Professional Documents
Culture Documents
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 1
Understanding the NGTP Engine
Maintaining the IPS Profile
Obtaining Visibility
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 2
Introduction to Check Point IPS
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 3
Introduction to Check Point IPS
IPS Signature Update Mailing List
File Server in
Data Center
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 6
Introduction to Check Point IPS
• Looking at a Signature
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 7
Introduction to Check Point IPS
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 8
Integrating
the IPS
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 9
Integrating the Check Point IPS
Where to place the IPS functionality?
• Why?
̶ You want to limit...
̶ the resources used
̶ the protections enabled
̶ the number of possible events
̶ the risk of false positives and false negatives
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 10
Integrating the Check Point IPS
Update Service
Internet
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 11
Maintaining the IPS Policy
Detect Learn
Revise Decide
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 12
Create a Profile
Observe what is matching
Observe Performance Impact
Decide if what you see is what you expect
Revise the Profile Definitions
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 13
Protections and Profiles
• A Profile is
̶ Including a list of protections
̶ Applied to a gateway
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 14
Protections and Profiles
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 15
Protections and Profiles
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 16
Protections and Profiles
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 17
Protections and Profiles
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 18
IPS Updates
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 20
Protections for specific hosts
Web Intelligence
• HTTP Methods
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 21
Protections For Specific hosts
Application Intelligence
• Mail: POP3/IMAP
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 22
Monitoring
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 23
Monitoring and Performance Tuning
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 24
Monitoring and Performance Tuning
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 25
Monitoring and Performance Tuning
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 26
IPS Reporting
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 27
IPS Reporting using R80 SmartEvent
• Flexible Reporting
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 28
NSS Labs
NGIPS Results 2016
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 30
NSS Labs NGIPS 2016
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 31
NSS Labs NGIPS 2016
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 32
NSS Labs NGIPS 2016
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 33
NSS Labs NGIPS 2016
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 35
THANK YOU!
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 36