SmartDefense not only protects against a variety of recognized attacks that vary from the dissimilar classes of Microsoft networking worms through to DDoS attacks, but it also integrates advanced security technologies that increase a site s protection from complete categories of emerging or unknown attacks.

SmartDefense is founded on Check Point s Stateful Inspection and Application Intelligence technologies, which allow an administrator to drop not only precise attacks, but also complete categories of attacks while still allowing genuine traffic to pass. Application Intelligence is a collection of technologies that detect and prevent application-level attacks by integrating a deeper inspection of application profiles into network security defenses. The core functions of Application Intelligence include:

• Validating compliance to standards and RFCs

• Validating expected usage of protocols

• Blocking malicious data

• Controlling hazardous application operations

SmartDefense blocks attacks at a Check Point enforcement point which may be either a gateway or a single installation of SecureServer on a host. It does this by implementing Check Point s Stateful Inspection and Application Intelligence technologies. A number of SmartDefense facilities are enforced as an incorporated element of the firewall security policy. These are distributed as an element of the enforcement points security policy. SmartDefense also provides further benefits from the stringent access control to network resources it provides through the deployment of Check Point enforcement points.