Organizations today need to know whether their security architecture is defined according to widely accepted best practices in order to identify policy and configuration weaknesses. Whilst this may seem obvious, research shows that 95% of security breaches have a misconfiguration component, and that 50% of threats could have been avoided if basic security controls were implemented. Yet the reality is, it is often not known what should be checked, and that even if this is known, the process of checking is a time consuming, complex and costly endeavor. The security change management process is further complicated by the fact that configuration and policy settings are in a constant state of flux with hundreds, if not thousands, of changes being applied each year.
The Check Point Compliance Software Blade leverages decades of security expertise and an extensive knowledge of Check Point products and security settings. The Compliance Blade continuously scans the policy and configuration settings defined within the Check Point software blades, security gateways and security management, highlighting all of the configuration weaknesses and errors, and making them available for remediation. Embedded within the Compliance Blade is a library of security best practices that allow organizations to monitor and compare the Check Point environment against vendor and security recommendations. Companies can also create their own personalized firewall policy best practices as part of the ongoing monitoring and analysis.
- Continually ensures that management, software blades, and security gateways are configured properly.
- Highlights poor configuration settings and security weaknesses.
- Provides actionable recommendations for security improvements.
- Simulates the security impact of configuration changes before installation.
- Instant notification on security policy changes negatively impacting security.
- Educates users on the broader impact of the desired change.