• Next-generation security prevention, protection and performance
• Industry-leading intrusion protection and firewall—as tested NSS Labs—delivers 1,000s of signature, behavioral and preemptive protections
• Check Point is ranked #1 in Microsoft and Adobe threat coverage
• Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall
• Unrivaled, multi-Gigabit performance in an integrated IPS
• Up to 15 Gbps of IPS and 30 Gbps of firewall throughput
• Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput
• CoreXL technology provides the most efficient and high-performance use of multi-core technologies
• Lowest TCO and fastest ROI of any enterprise-class firewall solution
• One-click activation of IPS and firewall protection on any Check Point gateway
• Delivers unmatched extensibility and flexibility—all without adding CapEx
• Integrated into Check Point Software Blade Architecture for on-demand security

• Malware attacks
• Dos and DDoS attacks
• Application and server vulnerabilities
• Insider threats
• Unwanted application traffic, including IM and P2P
• Geo-protections

• New protections sandbox – Build confidence in a ‘sandbox’ environment with no impact on your network.
• Automatic protection activation – Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections are eliminated.
• Unified Management – The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other security gateway Software Blades and Check Point dedicated IPS.
• Configurable, actionable monitoring – Track events through detailed reports and logs of what is most important. The new Security Management Software Blade for IPS and Security Provisioning Software Blade simplify threat analysis and reduce operational overhead.
• Business-level views – Customizable reports provide easy monitoring of critical security events associated with your business-critical systems.
• Multi-dimensional sorting – Drag-and-drop columns of event data and the information will be automatically re-ordered.
• Actionable event logs – Edit the associated protection, create an exception or view packet data directly from log entries.

• Identify, allow, block or limit usage of applications, and features within them
• Enable safe Internet use while protecting against threats and malware
• Leverage the world's largest application library with more than 6,600 web 2.0 applications

• Create granular policy definitions per user and group
• Integrate seamlessly with Active Directory
• Protect environments with social media and Internet applications

• Rely on 24/7 advanced protection
• Reap the benefits of application control and intrusion protection (IPS), as well as extensibility support for additional security capabilities
• Get greater understanding into security events with integrated, easy-to-use centralized management
• Join more than 170,000 customers, including 100 percent of Fortune 100 companies

• Querying the Active Directory
• Through a captive portal
• Installing a one-time, thin client-side agent

Check Point SandBlast Agent provides purpose-built advanced Zero-Day Protection capabilities to protect web browsers and endpoints, leveraging Check Point’s industry leading network protections.SandBlast Agent ensures complete real-time coverage across threat vectors, letting your employees work safely no matter where they are without compromising on productivity. Threat Emulation capability emulates unknown files in contained environment to detect malicious behaviors and prevent infections while Threat Extraction provides sanitized risk-free files to the users instantly.

Anti-Ransomware protection stops ransomware in its tracks and reverses the damage automatically, ensures organizations are protected against malicious extortion attacks that encrypt business data and demand ransom payment for its retrieval. Zero Phishing proactively blocks access to new and unknown deceptive websites and safeguards user credentials by preventing the use of corporate passwords on external websites.

SandBlast Agent captures forensics data with continuous collection of all relevant system events, and then provides actionable incident analysis to quickly understand complete attack lifecycle. With visibility into the scope, damage, and attack vectors, incident response teams maximize productivity and minimize organizational exposure.

Features:

• Threat Emulation: Evasion resistant sandbox technology
• Threat Extraction: Delivers sanitized risk-free files to users in real-time
• Anti-ransomware: Prevents and remediates evasive ransomware attacks
• Zero-Phishing: Blocks deceptive phishing sites and alerts on password reuse
• Anti-Bot: Identify and isolate infected hosts
• Anti-Exploit: Protects applications against exploit based attacks
• Behavioral Guard: Detects and blocks malicious behaviors
• Endpoint Antivirus: Protects against known malware
• Forensics: Records and analyzes all endpoint events to provide actionable attack forensics reports

Benefits:

• Advanced threat protection and automated endpoint forensic analysis for all malware types
• Prevents and remediates evasive ransomware attacks
• Proactively blocks known, unknown and zero-day malware
• Provides instant actionable understanding of attacks
• Automatically remediates infections
• Protects users credentials

• Mitigate security risks
• Reduce operations expense and complexity
• Improve regulatory compliance
• Accelerate time-to-value
• Improve visibility

Privileged accounts represent the largest security vulnerability an organization faces today. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations. Stolen, abused or misused privileged credentials are used in nearly all breaches. With this growing threat, organizations need controls put in place to proactively protect against, detect and respond to in-progress cyber attacks before they strike vital systems and compromise sensitive data.

CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry’s most comprehensive Privileged Account Security Solution. Each product can be managed independently or combined for a cohesive and complete solution for operating systems, databases, applications, hypervisors, network devices, security appliances and more. The solution is designed for on-premise, hybrid cloud and OT/SCADA environments.

The CyberArk Privileged Account Security Solution is based on CyberArk Shared Technology Platform™, which combines an isolated vault server, a unified policy engine, and a discovery engine to provide scalability, reliability and unmatched security for privileged accounts.

Product list:

Enterprise Password Vault® fully protects privileged passwords based on privileged account security policies and controls who can access which passwords when.

SSH Key Manager™ secures, rotates and controls access to SSH keys in accordance with policy to prevent unauthorized access to privileged accounts.

Privileged Session Manager® isolates, controls, and monitors privileged user access as well as activities for critical Unix, Linux, and Windows-based systems, databases, and virtual machines.

Privileged Threat Analytics™ analyzes and alerts on previously undetectable malicious privileged user behavior enabling incident response teams to disrupt and quickly respond to an attack.

Application Identity Manager™ eliminates hard-coded passwords and locally stored SSH keys from applications, service accounts and scripts with no impact on application performance.

CyberArk Viewfinity enables organizations to remove local administrator privileges from business users and control applications on Windows endpoints and servers.

On-Demand Privileges Manager™ allows for control and continuous monitoring of the commands super-users run based on their role and task.