Академический Документы
Профессиональный Документы
Культура Документы
Management
Check Point security management
solutions provide unified policy
management, monitoring, and
analysis.
but also isolates and prioritizes real security threats. These threats may not have the most critical threats
been otherwise detected when viewed in isolation per device, but pattern anoma- n Provides ease of deployment
lies appear when data is correlated over time. With Eventia Analyzer, security and use for low TCO
teams no longer need to comb through the massive amount of data generated by n Addresses regulatory compliance
the devices in their environment. Instead, they can focus on deploying resources requirements
versus the threats that pose the greatest risk to their businesses.
rity staffers can also easily create their own events using a wizard or
C
• Monitoring
• Event management
• Threat mitigation predefined event to fine-tune the system to their particular needs.
• Events reporting
• Check Point Enforcement Points
Events are then further analyzed and severity levels assigned.
Eventia Analyzer provides a large number of predefined events and a Based on the severity level, an automatic action may be triggered
wizard for quick event customization. at this point to stop the harmful activity immediately at the gate-
way. As new information flows in, severity levels can be adjusted
to adapt to changing conditions.
EASY DEPLOYMENT
Eventia Analyzer interfaces with existing SmartCenter™ and
Provider-1® log servers, eliminating the need to configure each
device log server separately for log collection and analysis. All
objects defined in SmartCenter or Provider-1 are automatically
accessed and used by the Eventia Analyzer server for event
policy definition and enforcement. In addition, this tight integra-
tion enables Eventia Analyzer to automatically learn the network’s
topology and detect correlated events that are sensitive to
topological parameters.
EASY MAINTENANCE
The capability of Eventia Analyzer to drill down on a specific event Once installed on the network, Eventia Analyzer has a learning
lets it detect threats that other solutions might not discover. mode to baseline the normal activity pattern for a given site and
suggest policy changes for fine-tuning the system. Easy-to-use
SCALABLE, DISTRIBUTED ARCHITECTURE event wizards provide users greater flexibility in customizing
Eventia Analyzer delivers a flexible, scalable platform capable events to suit their particular environments. The ease of installa-
of managing millions of logs per day per correlation unit in large tion and maintenance enables customers to leverage existing IT/
enterprise networks. Through its distributed architecture, Eventia security staff.
Analyzer can be installed on a single server but has the flexibility
to spread its processing load across multiple correlation units. Technical Specifications
Platforms Linux, SecurePlatform™, Solaris, Windows
CENTRALIZED EVENT CORRELATION Device/OS support 3Com firewall, Apache Web server, Cisco PIX
Eventia Analyzer provides centralized event correlation and and IDS, Cisco router, Connectra, freeBSD OS,
FireWall-1 GX, Check Point Endpoint Security,
management for all Check Point products—as well as third-party Intrushield, ISS RealSecure, Kaspersky Antivirus,
devices such as firewalls, routers, switches, operating systems, Linux OS, NetContinuum, NetScreen, Sendmail,
mail servers, Web servers, intrusion detection systems, and Snort IDS, Solaris OS, Symantec Antivirus, Tipping
Point SMS, Trend Micro Antivirus, UTM-1™,
antivirus applications. Raw log data is collected via secure con- VPN-1® Power™, VPN-1 SecureClient™, VPN-1
nections from Check Point and third-party devices by Eventia UTM, Windows OS
Analyzer correlation units where it is centrally aggregated, normal- Check Point NG and NGX versions
ized, correlated, and analyzed. Third-party device logs can be version support
easily converted into Check Point format by the patent-pending
Worldwide Headquarters
5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.com
contact check point U.S. Headquarters
800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. Check Point, Check Point Endpoint Security, the Check Point logo, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite,
FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, NG, NGX, Provider-1, PURE Security, the puresecurity logo, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, SmartCenter
UTM, UTM-1, UTM-1 Edge, UTM-1 Edge Industrial, UTM-1 Total Security, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1 Power Multi-core,
VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge and VPN-1 VSX are trademarks or registered trademarks of Check Point
Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are
protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, and 7,165,076 and may be protected by other U.S. Patents, foreign patents, or pending applications.
March 19, 2008 P/N 502865