cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Admin
Admin

Nominations for Check Point Infinity Feature of the Year

As part of our First Birthday celebration, we are having an awards ceremony.

For awards, you need categories and voting!

Over the course of this week, we will share some of the categories and solicit nominations for said categories.

Find the complete list of categories here: https://community.checkpoint.com/community/about-checkmates/blog/2018/05/08/checkmates-first-birthda... 

 

This category is specific to existing Check Point Infinity features.

Specifically, which is your favorite one and why?

Instructions:

  • Please post your favorite feature in Check Point Infinity along with a brief explanation why. 
  • Alternatively, you can email your favorite feature and why to checkmates@checkpoint.com
  • Everyone (customers, partners, employees) is welcome to participate in this!
  • "Likes" and "discussion" around specific features are encouraged and will influence (but not determine) the final list, which will be posted for voting in the coming days.

Voting

Voting is now open for the above categories.

We will take your votes until 25th May 2018 @ 11:59pm Pacific Daylight Time. 

A vote will enter you into a raffle for a Check Point 1490 Appliance!

11 Replies
Admin
Admin

Re: Nominations for Check Point Infinity Feature of the Year

Threat Extraction 

Why- A simple yet very effective solution to proactively fight the most prevalant malware from entering your network, (almost) zero performance penalty, and it also helped Check Point to achieve 100% prevention rate in NSS Labs Breach Prevention test with only gateways whereas other vendors achieved inferior results and had to do it with agents on endpoint as well.

#RealTimePreventionThatWorks

Another idea, "Zero Phishing"- part of SandBlast Agent browser add-on, saved my butt multiple times from entering my credentials to the "wrong" site.

Re: Nominations for Check Point Infinity Feature of the Year

The ability to rollback IPS updates cleanly.  Many a pre-R80 implementation required increasingly brutal levels of copying back known-good config files, restoring backups, or other nasty contortions trying to recover from a botched IPS signature update. Even restoring a database revision was not guaranteed to fix it.

Had a customer doing an R80 management EA and an IPS update went sideways, held my breath and rolled it back to the prior known-good one expecting a long night of restoring all kinds of files...and the rollback function worked!

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
Kim_Moberg
Silver

Re: Nominations for Check Point Infinity Feature of the Year

I would say the R80.10 SmartEvent rebrand of Smartlog. That you make a one system to rule it all.

I am having a lot of expectation towards R80.20 to correlate logs fro endpoint mgmt server into log server, but also that it included new kernel version 3.10. to support newer hardware. 

Best Regards
Kim
Admin
Admin

Re: Nominations for Check Point Infinity Feature of the Year

For me, it's the API.

I mean, we wouldn't have half the cool stuff in Developers (Code Hub)‌ without it!

Kim_Moberg
Silver

Re: Nominations for Check Point Infinity Feature of the Year

So true.. after your automation setup in AWS the API interface have given a lot of new possibilites. 

After you and Robert Decker  help me get started with the API interface I have been a great fan of it.

Best Regards
Kim
0 Kudos

Re: Nominations for Check Point Infinity Feature of the Year

Access Control Layers –

Why? Layers can be viewed as a unique and powerful tool that really renovates the security rule base.
Some useful scenarios: 

  1. Arrange an otherwise large and flat rule base according to network/security segments and/or security functions
  2. Assign different admins to different layers – one example is automation: Grant the automation user write access privileges just for a specific sub layer; sub-layer parent rule controls which workload/network-segment will match sub-layer. This way the automation process is scoped and cannot impact other workloads/network segments (no impact on the rest of the rule base)
  3. Use sub-layers as a tool to simplify the way exceptions on Accept/Drop rules are arranged
  4. Generate rules with higher granularity (logical ‘AND’ between different types of objects, etc.)
  5. Add a black list that runs “in parallel” to the rule base

Re: Nominations for Check Point Infinity Feature of the Year

inspecting file types and sensitive contents within the unified access control policy and blocking / reporting about it with the Content Awareness blade.

Highlighted
Astardzhiev
Nickel

Re: Nominations for Check Point Infinity Feature of the Year

I cannot choose only one...
- API

- Inline layers

- Unified control policy

0 Kudos

Re: Nominations for Check Point Infinity Feature of the Year

So many great solutions

CloudGuard SaaS

Sandblast Mobile

API

Smart-Event 

0 Kudos

Re: Nominations for Check Point Infinity Feature of the Year

I would say all of the R80.10 performance improvements to allow for most traffic to be handled in SecureXL now. Possibly more specifically, the ability for dynamic domain objects to be used without crushing the Gateway's performance! With so much content living on CDN's now, this change has been a HUGE improvement. No more cat + mouse games every time a website's IP address changes!

Admin
Admin

Re: Nominations for Check Point Infinity Feature of the Year

Thanks for your suggestions, all.

Voting is now open for this and the other categories in our Birthday Celebration.

We will take your votes until 25th May 2018 @ 11:59pm Pacific Daylight Time. 

A vote will enter you into a raffle for a Check Point 1490 Appliance!

0 Kudos