Check Point and its hardware partners -- Crossbeam, IBM and Nokia-- each submitted different hardware platforms for this test running a common application: Check Point’s VPN-1 software. Likewise, we used Check Point’s Smart Center management system, running on a dedicated server, to manage and monitor all four sets of gateways.
Editor’s note: This is a summary of our testing of this product, for a full rundown of how it fared in our testing across ten UTM categories, please see our full coverage.
Check Point and its hardware partners -- Crossbeam, IBM, and Nokia-- each submitted different hardware platforms for this test running a common application: Check Point’s VPN-1 software. Likewise, we used Check Point’s Smart Center management system, running on a dedicated server, to manage and monitor all four sets of gateways.
Since the late 1990s, Check Point has been a leader in the firewall market, largely because of its superior management application. Early out of the gate with the right security model and the right approach, Check Point has dominated the enterprise firewall space and done well for its customers by continuing to build VPN and deep inspection features into their products.
VPN features continue to be a tremendous strength for Check Point as well. Its remote access VPN capabilities are the most sophisticated of any of the firewalls UTM products we tested, and site-to-site VPNs are also easily managed and monitored. In fact, it’s our opinion that Check Point has almost no competition when it comes to the creation and control of very large and very complex site-to-site VPNs.
We looked the current version of VPN-1 software in two basic configurations: one integrated with Nokia’s IPSO operating system, and the other running on Check Point’s own Linux-derived Secure Platform operating system. VPN-1 is the same firewall in both cases, though Nokia’s Voyager management system for such features as high availability, dynamic routing and appliance management is more sophisticated and flexible than CheckPoint’s equivalent Web-based GUI.
In our testing, we found that Check Point has lost some of the innovation and creativity obvious in its earlier versions VPN-1 firewall. While the features we examined, antivirus and intrusion prevention, are fully present in the VPN-1 firewall, we didn’t find them aimed at enterprise network manager in either their configurability or controls.
For example, the IPS policy is applied on a per-firewall basis, rather than a per-rule one as within a firewall. The result is very little granularity. This might have been appropriate in early versions of Check Point’s SmartDefense IPS, but it isn’t going to fly at this level. Similarly, antivirus parameters are applied not per firewall, but uniformly across all firewalls that have the feature enabled — there is no easy way to have more granular controls.
Check Point has also not integrated the concept of zones — a common feature in many of the other UTM firewalls we tested — into the VPN-1 firewall. Therefore, creating a policy and/or managing a firewall that has many zones of control becomes difficult. Whether the company intends it or not, Check Point management capabilities and feature set really drive the security architect to implementing a lot of smaller UTM firewalls rather than one large one. Check Point’s VPN-1 remains a leader in the firewall space, but by a thinner margin than ever before.
Learn more about this topic
Buyer's Guide: Unified threat managementCheck Point introduces next top security certification
06/04/07Check Point releases multifunction security box for SMBs
“Wake up!” the good folks a Merriam-Webster just tweeted. “Sheeple is in the dictionary now.”
Wireless LAN users can’t just stay comfortable in the 5GHz realm – the older 2.4GHz frequency bands are...
A review of 18 companies that offer free cloud storage
Sponsored by Silver Peak
Sponsored by Aquantia
The legal fight between Apple and Qualcomm on licensing modem technology is turning uglier every day.
F5’s new President and CEO, Francois Locoh-Donou talks about his vision for the app delivery...
Companies of all sizes and types are rethinking not only how their employees work, but also where that...
Use cases in industries such as aeronautics and chemicals are a proving ground, and a roadmap to...