הכל כלול"

דגם ה-4400 של צ'ק פוינט מציע פתרון אבטחה מלא ומאוחד בגורם תצורת 1U אשר מבוסס על ה-Software Blade Architecture של צ'ק פוינט. ה-4400 זמין ב-3 חבילות תוכנה, 7,8,10 blades, בפלטפורמה המספקת אבטחה מורחבת ומעודכנת.

• Next Generation Firewall (NGFW): identify and control applications by user and scan content to stop threats—with IPS and Application Control.
• Secure Web Gateway (SWG): enables secure use of Web 2.0 with real time multi-layered protection against web-borne malware—with Application Control, URL Filtering, Antivirus and SmartEvent.
• Next Generation Data Protection (NGDP): preemptively protect sensitive information from unintentional loss, educate users on proper data handling policies and empower them to remediate incidents in real-time—with IPS, Application Control and DLP.
• Next Generation Threat Prevention (NGTP): apply multiple layers of protection to prevent sophisticated cyber-threats— with IPS, Application Control, Antivirus, Anti-Bot, URL Filtering and Email Security.

ניהול אבטחה משולב

המכשיר יכול להיות מנוהל בצורה מקומית עם יכולות ניהול האבטחה המשולבות שלו או ע"י ניהול מרכזי. בשימוש בניהול מקומי, המכשיר יכול לנהל את עצמו ומכשיר סמוך אחד למטרות זמינות גבוהה.

גישת חיבור מרחוק למכשירי מובייל

כל מכשיר מגיע עם גישת חיבור למכשירי מובייל עבור 5 משתמשים, בעזרת ה-Mobile Access Blade. הרישיונות מספקים אבטחת גישה מרחוק למקורות הארגון ממגוון רחב של מכשירים, הכוללים סמרטפונים, טאבלטים, PC, MAC ו-LINUX.

GAiA - The Unified Security OS

ה-GAiA של צ'ק פוינט הינו הדור הבא של מערכת הפעלה מאובטחת לכל מכשירי צ'ק פוינט, סרברים ו-gateways וירטואליים. ה-GAiA משלב את המאפיינים הטובים ביותר מ-IPSO ו- SecurePlatform לתוך ה-OS ומספק ביצועים יעילים ומשופרים יותר. ה-GAiA מאבטח IPv4 ו –Ipv6 ותומך ברשתות מורכבות ע"י פרוטוקולים דינמיים כמו RIP, OSPF, BGP, PIM (sparse and dense mode) and IGMP.

ה-GAiA מפשטת את הניהול בעזרת הפרדת תפקידים כך שהיא מאפשרת גישה ניהולית המבוסס על התפקיד. יתרה על כך, ה-GAiA מאיצה את יעילות הפעילות ע"י עדכוני תוכנה אוטומטיים. תשתית ה-web עתירת המאפיינים מאפשרת חיפוש מידי מכל סוג של פקודה או מאפיינים. GAiA מציעה התאמה מלאה עם IPSO ושורת הפקודה של ה-SecurePlatform והופכת את המעבר לפשוט יותר עבור לקוחות צ'ק פוינט קיימים.

Product Comparison:

Hardware Specifications

¹ Check Point's SecurityPower is a new benchmark metric that allows customers to select security appliances by their capacity to handle real-world network traffic, multiple security functions and a typical security policy. ²With memory upgrade and GAiA OS

Software Specifications

NGFW = Next Generation Firewall;NGDP = Next Generation Data Protection;
NGTP = Next Generation Threat Prevention;SWG = Secure Web Gateway
- Included
* - Optional
¹ Not available on 4200
² Five users are included in default package

Technical Specifications:

¹Maximum production performance based upon the SecurityPower benchmark. Real-world traffic, Multiple Software Blades, Typical rule-base, NAT and Logging enabled. Check Point recommends 50% SPU utilization to provide room for additional Software Blades and future traffic growth. Find the right appliance for your performance and security requirements using the Appliance Selection Tool.

Virtual Systems:

Check Point Virtual Systems taps the power of virtualization to consolidate and simplify security for private clouds while delivering a lower total cost of ownership. It enables customized security against evolving network threats with the extensible Software Blade Architecture. Virtual Systems is supported on Check Point Appliances, including the 61000 Security System as well as open servers.

Benefits

Simplify and consolidate network security with Virtual Systems

• Add Virtual Systems to any gateway or leverage pre-configured Virtual System Appliances to secure multiple network segments
• Simplify enterprise-wide policy by creating tailored policies for each Virtual System
• Resource monitoring for each Virtual System; easily add, provision and upgrade without downtime

Deploy any Software Blades on any virtual system for customized protection

• Advanced protections now include: Firewall, VPN, IPS, Application Control, URL Filtering, Antivirus, Anti-Bot, Identity Awareness and Mobile Access
• Flexibility to enable Software Blades uniquely for each Virtual System with customized protections
• Enable separation of IT duties with dedicated Virtual Systems for Web Security, Threat Prevention, Firewall and Remote Access

Boost performance using the latest Check Point technologies

• Over eight times more concurrent connections with 64-Bit GAiA OS
• Increased throughput by utilizing multi-core processors with CoreXL technology
• Cluster up to eight gateways using patented VSLS technology for unmatched scalability

Features

Security Consolidation
For years, Check Point’s Virtual Systems technology has been providing value and protection for enterprises and service providers. This proven technology enables organizations to consolidate up to 250 gateways into a hardware platform providing savings on both capital equipment investments and ongoing support and maintenance. The streamlined management of the virtualized gateways further improves the operational efficiency of a resource-challenged IT department, bringing the needed simplicity to network security.

Flexible Software Blade Security
Supporting the latest Check Point Software Blade Architecture on every Virtual System, this solution delivers comprehensive and customized protection to multiple networks or virtual LANs (VLANs) within complex network infrastructures. Supporting Software Blades including Firewall, VPN, Intrusion Prevention (IPS), Identity Awareness, Application Control, URL Filtering, Antivirus and Anti-bot, administrators have the flexibility to configure any Software Blades with any security policy to any Virtual System.

Customizable Security Policies per Virtual System
The ability to tailor security policies for each Virtual System enable administrators to break down large complex network security policies into smaller more granular and more manageable policies. Customizing security policy base on business requirements minimize the complexity and create better security practice to meet the business needs.

Simple Deployment and Streamlined Central Management
Easily deploy Virtual Systems with pre-configured appliances or upgrading existing gateways using One-Click Conversion, effectively manage these Virtual Systems with simplified and central management using Check Point Security Management and Multi-Domain Security Management.

• One-Click Conversion
  Enabling Virtual Systems from a physical system is simple and fast with a single click to launch the Virtual System Conversion Wizard.
• Centralized Management and Provisioning
  
  • Integration with Check Point Security Management and Multi-Domain Security Management solutions
  • One-click conversion with Virtual SystemsWizard
  • Simple provisioning using the creation templates
  • Separate per virtual system management and data segregation enable cloud-based security-as-a-service offerings

High Performance Security
Combining the latest security solutions with the patented CoreXL technology and the 64-bit GAiA OS, performance for virtualized security deployments is greatly enhanced. Up to eight times more concurrent connection capacity and the multi-gigabit-per-second performance for firewall and IPS throughputs are just a few examples of the outstanding performance the solution will deliver. The new Check Point Virtual Systems are designed to meet the requirements for the most demanding network environments.

Linear Scalability
Today’s networks require flexibility and expandability to support the fast-evolving business needs. To meet this demanding business environment, Virtual Systems can be deployed on multiple gateways using Check Point’ high-performance technologies, ensuring secure, resilient, multi-gigabit throughput. Virtual Systems leverage the following features and technologies to maximize performance, capacity and system scalability:

• Virtual System Load Sharing (VSLS) distributes traffic load within a cluster, providing the ability to distribute virtual systems across multiple cluster members. Additional cluster members effectively share the virtual system traffic loads within the cluster, providing improved throughputs, connection capacity, high availability, simplified management and linear scalability
• Resource Control allows administrators to manage the processing load by guaranteeing that each virtual system will receive only the memory and CPU allocation it needs to deliver its functions. Resources not needed by one virtual system are automatically made available to other virtual systems. Administrators can also limit the CPU resource available to a lower-priority virtual system and assign more capacity to mission-critical virtual systems.

Integrated Virtual Routers and Switches
Simplify deployment, configuration and save costs of external network routers and switches. The integrated virtual routers and switches direct inter-Virtual System traffics to their intended destinations with higher efficiency.

Per Virtual System Resource Utilization Monitoring
Need to understand how your Virtual Systems are used to better plan your security resources, or want to create billable customer services based on their usage? Granular resource monitoring of CPU and memory for each virtual system gives you the necessary insights to effectively plan for your network security resources, or to provide usage-based services to your customers.

Flexible Packaging Options
Check Point Virtual Systems are offered either as a software-only option or in pre-configured bundles with Check Point Security Appliances and Software Blades, providing the flexibility and convenience for different deployment situations.The software only option allows customers to upgrade their existing Check Point Appliances and open servers to a Virtual System environment, or to build a customized Virtual System for their specific network security needs. The pre-configured bundles offer a quick turn-key solution that is easy to purchase and deploy.

Specifications

Virtual System Appliances
Pre-configured Virtual Systems bundled with Check Point Security Appliance, Virtual Systems and Software Blades. The Virtual System Appliances are available in single system and high-availability (VSLS) configurations.

¹ With memory upgrade and GAiA OS
² Via a Solution Center Request

Support Options:

Check Point UTM-1 Total Security 1-Year Model Support Options:

• Standard Support available at 12% of list per year
• Premium Supportavailable at 17% of list per year

Documentation:

Download the Check Point 4400 Appliance Datasheet (PDF).

Download the Check Point Appliance Comparison Chart (PDF).

Download the Check Point New Appliances Brochure (PDF).