Check Point Endpoint Security
Strengths: Comprehensive solution for endpoint protection.
Weaknesses: From what we saw, reporting and event management are separate applications. Cost at $165 per user.
Verdict: If you have the Check Point infrastructure in place, this solution will slide into that framework nicely, with a lot of protection at the endpoint.
SummaryCheck Point Endpoint Security (Total Protection Edition) is a single agent for total endpoint security that combines a firewall, network access control (NAC), program control, anti-virus, anti-spyware, full disk encryption (FDE), media encryption (ME) and remote access VPN.
We installed and used the management console on our Windows 2003 server. The platform does integrate with Check Point management framework and SecurePlatform and includes support for SmartView Tracker, Eventia Reporter, Eventia Analyzer and SmartView Monitor.
The client side came with the capabilities to deploy a firewall, including custom policies, anti-virus and anti-spyware, as well as the ability to control program execution, VPN, some basic intrusion prevention capabilities and integrated NAC functions to allow for network quarantine in the event of a detection or policy violations. The client side also included disk and media encryption capabilities. The encryption could be applied to removable media devices, including CDs and DVDs. This version supports 256-bit encryption. For mobile devices, the policies are in effect even when the system is detached. User notifications warn when users are out of compliance with the policy.
The management interface was easy to use. If you have used a Check Point management interface before, this interface will be familiar. An AD scanner is included to find and pull in data. There is also an option for a webRH component that will allow for establishing a web portal for users to request self help. We did not test this function during our review.
The documentation was hard to follow and did not track well to the ISOs [archive file]. Support is good, but does come at a fee through various offerings.
If you are a Check Point shop currently, this solution will integrate well and the learning curve will be small. Reporting and event management are also available as Windows applications. The solution with all the options can be costly, but it delivers a comprehensive set of controls at the endpoint.