Check Point Software Technologies, Ltd. engages in the development, marketing, and support of Internet security solutions for enterprise networks and service providers. The company offers customers with a portfolio of network security, data security and management solutions.
The company’s products and services are sold to enterprises, service providers, small- and medium-sized businesses and consumers. Its Open Platform for Security (OPSEC) framework, allows customers to extend the capabilities of its products and services, enabling integration with hardware appliances and third-party security software applications. The company’s products are sold, integrated and serviced by a network of partners worldwide.
Products and services
The company’s products, services and technologies provide protection: for network perimeter - ensuring that only authorized users can access its customers' network resources and to detect and thwart attacks; against internal threats – protecting customers’ networks and endpoints from the threats that emerge within an organization, such as worms, internal hacking and misuse of business applications; for Web-based communications – allowing remote and mobile employees to securely connect to their organizations’ networks via a Web browser, and defending against attacks targeting customers’ Web-based business applications; for network endpoints – protecting both the endpoints themselves and the networks the endpoints are connected to, with security solutions that address the risks posed by hackers, worms, spyware and other threats to the internal and remote computers that access the company’s customers’ networks; and for data security – protecting sensitive corporate information, stored on mobile computing devices such as laptops, PDAs, smartphones and removable media and controlling data that traverses through security gateways.
The company packages and markets its products and services under different names. Each package addresses security tasks for different network environments. Its management and gateway software products run in a variety of deployment environments and platforms that include standard workstations and servers and appliance platforms such as those produced by Nokia and Crossbeam. Different client products run on different client operating systems such as Microsoft Windows, Mac OS, Microsoft Windows Mobile, Symbian and PalmOS.
Firewall and VPN security gateways
Firewall and VPN security gateways ensure the confidentiality, integrity and availability of corporate networks by controlling access to all entry and exit points of the network. Firewalls can also be deployed within an organization to control traffic between different segments. VPN security gateways are also used to securely connect geographically distributed offices or sites.
Enterprise solutions
VPN-1 UTM product family: VPN-1 UTM is a line of software-based unified threat management solutions designed for medium-sized businesses and enterprise regional sites, which have single or multiple sites. VPN-1 UTM integrates firewall, VPN, anti-virus, intrusion prevention and other security capabilities with simple and centralized management of all security functions.
VPN-1 Power product family: VPN-1 Power gateways integrate firewall, VPN and intrusion prevention technologies with performance acceleration technologies. It provides security and remote connectivity to corporate applications and network resources for enterprises with demanding performance requirements. VPN-1 Power is available as a gateway or bundled with the company’s centralized management solutions.
Solutions for large enterprises, service providers and telecommunication operators
VPN-1 Power VSX product family: VPN-1 Power VSX is a virtualized security gateway that allows large enterprises and service providers to create systems on a single hardware platform. VPN-1 Power VSX can be administered by the company’s centralized management solutions.
FireWall-1 GX product family: FireWall-1 GX security gateways designed to protect GPRS network infrastructure of wireless operators, enabling them to offer roaming to their data customers without exposing the network to potential security threats.
VPN-1 MASS product family: VPN-1 MASS security gateways enable mobile network operators to offer the connectivity and security of Unlicensed Mobile Access (UMA, a technology allowing roaming between Local Area Networks (LAN) and Wide Area Networks (WAN), while using the same mobile phone) without exposing the network to potential security threats.
Firewall and VPN security appliances
Firewall and VPN security appliances combine both software and hardware into a single hardware-based device to offer confidentiality, integrity and availability of corporate networks. The hardware components of the appliance are also carefully selected and optimized to ensure a level of performance and reliability.
Unified Threat Management (UTM) solutions are commonly delivered as appliances. UTMs integrate multiple security features in a single, centrally managed security solution. UTM products integrate firewall, VPN, anti-virus, and intrusion prevention technologies.
Enterprise solutions
UTM-1 product family: UTM-1 is a line of unified threat management appliances designed for medium-sized businesses and enterprise regional sites, which have single or multiple sites. UTM-1 integrates firewall, VPN, anti-virus, intrusion prevention and Web filtering capabilities into a single appliance with centralized management of all security functions. UTM-1 appliances come in multiple models to meet the needs of a range of mid-sized businesses and branch office locations.
VPN-1 UTM Edge product family: VPN-1 UTM Edge appliances deliver secure connectivity for remote sites such as branch offices, retail stores and partner sites. VPN-1 UTM Edge integrates firewall, VPN, intrusion prevention and anti-virus capabilities with high availability and advanced routing features. VPN-1 UTM Edge appliances are available in wired and wireless models.
Solutions for small businesses and consumers
Safe@Office product family: Safe@Office is a unified threat management appliance for small business. Safe@Office provides integrated firewall, VPN, intrusion prevention, anti-virus, anti-spam and URL filtering capabilities. Safe@Office appliances can be managed locally using a Web browser, or centrally by a Managed Service Provider (MSP) using the Security Management Portal (SMP) described below. Safe@Office appliances are available in wired and wireless models.
ZoneAlarm Secure Wireless Router: ZoneAlarm Secure Wireless Router is a unified threat management appliance for home networks. It provides integrated firewall, VPN, intrusion prevention, anti-virus, secure remote control, secure wireless communications and parental control capabilities.
Dedicated security gateways
Secure remote access: Distributed businesses need a flexible remote access solution available to users when and where they want it. At the same time, the necessary security controls must be provided to ensure information confidentiality. Secure remote access solutions enable organizations to provide remote users, or teleworkers, with access to enterprise information resources.
Connectra and SSL Network Extender product families: Connectra and SSL Network Extender allow remote users, such as teleworkers and business partners, to connect to an organization’s network resources and applications, through SSL VPN (Secure Socket Layer VPN) remote access, using any Web browser and without installing client software. Connectra is available as an appliance or as software for open servers. SSL Network Extender is sold as an add-on to VPN-1 Power and VPN-1 UTM and is integrated with the Connectra gateways.
Intrusion detection and prevention
Intrusion Detection and Prevention Systems (IDS/IPS) detects and blocks attacks that are designed to break into, disrupt or destroy network computer systems. IDS/IPS systems protect computer systems by monitoring and inspecting network traffic and ensuring that any traffic identified as suspicious or malicious is blocked or appropriately identified and logged for future forensic analysis and reporting.
IPS-1 and InterSpect product families: IPS-1 and InterSpect are dedicated intrusion prevention appliances. They monitor network traffic and apply rules to block malicious activity while enabling normal operations and legitimate traffic. IPS-1 can be deployed both at the network perimeter and inside the corporate network to employ enforcement of both perimeter and internal network security policies. Both IPS-1 and InterSpect can be centrally managed.
Endpoint security
The company’s endpoint security solutions address the risks that hackers, worms, spyware and other threats pose to the internal and remote computers that access the network. Its solutions provide centralized management for control of endpoint security, and policy-based enforcement.
Enterprise solutions
Integrity product family: The company’s Integrity products enable enterprises to enforce security policy on desktop and laptop computers used across the organization. Integrity helps enforce security policies by enabling administrators to control which computer applications can be used on the network, screening inbound and outbound traffic for malicious content, detecting and removing spyware, and securing instant messaging use. Integrity also helps ensure that all computers in the network are running the latest anti-virus software, or have the latest security patches installed before they connect to the network. Integrity is controlled from a centralized management console.
SecureClient product family: SecureClient products work with the company’s VPN gateways to extend secure remote access to end users, from laptops and mobile devices, by encrypting and authenticating data to protect against eavesdropping and data tampering.
Solutions for small businesses and consumers
ZoneAlarm product family: ZoneAlarm Security Suite is a Internet security solution for small businesses and consumers. It integrates personal firewall, anti-virus and anti-spyware capabilities, SmartDefense update service, ID and privacy protection, email security, anti-phishing and anti-spam, instant messaging protection and wireless computer protection.
Data Security
Protect Data expands the company’s product offering for data security in three areas:
Pointsec PC disk encryption product family: Pointsec PC disk encryption employs user authentication to ensure that only authorized parties can access data stored on the hard disk of a computing device, and encrypts all information to ensure that lost or stolen data cannot be used.
Pointsec for mobile devices product family: Pointsec for mobile devices provides disk encryption for mobile devices with Microsoft Windows Mobile, Symbian or PalmOS operating systems.
Pointsec removable media product family: Pointsec removable media solutions include port protection that controls the use of all communication ports (interfaces for connecting external devices to a computer) to prevent sensitive data transfer to USB or other memory devices, or unauthorized distribution of data. It also includes encryption of removable storage media, such as external hard drives, memory cards, rewriteable CDs, DVDs and flash drives, files and folders and e-mail in transit (including e-mail attachments).
Security management
The company offers a variety of products based on Security Management Architecture (SMART), which enables centralized policy configuration, monitoring, logging and reporting.
Enterprise solutions: SmartCenter product family: SmartCenter is the company’s main security management solution, providing a single console for centrally managing security, VPN and network policies and end-user activity. SmartCenter also provides centralized management and distribution of new defenses, software updates and licenses.
Eventia product family: Eventia product family is a set of comprehensive security event management solutions that provides centralized, real-time correlation of security information from multi-vendor devices in order to help security administrators respond quickly and decisively to security events. Eventia also provides centralized reporting tools on network utilization, security events and user activity, and consolidates the data into predefined reports with customizable filters.
Solutions for large enterprises, service providers and telecommunication operators
Provider-1: Provider-1 is a security management product designed for service providers and large enterprises. It centralizes and simplifies the management of security policies for various users. With Provider-1 security policies can be applied to all gateways or modified to meet the needs of individual customers.
Security Management Portal (SMP): SMP is a security management product that is designed for service providers who provide managed security services for small businesses, and for enterprise IT departments that remotely manage security for their remote or branch locations. SMP enables management of Safe@Office gateways through a Web-based user interface.
Services and Subscription
Enterprise programs
Enterprise Based Support (EBS): The company’s EBS program offers customers software subscription and support for their entire installed base of Check Point products. Its EBS program provides software updates, major software upgrades, and the product enhancements, that enable customers to keep pace with evolving threats. In addition, the program entitles customers for online self-service support tools.
Collaborative Enterprise Support (CES): CES program offers customers software subscription and a collaborative support provided by local certified partners. The local partner provides first-line support in the customer’s language with an intimate understanding of the customer’s environment and support needs. If additional support is required, a collaborative second line support is provided by the local certified partner and Check Point, with a variety of support levels. In addition, the program entitles customers with access to online self-service support tools.
SmartDefense Services: SmartDefense is a subscription-based service that provides real-time security defense updates, advisories and recommendations for security administrators. SmartDefense updates add new capabilities to the company’s products, such as updating anti-virus signature files or providing protection against newly discovered software vulnerability.
Programs for large enterprises, service providers and telecommunication operators
Diamond Support: The company’s Diamond Support is a level and personalized support program designed for customers with a base of Check Point products. Under this program, the company assigns a senior technical support engineer, who is committed to each customer and managing all of its support aspects. In addition, it offers Diamond Support customers with a support stuff for shorten response and resolution time, on-site assistance and consulting and a periodical proactive support, analysis and recommendation to identify and avoid potential problems.
Programs for small businesses and consumers
ZoneAlarm Update and Support Subscription: ZoneAlarm Update and Support Subscription provides real-time recommendations to end users on which programs should be allowed to run on an endpoint computer, based on a knowledgebase of various programs that have been classified as either good or bad.
Strategic Relationships
The company has strategic relationships with various hardware partners that include server, workstation, appliance and networking vendors. These include Crossbeam Systems Inc., Dell Inc., Hewlett-Packard Co., International Business Machines Corporation (IBM), Nokia Corporation, Nortel Networks Corp., Siemens AG and Sun Microsystems Inc.
Competition
The company’s main competitors include Cisco Systems, Inc.; Fortinet Inc.; Juniper Networks, Inc.; Secure Computing Corporation; SonicWALL Inc.; and WatchGuard Technologies Inc. It also competes with other companies, including McAfee, Inc.; Microsoft Corporation; and Symantec Corporation. The company, with respect to specific products, competes with Protect Data AB.
History
Check Point Software Technologies, Ltd. was founded in 1993.
