Software Blade Architecture
The Check Point Software Blade Architecture supports a complete and increasing selection of Software Blades, each delivering a modular security gateway or security management function. Because Software Blades are modular and moveable, Software Blades enable users to efficiently and quickly tailor Security Gateway and Management functionality to specific and changing security needs. New blades are quickly licensed as needed without the addition of new hardware.
With Check Point's introduction of its Software Blade Architecture, a new security revolution has begun.
Security environments become more complex as companies of all sizes defend themselves against new and varied threats. With these new threats come new security solutions, new vendors, costly new hardware, and increasing complexity. As IT comes under increasing pressure to do more with existing hardware and human resources, this approach becomes increasingly unacceptable.
Check Point's Software Blade architecture offers a better way, enabling organisations to efficiently tailor targeted managed solutions that meet targeted business security needs. All solutions are centrally managed through a single console that reduces complexity and operational overhead. And as new threats emerge, Check Point's Software blade architecture quickly and flexibly expands services as needed without the addition of new hardware or management complexity.
The Check Point Software Blade architecture is the first and only security architecture that delivers total, flexible and manageable security to companies of any size. With this unprecedented capability, Check Point Software Blades deliver lower cost of ownership and cost-efficient protection that meet any network security need, today and in the future.
What is a software blade?
A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. And as needs evolve, additional blades can be quickly activated to extend security to an existing configuration within the same hardware foundation.
Key Benefits of the Check Point Software Blade Architecture
- Flexibility - Provides the right level of protection at the right level of investment
- Manageability - Enables fast deployment of security services. Increases productivity through centralised blade management.
- Total Security - Provides the right level of security, at all enforcement points, and at all layers of the network
- Lower TCO - Protects investment through consolidation and use of existing hardware infrastructure
- Guaranteed performance - Enables provisioning of resources that guarantee service levels
How are Check Point Software Blades deployed?
Software Blades can be deployed on Check Point UTM-1 and Power-1 appliances, open servers and within virtualized environments. New blades can be added simply enabling their functionality in software; no additional hardware, firmware or drivers are necessary. This enables organisations to deploy security dynamically, as needed, with lower total cost of deployment.
Building a security solution using Software Blades
Check Point's Software Blade Architecture enables customisation of tailored systems or quick selection of predefined turnkey solutions.
Tailoring a security gateway or security management solution:
Whether designing a solution for corporate headquarters, a data center or a branch office, creating a system takes just three easy steps:
Step 1: Choose a Security Management or Security Gateway Container
Step 2: Select needed Software Blades
Step 3: Configure and Deploy system
The result is a complete gateway or management system configured precisely to a specific business need.
Software Blade Containers
There are two varieties of Software Blade Containers; Security Gateway Containers and Security Management Containers. Each Software Blade container comes with all of the necessary services required to run the software blade environment along with the Check Point firewall blade which provides Check Point's patented and award-winning FireWall-1® technology.
There are 4 Security Gateway Containers and 3 Security Management Containers available:
| Security Gateway Containers: | ||
| Name | Cores | Environment |
| SG101 | 1 | Small Office |
| SG201 | 2 | Mid-sized Organisation |
| SG401 | 4 | High Performance |
| SG801 | 8 | Highest Performance |
| Security Management Containers: | ||
| Name | Gateways Managed | Environment |
| SM1000 | 10 | Small Companies |
| SM2500 | 25 | Mid-sized Companies |
| SMU000 | Unlimited | Large Enterprises |
Software Blade Container Features
| ||
Security Gateway Blades
- firewall - World's most proven firewall secures more than 200 applications, protocols and services featuring the most adaptive and intelligent inspection technology.
- IPsec VPN - Secure connectivity for offices and end users via sophisticated but easy to manage Site-to-Site VPN and flexible remote access.
- IPS - The highest performing integrated IPS solution with the industry's best threat coverage
- Web Security - Advanced protection for the entire Web environment featuring the strongest protection against buffer-overflow attacks.
- URL Filtering - Best-of-breed Web filtering covering more than 20 million URLs protects users and enterprises by restricting access to dangerous Web sites.
- Antivirus & Anti-Malware - Leading antivirus protection including heuristic virus analysis stops viruses, worms and other malware at the gateway
- anti-spam & Email Security - Multi-dimensional protection for the messaging infrastructure stops spam, protects servers and eliminates attacks through email.
- Advanced Networking - Adds dynamic routing, multicast support and Quality of Service (QOS) to security gateways.
- Acceleration & Clustering - Patented SecureXL and ClusterXL technologies provide wire speed packet inspection, high availability and load sharing.
- Voice over IP - Advanced connectivity and security features for VoIP deployments, featuring enhanced Rate Limiting protections, Far end NAT and inspection of SIP TLS.
Security Management Software Blades
- Network Policy Management - Comprehensive network security policy management for Check Point gateways and blades via SmartDashboard, a single, unified console
- Endpoint Policy Management - Centrally deploy, manage, monitor and enforce security policy for all endpoint devices across any sized organisation.
- Logging & Status - Comprehensive information in the form of logs and a complete visual picture of changes to gateways, tunnels, remove users and security activities
- Monitoring - A complete view of network and security performance, enabling fast response to changes in traffic patterns and security events.
- Management Portal - Extends a browser-based view of security policies to outside groups such as support staff while maintaining central policy control
- User Directory - Enables Check Point gateways to leverage LDAP-based user information stores, eliminating the risks associated with manually maintaining and synchronising redundant data stores.
- IPS Event Analysis - Complete IPS event management system providing situational visibility, easy to use forensic tools, and reporting.
- Provisioning - Provides centralised administration and provisioning of Check Point security devices via a single management console.
- Reporting - Turns vast amounts of security and network data into graphical, easy-to-understand reports.
- Event Correlation - Centralised, real-time security Event Correlation and management for Check Point and third-party devices.
