Check Point VPN-1

Source: Wikipedia, the free encyclopedia.

VPN-1 is a

VPN-1 is a

VPN
solution.

Platforms

The VPN-1 software is installed on a separate

protocol stack, file system, process scheduling and other features needed by the product. This is different from most other commercial firewall products like Cisco PIX and Juniper
firewalls where the firewall software is part of a proprietary operating system.

Although traditionally sold as software only, VPN-1 is also sold in appliance form as Check Point's UTM-1 (starting 2006) and Power-1 appliances. Appliances run the Gaia, or Gaia Embedded operating system.

As of version R80, Check Point Quantum Network Security supports the following operating systems:

Previous versions of Check Point firewall supported other operating systems including

Sun Solaris, HP-UX and IBM AIX, and Microsoft Windows. See the table in the Version History
section below for details.

VPN-1 running on the Nokia platform on IPSO was often called a Nokia Firewall as if it were a different product, but in fact it runs the same VPN-1 software as other platforms.

Upon completing the acquisition of Nokia Security Appliance Business in 2009, Checkpoint started the project named Gaia aimed at merging two different operating systems—SecurePlatform and IPSO—into one. This new OS is positioned to finally replace both existing operating systems at some point in the future.[5] On April 17, 2012 Check Point announced the general availability of the Gaia operating system as part of the R75.40 release.

Features

While started as pure firewall and vpn only product, later more features were added. And while they are licensed separately, they have since began to be bundled in default installations of the VPN-1 as well.

SmartDefense (IPS) This feature adds to the built-in stateful inspection and inherent TCP/IP protocols checks and normalization inspection of most common application protocols. Starting NGX R70 this feature has been rebranded as IPS.
Quality of service (Floodgate-1) Checkpoint implementation of the Quality of service (QOS). It supports bandwidth guaranteeing or limiting per QOS rule or per connection. Also the priority queuing can be done (LLQ). Nevertheless, RFC based QOS implementation, be it Differentiated services or Ip precedence, are not supported
Content Inspection Starting with NGX R65 this new feature has been introduced providing 2 services:

  • Antivirus scanning - scanning of the passing traffic for viruses
  • Web filtering - limiting access of internal to the firewall hosts to the Web resources using explicit URL specification or category rating.

See also

References

  1. ^ US5606668A, Shwed, Gil, "System for securing inbound and outbound data packet flow in a computer network", issued 1997-02-25 
  2. Check Point Software Technologies Ltd. 1997-03-17. Archived from the original
    on 2008-07-04. Retrieved 2009-04-01.
  3. ^ "Express VPN Speed Test".
  4. ^ "Firewall Appliance para Empresas".
  5. ^ Gaia project

External links