This month we’re highlighting two capabilities that can significantly improve how you review, validate, and govern security policy.

1) Policy Insights

What it is

Policy Insights analyzes your Access Control policy together with real traffic patterns and provides recommendations focused on security hardening and tightening the policy.

The Suggestions panel helps you focus on changes with the highest security impact. The main suggestion types include:

• Replace existing objects - Identifies overly broad networks, groups, or objects and suggests replacing them with narrower, more precise objects, based on actual traffic usage - in order to reduce exposure and strengthen security. 
• Remove unmatched objects - Highlights objects that are not used in practice and may represent unnecessary risk.
• Delete disabled rules - Cleans up rules that are already inactive.
• Disable unmatched rules - Identifies rules that do not match real traffic, allowing controlled tightening of the policy.

Use cases

• Policy hardening: Replace broad networks and groups with more restrictive definitions to tighten access.
• Attack surface reduction: Identify and eliminate excessive permissions accumulated over time.
• Security reviews: Detect weak points in the policy before audits or major changes.
• Continuous improvement: Use traffic-based security recommendations as part of ongoing policy governance.

Why you’ll love it 💛

• 100% security-focused: Recommendations are driven by security posture.
• Based on real traffic: Decisions rely on actual usage, not assumptions.
• Zero Trust - oriented: Helps move toward minimal, precise access over time.
• Actionable recommendations: Not just reports - concrete guidance on what to fix and why.

2) Policy Auditor

What it is

Policy Auditor is currently available as Early Availability (EA).
It helps validate that your Access Control policy aligns with defined organizational security guidelines, using a clear and intuitive From / To guideline matrix.

The matrix allows you to:

• Define intended access between logical zones (for example: DMZ → Lab, Lab → Prod).
• See how many rules match and how many violate each guideline.
• Drill down directly from a guideline cell to the relevant policy rules.

Use cases

• Segmentation validation: Confirm that zone-to-zone access follows the intended design.
• Guided audits: Produce an executive-friendly compliance view for internal reviews and audits.
• Post-consolidation reviews: Validate policy behavior after environments or rulebases are merged.
• Ongoing governance: Prevent policy drift by continuously validating against defined intent.

Why you’ll love it 💛

• lntent-based visibility: Understand policy behavior at a high level, not rule by rule.
• Fast gap detection: Violations are immediately visible - and easy to trace back to rules.
• Better collaboration: Easier to discuss policy intent with non-policy experts (management, auditors, governance teams).

Availability note
Policy Auditor is not GA yet and is currently in Early Availability (EA).
For access or questions, please contact: Erankov@checkpoint.com 

Package note – Quantum Management Complete

Policy Insights and Policy Auditor are part of the Quantum Management Complete package.

The Complete package includes multiple advanced capabilities, such as:

Full package details: 
https://www.checkpoint.com/quantum/ai-unified-security-management/

Feedback / Questions

We’ll keep sharing new spotlights every few weeks - and we’d love to include your ideas.
📬 Got feedback, customer inputs, or feature requests?
Email us at QuantumMgmt-Feedback@checkpoint.com.