Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: CheckPoint version R80.10 and above
CheckPoint is a cyber security architecture which offers the perfect combination of proven security, easy deployment, and effective management by consolidating key security applications (firewall, VPN, intrusion prevention, and antivirus and more) into a single, efficiently managed solution.
Netsurion's Open XDR platform integrates with CheckPoint, collects logs from it and creates detailed reports, alerts, dashboards, and saved searches. These attributes of Netsurion helps user to view and receive the critical and relevant information with respect to security, operations and compliance.
Reports contain a detailed summary of events such as failed user authentications, passed authentications in network devices, firewall allowed and denied traffic, anti-malware events, data loss and prevention events, VPN login and logout, and many more in column-value pair.
Alerts are triggered as soon as a critical event are received by Netsurion's Open XDR platform for CheckPoint, such as failed authentications, invalid HTTP request from an endpoint, or detection of an DLP event, etc.
Dashboards represent activities occurring in CheckPoint. These includes, actions applied on endpoint requests, summary of DLP events, firewall traffic events by source and destination IP address, etc.
These attributes or configurations of Netsurion allows administrators to quickly take appropriate actions against any threat/adversaries trying to jeopardize an organization's normal operation.
Once CheckPoint is configured to deliver events to Netsurion manager alerts, dashboards, and reports can be configured into Netsurion.
The configuration details are consistent with Netsurion version 9.2 and later, CheckPoint version R80.10 and above.
Download Integration guide and How-to Guide for more information and to configuration instructions.