Virtual Private Networks are only one component of an organization's
overall network security strategy. An effective security solution
must provide the ability to define VPNs within a single, enterprise-wide
security policy that can be distributed and managed from one
central console. An extensible VPN solution must also be easy
to deploy and manage as the number of users grows.
 Intuitive
User Interface
Centralized
Management
SecureUpdate
One-Click
VPNs
Integrated
Certificate Authority
Intuitive
User Interface
The Check Point Management Console is an sophisticated yet simple
graphical user interface for defining and managing multiple
elements of a Secure Virtual Network: firewall security, VPNs,
network address translation, desktop security and QoS policy.
All object definitions (e.g. users, hosts, networks, and
services) are shared among all applications for efficient policy
creation and security management.
The Visual
Policy Editor is the industry's only security policy
visualization tool that provides a detailed, graphical map of
an organization's security deployment. The Visual Policy Editor
provides greater control, improved security and unparalleled
ease-of-use by allowing security managers to validate the integrity
of their security policy prior to deployment.
Centralized
Management
VPN-1 implementations are integrated into an overall enterprise
security policy for VPN deployments with maximum security.
With a unique three-tier architecture, a single enterprise-wide
security policy can be managed centrally and automatically
deployed to an unlimited number of VPN-1/FireWall-1 enforcement
points. Once a policy has been created or modified, it is
automatically and simultaneously distributed to all security
enforcement points. Centralized policy management dramatically
increases management efficiency when compared to solutions
that require either multiple management interfaces or per-device
policy installation. Furthermore, overall security is strengthened
because the policy is always up-to-date at all network enforcement
points.
SecureUpdate
In addition to security policies, Check Point VPN-1 solutions
can also provide centralized management for software applications
and updates for Check Point and OPSEC Certified products, as
well as for product licenses, with the SecureUpdate module.
This powerful management tool ensures that Internet security
throughout the enterprise network is always up to date.
One-Click
VPNs
With One-Click VPNs, large-scale VPNs can be created
with a single operation. Using VPN communities, organizations
can define the security parameters for an entire VPN, such as
an intranet or extranet, in one step. By simply defining all
VPN-1 Gateways in a community, VPNs are automatically established
between all gateways. This eliminates the need to define VPN
parameters between each pair of communicating VPN locations.
As new sites are added to the community, they automatically
inherit the appropriate properties and can immediately establish
secure IPSec/IKE sessions with the rest of the VPN community.
Integrated
Certificate Authority
Check Point VPN-1 Solutions now include an Internal Certificate
Authority, enabling organizations wishing to use digital certificates
to authenticate participants in an IPSec/IKE VPN to do so out-of-the-box.
These internal certificates are automatically issued to all
Check Point management and enforcement points for both intra-module
and site-to-site VPN communications. The One-Click Certificates
which are used by administrators and VPN-1 SecureClient users
are also issued by the Internal Certificate Authority.
|
