Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

netForensics Agent for Check Point

Product Version Certified: 2.3 for Linux, Solaris and Windows NT
Certified for use with: Check Point Next Generation

Product Version Certified: 3.2 Windows integration via MS SQL
Certified for use with: Integrity

Product Description: With netForensics Security Information Management solution, enterprises can deploy a proven monitoring, analysis and reporting solution that provides an extensive view of all security events in a centralized, web-enabled environment.

   
Key Features and Benefits
OPSEC Integration 		netForensics, Inc.
 
Company Description: netForensics, Inc. provides an innovative Security Information Management (SIM) software solution. netForensics gives security administrators the power to quickly assess security activity on the network and make real-time decisions that significantly improves enterprise continuity and protects their security investment. With its scalable distributed architecture, netForensics is the only SIM solution that is focused on real-time reporting, correlation and forensic analysis of the millions of daily records generated by a network's security products.
 

 
Key Features and Benefits

Features:

  • Collects, aggregates and normalizes large quantities of event data from Firewall-1/VPN-1 and other heterogeneous security devices and applications across the network.
  • Performs Universal Correlation Analysis and Scoring, drawing relationships between events occurring on Firewall-1/VPN-1 and other point solutions. Provides a distributed architecture for scalability and performance.
  • Presents a web-enabled, real-time view of security event information
  • Performs forensic analysis, reconstructs attacker footprints and immediately notifies administrators of real threats.

Benefits:

  • Allows administrators to respond rapidly to suspect security situations.
  • Provides management with the crucial analysis and meaningful reports it needs to understand risks and make informed decisions.
  • Pinpoints vulnerabilities to assist in refining security policies.
  • Rapidly delivers a high ROI solution by minimizing costs by decreasing the amount of network downtime and the labor required to manually manage security data.
  • Empowers system administrators to identify different types and patterns of attack that would otherwise go unnoticed.
OPSEC Integration

The netForensics agent acts as a LEA client to gather events from the LEA server and is the interface between Firewall-1/VPN-1 and the netForensics infrastructure. The agent parses, normalizes and filters the data, then sends it to the netForensics engine for Universal Correlation and in-depth analysis. Data from these point solutions is correlated with information from other security devices and applications in the network to provide a holistic view of the security environment. Through this integration, netForensics analyzes Check Point security alerts in real-time and correlate them through a comprehensive set of software methodologies that perform aggregation, additional filtering and parsing. Network managers can access this information from any browser on the intranet and quickly and easily sort through large volumes of raw information to focus on high-risk threats.