Sophos Firewall Vs Checkpoint BC

CONFIDENTIAL - SOPHOS INTERNAL AND CHANNEL PARTNERS ONLY - DO NOT REDISTRIBUTE
CONFIDENTIAL – SOPHOS INTERNAL AND CHANNEL PARTNERS ONLY - DO NOT REDISTRIBUTE
CHECK POINT FIREWALL BATTLECARD

Vendor Profile Product Description Sophos Equivalent
Check Point is a publicly held pure-play security 910, 1530, 1550, 1570, 1590,
company, founded in 1993. It is headquartered in Tel Quantum 3600, 3800, Spark 1600, Small business UTM platforms for retail, branch/remote offices, or home office. Sophos Firewalls
Aviv, Israel, with operations worldwide and more 1800, 1500
than 3,400 employees. As per IDC, Check Point has a Quantum 6200, 6400, 6600, 6700, NGFWs for medium and high-end corporate environments, distributed networks, and large corporate
UTM market share of about 10%. . Sophos Firewalls
6900 7000, 16200, 26000, 28000 central site environments.
https://www.checkpoint.com/ 44000 and 64000 appliances Chassis-based appliances for data centers, telecommunication, and cloud service providers. N/A
Competitor Strengths Competitor Weaknesses

• One of the largest pure-play security companies with the presence of over 20 years in the security market • Unintuitive and inconsistent management: Customers are forced to use multiple management consoles – ‘Gaia’ and
• Leaders in Gartner MQ for Enterprise FW along with Fortinet and PAN. ‘SmartConsole’ to configure a fully functional firewall
• 4th largest enterprise firewall market share as per IDC, high renewal rate and strong execution on its enterprise- • Not targeted at the SMB market in terms of price or management experience
focused roadmap • Lack of Security Heartbeat and Synchronized App Control: No significant integration of firewall and Harmony Endpoint
• Powerful malware protection offering with a cloud-based sandbox (Threat Emulation) with Threat Extraction (formerly known as SandBlast Agent) solution. This leaves gaps in both protection and visibility.
capability • Incomplete cloud-based central management: Check Point’s cloud-based Security Management Portal (SMP) does not
support all firewall models.
Why Sophos
Ease of configuration Focus Synchronized Security
Sophos firewalls can be configured and managed through a SINGLE Web Sophos is focused on providing simple yet powerful security solutions for mid- An industry first, Sophos Security Heartbeat enables Sophos Next-Gen Endpoint
Interface. The web UI is intuitive and logical so that admins can quickly get things market businesses. to share information and work with Sophos Next-Gen Firewall to deliver
done and solve problems. synchronized security and app control. In this way, Sophos shields network and
In comparison, Check Point sells primarily to large enterprises and does not have endpoints against advanced threats.
Unlike Sophos, Check Point firewalls require two different consoles ‘Gaia’ and a strong dedicated SMB channel of resellers. It assumes the customer has a
‘SmartConsole’ – to configure all the features in a Check Point firewall. security team who has the time and knowledge to manage the product. Check Point Harmony Endpoint (formerly known as SandBlast Agent) and Check
Point firewall do not communicate with each other and share health status like
Sophos products.
Watch Out For

Context-Aware Architecture Check Point Infinity Architecture Better Application Control
Check Point’s Context-Aware architecture with Core XL and Secure XL The architecture offers unified security management of different Check With over 7,000 application signatures, Check Point claims to have the highest
features offers one go parallel processing to ensure low latency and Point security components. It also offers SandBlast technology with real- application visibility in the industry. However, almost 40% of those are
software acceleration. time prevention capabilities across network, endpoint, mobile, and websites and not true applications. Besides, many of those application
cloud. The architecture also enables threat intelligence sharing, unified signatures are either client-specific or OS variants.
Sophos firewalls running on Xstream architecture use a single streaming DPI management of network, and integration with third-party vendors
engine that performs proxy-less scanning of all traffic for AV, IPS, and web through APIs. Sophos Firewall provides dynamic control on over 3,000 apps based on
threats, as well as app control and SSL Inspection (supporting TLS 1.3) and category, characteristic, technology, or risk threshold. Sophos Synchronized App
hence, offer superior performance. However, it is not equivalent to Sophos Synchronized Security. Also, the Control enables Sophos firewalls to use endpoint telemetry to automatically
SandBlast engine does not have deep learning capabilities like Sophos identify, classify and control custom, evasive, and generic network apps.
Sandstorm.
The information in this document is based on Sophos’s interpretation of data publicly available as of the date it was prepared. Other companies named in the document had no part in its preparation. The information contained in this comparison may be incomplete or inaccurate and is subject to
change. The information is intended for informational purposes only and is not intended to be relied upon in making any purchase decision. The information is provided "as is" without warranties of any kind either expressed or implied. This document is Sophos confidential information. Partners October 2021
may use only the most up-to-date version, and only if permitted by law in their Territory. Distribution to any third party other than a Sophos authorized partner is strictly prohibited.
Page 1 of 8
Copyright 2021 Sophos Group. All Rights Reserved.
Third-Party Views
Comments/ Tests Context/ Results
Check Point has been positioned in the Leaders quadrant of Gartner’s 2020 Magic
Quadrant for Enterprise Network Firewall. It is among the top 3 vendors in the industry. Sophos is placed as a strong Visionary in the same report. Gartner noted that “Sophos is ideal security
Gartner
However, Gartner cautioned about Check Point’s pricing, lack of native SD-WAN vendor for midsize organizations” with “a strong position in deployments among midsize enterprises”.
capabilities and tech support.
Feature Shoot-Out
Sophos Check Point See these Detailed Comparison sections for more info
Single UI to fully Configure the Firewall  × ‘Ease of Configuration’
All-in-one solution  × ‘Single box solution’
Simple Licensing  × ‘Simple Licensing’
Unified Policy Model  × ‘Unified Policy Model’
Granular Logging and Reporting  × ‘Logging and Reporting’
User Threat Quotient (UTQ)  × ‘User-level Insight’
Synchronized Security  × ‘Synchronized Security’
Synchronized App Control (using Endpoint telemetry)  × ‘Synchronized Security’
Page 2 of 8
Detailed Comparison
How Sophos does it How Check Point does it How we win
Xstream Architecture Xstream architecture is a streaming packet processing architecture that Check Point firewalls work on context-aware architecture. It
provides extreme levels of protection and performance. has a common streaming engine, parsers, and pattern matcher
to scan all traffic at once.
The new XGS Series appliances add a hardware layer to the Xstream • TLS1.3 inspection: Check Point’s R81 version supports
architecture: dedicated Xstream Flow Processors to improve performance TLS 1.3 inspection. However, it will be available only for
to support the visibility and protection you need. This includes: the appliance supporting User Space Firewall (USFW).
• SSL Inspection: A high-performance multi-core CPU powers TLS • Context-aware architecture: It works in two ways. First, it
decryption and deep packet inspection for ultimate threat offers context-aware inspection by focusing on relevant
protection. It delivers high-performance, high connection capacity content, and second, the content can be processed in
parallel using a common signature set.
support for TLS 1.3 and all modern cipher suites across all ports,
• Accelerated Path: Check Point’s equivalent to FastPath
protocols, and applications.
offers traffic offloading and accelerated performance
• DPI Engine: A single streaming DPI engine with proxy-less scanning throughput.
of all traffic for AV, IPS, web threats, app control, SSL Inspection as
well as deep learning and sandboxing powered by SophosLabs
Intelix
• Xstream Flow Processor: Intelligent offloading and acceleration of
SaaS, SD-WAN and cloud traffic such as VoIP, video, and other
trusted applications
• Flexibility: Sophos firewalls can control the traffic offloaded to the
FastPath via common VFP/NFP FastPath API and hence offer
superior performance. Also, the Xstream flow processor
specialized on network tasks and is programable through
software, this makes the hardware architecture more easily
adaptable for new/changed applications and functions in future
software iterations.
Single box solution Sophos Firewall includes the following features on a single appliance: Check Point doesn’t offer much in the way of free features. The An all-in-one solution, no hidden cost
• Application Control following features, which come free with Sophos Firewall,
• Malware Scanning requires separate licenses with Check Point: Ask: What would it mean if you could enable further
• Built-in free-of-cost reporting • User-based control requires ‘Identity Awareness additional features by simply adding a license?
• Web Application Firewall Software Blade’
Show: Built-in WAF templates, detailed reports
• Full Email Protection with SPX encryption • IPSec VPN requires ‘IPSec VPN Software Blade’
• Integrated Wi-Fi controller with the 802.11ac wireless access • Networking features like Dynamic Routing, QoS, Load
points Balancing, etc. require ‘Advanced Networking and
• Bandwidth Management Clustering Software Blade’
• High Availability • Full logging and reporting require the purchase of a
• DLP separate appliance called ‘Smart-1 Event Appliance’
These features are available on any Sophos Firewall, making it a true
security and reporting solution covering many aspects of network Moreover, the ‘Anti-Spam & Email Security Software Blade’ –
security. equivalent to our Email Protection subscription – doesn’t cover
Note: The Sophos Firewall XGS 87 does not support some advanced DLP and requires a separate license purchase i.e. ‘Data Loss
features like on-box reporting, dual AV scanning, WAF AV Prevention Software Blade’.
scanning and the email message transfer agent (MTA) functionality.
Page 3 of 8
Detailed Comparison
Ease-of-Configuration Manage through SINGLE Web Interface Requires multiple UIs to fully configure the Firewall Security made simple
Sophos Firewall is managed through an easy to use web UI that is: The vendor requires a customer to use two different Ask: Are additional subscriptions/licenses or appliances
• Focused on making powerful features easy to access and use. management consoles to fully configure the firewall: needed to fully configure the firewall?
• Intuitive and logical so that admins can quickly get things done and • Gaia – the on-box UI to manage Checkpoint firewall How many steps are required to do the most common
solve problems while making fewer mistakes. • SmartConsole – a software application to be installed on tasks, e.g. create firewall rules?
• You are never more than 3-clicks from anywhere, enabling quicker a server-grade computer or
How easy is it to update the solution?
access to the most frequently used configuration options. • Smart -1 Cloud – a cloud-based solution that includes
• Advanced troubleshooting tools in GUI (e.g., Packet Capture) web-based SmartConsole
Show: Control Center
• There is no need to learn CLI commands.
Gaia provides limited configuration
Control Center Offers Instant Insight and Control The on-box UI is limited to just a few configuration options like
A single-screen provides an at-a-glance feed of system performance, network management, system management, and
maintenance.
traffic patterns, alerts, and policies. Every widget is interactive, letting
you drill down into the detail and access the tools you need to take SmartConsole Limitations
action. • Windows only – No management using a Mac or Linux
machine
• SmartConsole installation requires server-grade
hardware on the destination machine
• Each login attempt requires minutes of waiting before
you can manage the firewall. The same for switching
between tabs, for example – switching from Firewall rule
page to IPS page
Unified Policy Model • Single page configuration for all security features: The Unified With R80, Check Point has introduced support for the unified Single page management for Web and App filtering policies, IPS and
Policy Interface brings all policies, whether firewall, web control, policy model. However, it is still in its infancy. QoS
app control or web server into one place. Therefore, no more
jumping between different areas of the admin workspace to • No single page configuration: Check Point firewalls do Ask: How much time and energy do you want to spend
not provide the option to create and enforce IPS, QoS configuring firewall policies and ensuring they are
create, manage or review policies correct?
and Malware scanning policies from the Firewall rule
• Built-in templates for common applications: Policy Templates for page
Microsoft Exchange or SharePoint assist quickly creating advanced • No built-in template: Check Point does not offer policy
policies while reducing the risk of misconfiguration templates for common business apps Show: Policy templates and natural language
• Easy troubleshooting: Natural Language policy descriptions • Lacks natural language description: leaving a new descriptions
explain policies in plain text makes troubleshooting very quick and administrator to manually figure out the objects used in
easy the firewall rule and the objective of the firewall rule.
This time-consuming process leads to higher
maintenance overhead.
Page 4 of 8
Detailed Comparison
Logging and Reporting On-Box Detailed Reporting Limited on-box logs and reports Complete visibility of your network
• Included in every license: Full, interactive reporting inside the Despite having a built-in HDD/SSD, Check Point does not offer
solution without the need to spend additional money on a much in the way of on-box logging and reporting options, with Ask: How much will it cost you for detailed reporting and
separate unit just a few local logs and reports that can be stored for fixed correlation of the reports?
lengths of time. Furthermore – only a few of the reports can be
drilled down for details. Show: Traffic Dashboard and Security Dashboard with
• Compatible and Extendable: Configure multiple external Syslog
drill-down
servers if required for further analysis and storage
• Sold separately: For detailed logs and reports, a Log Viewer from any page of Sophos Firewall Web UI
customer needs to purchase the SmartEvent license
• Live Log Viewer: Real-time visibility of network traffic with color-
/software ISO.
coding through Log Viewer available at the top of any screen
• Deploying/Managing SmartEvent is a tedious task: While
• Security Audit Reports (SAR): Complete assessment of potential
the management of SmartEvent can be integrated with
risks and issues in the network when Sophos Firewall is deployed
SmartConsole, it is a complex process, requiring
in TAP mode
additional IT expertise.
• Synchronized Applications Report: Historical reporting on all • No visibility of generic HTTP apps: Since Checkpoint
applications identified through the Synchronized App Control
does not have a feature equivalent to Sync Security, it
feature with details on the app classifications, users, hosts,
does not have a report like Synchronization Application
policies, and destination countries when Sophos Firewall is to provide visibility into custom, evasive and generic
deployed in TAP mode
network apps.
Cloud-based centralized reporting - Sophos Central Centralized reporting - Smart-1 Appliance
• Comes with a set of pre-packed reports Available in five hardware appliances.
• Offers tools to create custom reports
• Supports reporting schedules
• Allows uploading, filtering and searching of log files Cloud solution: Cloud version of Security Management Portal
• The free version comes with a week’s worth of storage. Additional (SMP) that also doubles as the management console, is not
available for all Check Point firewalls.
storage capacity licenses are available.
The other available solution is the Smart-1 Cloud that includes
a web-based SmartConsole. The Smart-1 Cloud application is
hosted on Check Point Infinity portal and hence requires an
Infinity Portal user account.
Smart-1 Cloud licensing is a bit rigid. It starts with the

management of 5 gateways with 200 GB of log storage to store
up to 5 GB of logs per day. You need to buy an additional
gateway or storage license if you want to manage more
appliances or want additional storage.
User-level Insight With User Threat Quotient (UTQ) customers can Check Point does not have a feature equivalent to UTQ. Complete visibility of risky users and activities in your network
• Gain visibility of risky users: Automatic correlation of each user’s
surfing habits and activities with advanced threat triggers Ask: How do you monitor network activities to help
pinpoint users with risk-prone behavior?
• Take corrective action: Fine-tuning policies based on readily
How much will it cost you for the visibility of risky users?
available information
Show: UTQ bubble diagram and drill down report to
point out risky user and activities
Page 5 of 8
Detailed Comparison
Synchronized Security Communication between the network firewall and endpoint Check Point does not offer product integrations equivalent to Enable communication between network firewall and endpoint
Security Heartbeat connects Sophos Next-Gen Endpoint clients to the Synchronized Security.
Sophos Firewall, creating a channel for real-time information sharing Ask: How confident are you that you do not currently have
between products. Customers that use both products gain: infected devices silently lurking within your network?
• Suspicious traffic: Endpoints with indicators of advanced threats
are immediately identified and blocked
How would the firewall know if an Endpoints AV is
• Compromised System Info: Clear identification of compromised
systems with the computer name, user and file path tampered with?
• Automatic isolation and remediation: Compromised endpoint and
automatic rejoining of endpoint after recovery Does your firewall have a way to provide visibility for
• Isolation of unverified endpoints: Traffic blocking to destination otherwise unclassified apps, such as those using generic
machines that do not have an active security heartbeat or lack a HTTP?
minimum required heartbeat
Synchronized App Control Show: User & Device Insights widget on Control Center
• Identify, classify and control unknown applications that don’t have How would the firewall know if the endpoints are
signatures or use generic HTTP or HTTPS connections infected?
• Get visibility of such applications through SAR reports
Lateral Movement Protection
• Enable each endpoint to be isolated in response to an attack or
threat – regardless of the network topology
Branch Office Protection SD-RED – zero-touch deployment devices Check Point does not have an equivalent solution to the SD- Effortless extension of HQ network security to BO
Simply connect the SD-RED device to the Internet in a remote office and RED device. This results in additional cost and requires
a secure connection will be established - no technical expert skills additional IT expertise. Ask: How do you currently connect remote branch offices?
required on-site. How do you make sure they are as secure as your main
Remember: Many businesses, especially SMBs, do not have office?
technical staff in remote offices. What technical resources do you have available on-site to
manage security?
Email Protection Sophos Firewall is an all-in-one Email Encryption, DLP, Anti-spam, and AV Check Point provides only spam filtering and malware In-built comprehensive email security
protection solution in a very affordable and easy to deploy package. protection as part of its Email security offering in the UTM. It
does not offer: Ask: How much will it cost you to have complete email
Key features: • on-box live AV look-ups security?
• built-in Email encryption feature
• MTA mode: Integrated message transfer deployment ensures
• built-in outbound antispam
always-on email continuity, allowing the firewall to automatically
• full DLP without a separate ‘'Check Point DLP Software
queue mail in the event servers become unavailable. Blade'’ subscription – it is not free
• Anti-spam: Scans incoming and outgoing emails to protect from • Smart Host outbound relay
the latest spam campaigns, phishing attacks, and malicious • Greylisting
attachments.
• SPX Email Encryption: Unique to Sophos, SPX makes it easy to
send encrypted email to anyone, even those without any kind of
trust infrastructure using our patent-pending password-based
encryption technology.
• DLP Engine: Policy-based DLP can automatically trigger encryption
or block/notify based on the presence of sensitive data in emails
leaving the organization.
• Smart Host Outbound Relay: Allows re-routing of email via an
alternate set of servers (a smart host), rather than directly to the
recipient's server. Useful in environments that are more complex
and where email is not directly routed via the Sophos gateway.
• Greylisting – Block more spam at the gateway: Sophos Firewall
temporarily rejects an email from the unrecognized mail server. On
the next attempt, the message is accepted and scanned as usual. If
a server passes this test enough times, it is added to the whitelist.
Page 6 of 8
Detailed Comparison
Wireless Protection Integrated Wireless protection in Check Point is limited to units with built- Secure and reliable wireless access all over the office
Wi-Fi management is fully integrated into the Sophos Firewall console. in wireless.
Choose from a range of devices with integrated wireless i.e. XGS 87(w), Show: Plug-and-play deployment of Sophos access
XGS 107(w), XGS 116(w), XGS 126(w) and XGS 136(w). Compared to Sophos, it lacks: points (APs). No local configuration of APs required.
• Built-in wireless controller on non-Wi-Fi devices
Ask: How do you make sure your wireless networks have
Adding Access Points (AP) with Minimal Configuration • Wireless access points (APs)
the same security policies and protection as the main
With Sophos Firewall you simply plug-in an AP to the network and it will • Support for 802.11r (fast transition) corporate network?
automatically be listed in the firewall, ready to be managed. The APs • Wireless guest Internet access with walled garden
plugged into remote networks connected through SD-RED are also options
managed through the firewall. • Rogue AP detection
Voucher System for Guests

Built-in voucher system for guest Wi-Fi access comes at no extra cost and
saves customers time and money.
Web Server Protection Web Application Firewall (WAF) Check Point does not have a full-featured WAF. Fully loaded WAF
Sophos Firewall is unique in offering a built-in WAF:
• Built-in: No additional hardware or software required Ask: What services do you publish to the web and how
• Policy Templates: It comes with pre-defined policy templates for will you protect them?
common business apps like Microsoft Exchange or SharePoint How much does it cost you?
• Secure: Static URL hardening prevents hackers from manually Do you want to maintain multiple solutions to achieve
constructing “deep-links” that lead to unauthorized access your security needs?
• AV Scanning: The built-in AV scanner can check all traffic.
• Reverse Authentication: (offloading) for form-based and basic Show: Built-in templates for common business
authentication for server access. applications
Central Management Sophos Firewall Manager Smart -1 Security Management Appliance Free central management for smaller deployments
• Free Central Management: The virtual Sophos Firewall Manager • Sold separately: Check Point security management
comes free of charge to Sophos partners and allows end appliances do not offer any free management. They are Ask: Do you have 5 or fewer appliances? How much do
customers to manage up to five devices free. not available in virtual form and there is no free version. you pay to manage them from a central console?
• Software Appliance: Available as software to be installed on the
standard hardware. This means you can use existing or tailor new • Hardware Appliance: Available in six models.
hardware to your requirements.
• Software version: On-Premise Security Management
Portal (SMP) available as software can manage up to
Sophos Central (a cloud-based service for customers and partners)
5000 Check Point appliances.
• Single pane of glass management: Manages Sophos firewalls,
Intercept X, Endpoint, Web, Mobile, Server, Wireless, Encryption,
• Cloud solution: Cloud version of the Security
and Email from a single console
Management Portal (SMP) is not available for all Check
• Full access to firewall UI: Sophos Central offers secure access to
Point firewalls. Moreover, it does not have feature parity
firewall’s local management UI, in an embedded experience. It with Security Management Appliance.
offers features like Zero Touch Provisioning, firewall group
management, configuration synchronization, backup and firmware
management, and reporting. The other available solution is the Smart-1 Cloud, hosted
on Check Point Infinity Portal and includes web-based
• No additional cost: Sophos Central is included with Sophos
SmartConsole. However, the Smart-1 Cloud does not
Firewall running v18 and newer firmware. It does not require a
come free with the Check Point firewall purchase and
separate license/subscription.
the licensing is a bit rigid. It starts with the management
of 5 gateways with 200 GB of log storage to store up to 5
GB of logs per day. You need to buy an additional
gateway and storage license if you want to manage more
appliances or want additional storage.
Page 7 of 8
Detailed Comparison
User Portal Self-Service Security Management for Users Check Point does not provide a user portal. Everything is Self-service security management for users
Through the UTM User Portal, users can configured and deployed by the administrator.
• Manage their own email quarantine Ask: What would it mean to you if users could manage
• View applied Internet usage policy as well as surfing usage their remote access/email/password resets without
information having to contact IT?
• Reset passwords
• Download Sophos Authentication Agent (SAA)
• Download remote access client software and configuration files
• Access HTML5 VPN portal to open clientless VPN connections to
predefined hosts using predefined services
• View Hotspot access information
SD-WAN Sophos Firewall includes the SD-WAN features and capabilities most No built-in SD-WAN capabilities: A simple solution for key requirements
organizations need to achieve their desired goals. These include Check Point relies on partnership with some pure-play SD-
vendors. It partners with Velocloud, Cisco, and Silverpeak for Ask: Do you want to invest in two different solutions,
• Multiple WAN link options with MPLS (ethernet handoff), VDSL, and SD-WAN capabilities. This list extends to Versa, Aryaka, one for security and the other for SD-WAN?
CloudGenix, Citrix, and Microsoft.
LTE cellular with essential monitoring, balancing, and failover ·
• Branch office SD-WAN connectivity with SD-RED zero-touch How do you ensure Security with SD-WAN?
deployment devices ·
• VPN support for IPSec, SSL, RED secure L2 w/routing, and a central
multi-site VPN orchestration·
• Application control and visibility with Synchronized App Control,
and cloud app visibility with live connection monitoring and
bandwidth utilization and support for major cloud applications ·
• Application routing over preferred links via firewall rules or policy-
based routing
Synchronized SD-WAN a unique Sophos Synchronized Security feature,
offers additional benefits with SD-WAN application routing. It
• enhances application visibility by leveraging Synchronized
Application Control information shared between Sophos-managed
endpoints and Sophos Firewall. This includes all network
applications, including evasive, encrypted, obscure and custom
applications.
• builds firewall policies by adding previously unidentified
applications to SD-WAN routing policies.
Page 8 of 8

Sophos Firewall Vs Checkpoint BC

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sophos Firewall Vs Checkpoint BC

Uploaded by

Copyright:

Available Formats

CONFIDENTIAL - SOPHOS INTERNAL AND CHANNEL PARTNERS ONLY - DO NOT REDISTRIBUTE

CONFIDENTIAL – SOPHOS INTERNAL AND CHANNEL PARTNERS ONLY - DO NOT REDISTRIBUTE

CHECK POINT FIREWALL BATTLECARD

Competitor Strengths Competitor Weaknesses

Watch Out For

All-in-one solution  × ‘Single box solution’

Simple Licensing  × ‘Simple Licensing’

Unified Policy Model  × ‘Unified Policy Model’

Granular Logging and Reporting  × ‘Logging and Reporting’

User Threat Quotient (UTQ)  × ‘User-level Insight’

Synchronized Security  × ‘Synchronized Security’

Synchronized App Control (using Endpoint telemetry)  × ‘Synchronized Security’

Smart-1 Cloud licensing is a bit rigid. It starts with the

Voucher System for Guests

You might also like