|
Home
>
Rex Global Solutions
>
Check Point Solutions
>
Check Point VPN-1 Pro
Check Point
VPN-1 PRO
The Industry's Most
Proven And Secure VPN
VPN-1 Pro, an
integrated VPN-1 and FireWall-1 gateway, offers
management capability, attack protection and traffic
shaping technology. VPN-1 Pro utilizes INSPECT, the
industry''s most adaptive and intelligent inspection
technology, to protect the privacy of business
communications over the Internet while securing critical
network resources against unauthorized access.
|
Discover the Check Point
Difference |
|
|
|
 |
YOUR CHALLENGE
With its worldwide
reach, the Internet provides a flexible and
cost-effective infrastructure for extending the
corporate network to all employees and key business
partners. In order for corporations to take full
advantage of the Internet, however, they must be able to
guarantee both the security of business communications
and the protection of internal network resources. In
addition to security, companies also face challenges of
availability, performance, and scalability. For
mission-critical applications to utilize Virtual Private
Network (VPN) technologies, they must provide reliable
performance and seamless fault tolerance. Finally, all
components of a VPN must be easily integrated and
efficiently managed within the overall enterprise
security infrastructure.
OUR SOLUTION
Check Point's VPN-1 Pro is a
tightly integrated software solution combining the
market-leading FireWall-1 security suite with
sophisticated VPN technologies. The cornerstone of Check
Point's Intelligent Security Solutions, VPN-1 Pro meets
the demanding requirements of Internet, intranet, and
extranet VPNs by providing secure connectivity to
corporate networks, remote and mobile users, branch
offices, and business partners. VPN-1 Pro solutions are
available on the industry's broadest range of open
platforms and security appliances meeting the
price/performance requirements of any size organization.
[click
for larger picture]
VPN-1 Solutions provide end-to-end
security and
connectivity for the extended enterprise.
CHECK POINT'S
COMPREHENSIVE SECURE VPN SOLUTIONS
VPN-1 Pro is the
foundation of Check Point Secure VPN solutions, the most
comprehensive set of products and technologies for
remote access, intranet, and extranet VPNs. Check Point
offers a broad range of VPN products from which
organizations can choose to design the configuration
that best meets their requirements.
SECURITY
Check Point VPN-1
Pro integrates access control, authentication, and
encryption to guarantee the security of network
connections, the authenticity of local and remote users,
and the privacy and integrity of data communications.
FireWall-1 Integration for
Maximum Protection
For effective
enterprise Perimeter, Internal and Web security, and
efficient administration, VPNs must include integrated
firewall capabilities. To this end, VPN-1 Pro includes
market leading FireWall-1 to secure all popular Internet
services with Check Point's Stateful Inspection and
Application Intelligence technologies. VPN-1 Pro
supports more than 150 pre-defined applications,
services, and protocols out of the box, including Web
applications, instant messaging, peer-to-peer
applications, VoIP, Oracle SQL, RealAudio, and
multimedia services such as H.323.
Flexible Authentication
Check Point
SecureVPN solutions offer a multitude of authentication
options, including token cards, RADIUS, and TACACS/TACACS.
In addition, VPN-1's OpenPKI ensures that SecureVPN
solutions are compatible with leading PKI solutions from
vendors such as Entrust, Verisign, and Baltimore
Technologies enabling an organization to manage very
large IPSec VPN deployments. Check Point's unique Hybrid
Mode Authentication allows organizations to deploy IPSec
VPNs while leveraging existing authentication schemes
such as Secure ID tokens.
Organizations that want to
implement strong authentication "out of the box" can use
Check Point One-Click Certificates. With an Internal
Certificate Authority included with VPN-1 Pro, X.509
digital certificates can be issued to VPN-1 gateways and
VPN-1 SecureClient users. One-Click Certificates provide
industry-standard, two-factor authentication without the
complexity and expence of PKI systems.
Strong Encryption
Beyond ensuring
that network access is secure, a VPN solution must
protect the privacy of the data being transmitted. By
adhering to the IPSec standard, VPN-1 Pro automatically
negotiates the strongest possible encryption and data
authentication algorithms available between
communicating parties. This includes Advanced Encryption
Standard (AES) and Triple DES algorithms for data
encryption.
SMART MANAGEMENT
VPN-1
implementations are integrated into an overall
enterprise security policy for maximum security. Check
Point's Security Management Architecture (SMART)
delivers a single enterprise-wide security policy that
can be managed centrally and automatically deployed to
an unlimited number of VPN-1 Pro gateways.
SMART User Interface
Check Point's
SmartDashboard is a sophisticated, yet simple graphical
user interface for defining and managing multiple
elements of a complete security policy: firewalls, VPNs,
network address translation, desktop security, and QoS
policy.
One-Click VPNs
With One-Click VPNs,
large-scale VPNs can be created with a single operation.
By defining VPN communities, organizations can set the
security parameters for an entire VPN, such as an
intranet, Extranet or remote access deployment in one
step. By simply defining all VPN-1 end points in a
community VPNs are automatically enabled among all
gateways or between a gateway and a remote user. As new
sites are added to the community, they automatically
inherit the appropriate properties and can immediately
establish secure IPSec sessions with the rest of the VPN
community.
Simple Extranet VPN
Deployment and Management
Extranet VPNs
enable companies to connect with business partners,
including suppliers and customers. Check Point's
One-Click Extranets deliver a simple structure and
process for defining and managing Extranet VPNs.
One-Click Extranets make it easy for partners to
establish trust, exchange network objects, and build
security rules by utilizing an intuitive user interface
called the Extranet Management Interface (EMI).
WIRE SPEED VPNs
As VPN deployments
become larger and more mission-critical, performance is
a key concern. SecureXL is a framework of interfaces,
software modules, and industry standards that enables
Check Point partners and customers to build cost
effective VPN-1 solutions to meet the most demanding
performance requirements. The SecureXL framework,
together with Check Point's commitment to open systems,
delivers industry-leading performance at the lowest
possible cost.
SecureXL API to Deliver
Multiple Gigabit Performance Solutions
The key to Check
Point's open performance architecture is the SecureXL
API-an open interface for offloading intensive security
operations to third-party hardware or optimized
software. SecureXL-enabled solutions are available in a
number of form factors including software modules, PCI
add-in cards, IPSec Network Interface Cards (NICs), and
SecureXL-enabled appliances with network processors.
Rather than limiting customers to a single proprietary
accelerator, devices utilizing the SecureXL API meet
customer needs by delivering multi-gigabit performance
levels, multiple form factors, and a range of price
points. Integrated VPN Quality of Service (QoS) QoS is a
requirement for any VPN deployment where performance is
important and where there is the possibility of
congestion on the Internet link. FloodGate-1 ensures
optimal performance for mission-critical VPN-1 traffic,
enabling customers to migrate critical business traffic
from private wide area networks to the Internet.
NON-STOP VPNs
VPN-1 Pro includes
powerful capabilities to enable unparalleled performance
and fault-tolerance.
-
ClusterXL is a
high availability and load sharing solution that
distributes traffic of all types across a cluster of
VPN-1 Pro gateways. If a gateway becomes
unreachable, all connections are seamlessly
redirected to the remaining cluster members. Also,
near linear performance gains are achieved when
additional cluster members are added.
-
VPN Load
Distribution is a high availability and load sharing
solution for remote access VPN connections. Inbound
VPN connections are distributed across a cluster of
VPN-1 gateways. If a gateway becomes unreachable,
VPN clients will automatically be connected through
another cluster member.
-
Interface High
Availability enables traffic to be routed to a
secondary interface or ISP link if the primary
interface becomes unavailable. Ongoing connections
are maintained during failover.
SUPPORT FOR MULTIPLE
REMOTE ACCESS TECHNOLOGIES
Check Point
provides multiple remote access solutions to enable
off-site employees to securely connect to company
resources.
VPN-1 SecuRemote
VPN-1 SecuRemote
encrypts and authenticates data to protect against
eavesdropping and data tampering.
VPN-1 SecureClient
VPN-1 SecureClient
extends VPN-1 SecuRemote features with a centrally
managed personal firewall and advanced management
capabilities.
SSL Network Extender
SSL Network
Extender is an optional add-on for VPN-1 that allows
full network-level access over the Web through enhanced
SSL VPN capabilities. SSL Network Extender tunnels any
IP-based application using a browser Web plug-in.
Microsoft L2TP VPN Clients
For Microsoft
users, a VPN-1 gateway can provide secure remote
accessing using a Microsoft Windows L2TP VPN client.
SECURING WIRELESS LANs
Wireless LANs
provide enterprises with a flexible technology that
reduces deployment costs when compared to traditional
wired networks.
Check Point's
SecureVPN solutions enable corporations to securely add
wireless LANs to their networking framework. Check
Point's VPN-1 Pro and VPN-1 SecureClient solutions offer
an integrated firewall and VPN that protects information
at all stages from the client computer to the wireless
LAN to the corporate network with enterprise-class
access control, authentication, and encryption.
SECURECHOICE
Corporations can
deploy VPN-1 Pro on external and internal network
gateways, or VPN-1 SecureServer to protect a single
critical application server. VPN-1 Pro supports a range
of deployment options.
-
Turnkey
-Secured by Check Point- appliances with
pre-installed Check Point software.
-
Windows,
Solaris, and Linux servers.
-
SecurePlatform, included on the standard Check
Point product CD, installs a customized, hardened
operating system and VPN-1 Pro on servers in less
than 10 minutes.
SYSTEM REQUIREMENTS
VPN-1 Pro
gateways are supported on:
Windows NT/2000 Server/98, Sun Solaris, Linux, Check
Point SecurePlatform, Nokia IPSO, AIX
Disk Space: 300MB
Memory: 128MB
SmartCenter Express management server is supported
on
Windows NT/2000 Server/98, Sun Solaris, Linux, Check
Point SecurePlatform, Nokia IPSO, AIX
Disk Space: 300MB
Memory: 128MB
SmartDashboard is supported on
Windows NT/Server/XP/ME/98, Sun Solaris
Disk Space: 100MB
Memory: 128MB
VPN-1 SecuRemote/Secureclient are supported on
Windows NT/2000 Server/XP/ME/98/CE, Macintosh, Linux
Disk Space: 20MB
Memory: 64MB
Check Point SecurePlatform
CPU: Intel Pentium II 300+ MHz or equivalent
Disk Space: 4 Gigabyte hard drive, supported NICS
Memory: 128MB minimum
512MB recommended
For more
detailed information please see
supported platforms and system
requirements.
|
VPN-1 Pro - Details