Chapter 1: Introduction to Check Point Next Generation with Application Intelligence
The Check Point Next Generation (NG) with Application Intelligence (AI) suite of products provides the tools necessary for easy development and deployment of enterprise security solutions. Check Point VPN-1/FireWall-1 has been beating out its competitors for years in every category, and the NG AI software continues to improve the look, feel, and ease of use of this software. Most notably, there is a new security dashboard that gives security administrators a more detailed view of the Security Policy and management objects in one window. The user interface is easy to comprehend and provides optimal functionality, all in one place.
With the NG AI software, you can manage multiple firewalls from a central management server, and can centrally manage licenses and software upgrades with the SmartUpdate application. Other useful tools in the NG AI suite include Lightweight Directory Access Protocol (LDAP) account management, Large Scale Manager (SmartLSM), SecuRemote virtual private networks (VPNs), bandwidth usage services, Domain Name System (DNS)/dynamic host control protocol (DHCP) services, reporting, logging, and high availability configurations.
This chapter introduces you to each of these tools, and discusses the various components of VPN-1/FireWall-1 in more detail. You will learn the difference between proxy firewalls, packet filtering firewalls, and the technology that Check Point NG AI uses, called Stateful Inspection. You will become familiar with the inspection engine, which is the nuts and bolts of the software, and learn how it analyzes traffic going through the firewall.