Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Check Point Enhances SmartDefense Technology with Greater Protection Against Denial of Service (DoS) Attacks

Ships Product and Unveils New Tools That Safeguard Enterprise Networks and Mission Critical Traffic


REDWOOD CITY, Calif., Aug. 19, 2002 - Check Point Software Technologies (NASDAQ: CHKP), the worldwide leader in securing the Internet, today announced new tools that enhance its SmartDefense security solution to provide greater protection against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. These new tools help safeguard enterprise networks from DoS and DDoS attacks by monitoring and limiting suspicious traffic from clients or to servers, and maintain the integrity of mission critical TCP traffic when a network is under attack.

Check Point SmartDefense, announced in April and shipping now, created a new category of Active Defense products that actively protect organizations from known and unknown network attacks by using intelligent security technology. SmartDefense blocks attacks by type and class using Check Point's patented Stateful Inspection technology and provides a single, centralized console to deliver real-time information on attacks as well as attack detection, blocking, logging, auditing and alerting

Check Point's SmartDefense features:

  • Centralized, Type Based, Attack Prevention - Provides a single place of control for blocking known and unknown attacks using new attack type classification technology.
  • On-Line Updates & Web Worms Prevention - Enables on-line updates from Check Point's SmartDefense attack center to prevent new types of attacks, including new web worms patterns.
  • Real-time Attack Information - Using Check Point's on-line attack information center, security administrators can get updated information on each attack type.

DoS and DDoS attacks, which are among the most common and damaging types of Internet attacks, are caused by attempts to flood networks or servers with mock traffic to prevent legitimate traffic from flowing through. Check Point's SmartDefense mitigates risk and damage from DoS and DDoS attacks with the following new features:

  • TCP Reservation -- Enables network administrators to reserve a portion of FireWall-1 capacity for TCP connections. This protects mission-critical TCP traffic from being effected by UDP or ICMP-based DoS attacks.
  • Client Quotas -- Allow administrators to set limits on connections originating from a single IP address to better detect suspicious traffic and take early action against a DoS attack.
  • Server Quotas -- Allow administrators to set quotas for identical connections to a single server and take action once quotas are reached, enabling greater detection and protection against Distributed Denial of Service (DDoS) attacks.

"Denial of Service attacks continue to present a security threat to enterprises today, potentially causing damage to network and business operations," said Carol Stone, vice president of marketing for Check Point Software Technologies. "Check Point's revolutionary SmartDefense actively detects and protects against these and other types of attacks, providing network resiliency to ensure mission critical resources are not affected while defending against an attack."

Availability

The SmartDefense technology is being incorporated into all Check Point security products at no added cost and is shipping now. Additionally, Check Point offers a subscription service to provide real-time vulnerability information and online updates. The new SmartDefense DoS enhancements will be available in Check Point Next Generation Feature Pack 3 in September 2002. Additional information on SmartDefense can be found at: http://www.checkpoint.com/products/protect/smartdefense.html

About Check Point Software Technologies
Check Point Software Technologies is the worldwide leader in securing the Internet. It is the confirmed market leader of both the worldwide VPN and firewall markets. The company's Secure Virtual Network (SVN) architecture provides the VPN and security infrastructure that uniquely enables secure and reliable Internet communications. SVN solutions, as delivered in the company's Next Generation product family, secure business communications and resources for corporate networks, remote employees, branch offices and partner extranets. Extending the power of SVN is Check Point's Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from over 300 leading companies. Check Point solutions are sold, integrated and serviced by a network of 2,000 certified partners in 203 countries. For more information, please call us at (800) 429-4391 or (650) 628-2000 or visit us on the Web at http://www.checkpoint.com or at http://www.opsec.com.

###

© 2001 Check Point Software Technologies Ltd. All rights reserved. Check Point, the Check Point logo, FireWall-1, FireWall-1 SecureServer, FireWall-1 SmallOffice, FloodGate-1, INSPECT, IQ Engine, Meta IP, MultiGate, Open Security Extension, OPSEC, Provider-1, SecureKnowledge, SecureUpdate, SiteManager-1, SVN, UAM, User-to-Address Mapping, UserAuthority, Visual Policy Editor, VPN-1, VPN-1 Accelerator Card, VPN-1 Gateway, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 SmallOffice, and ConnectControl are trademarks, service marks, or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668 and 5,835,726 and may be protected by other U.S. Patents, foreign patents, or pending applications.