Check Point VPN-1 Secure Client NG


Check Point VPN-1 SecureClient NG

Client Security Just Became Manageable !

Check Point VPN-1 SecureClient Next Generation is the only VPN solution to provide true end-to-end Internet security for protecting 'always-on' broadband and other connections with an integrated personal firewall. This revolutionary client also provides sophisticated management capabilities to simplify deployment and significantly reduce the burden of administration.

Centrally Managed Granular Policy Based Security.

VPN-1 SecureClient provides comprehensive, flexible, policy-based security for VPN clients. Firewall policies, logging and alerting protect clients against unauthorized access and potential hijacking - these are risks that increase dramatically with the use of always-on connections.

VPN-1 SecureClient NG uses rule-based security policies. Like FireWall-1 rules, VPN-1 SecureClient security rules enforce access control based on the source, destination, and service of network traffic. Security rules may be defined for users or groups of users, enabling organizations with different types of remote access VPN users - such as salespeople and IT staff - to tailor client security policies to the varying needs of their users.

Rule-based policies, and the ability to specify different policies for specific users or groups, provide maximum flexibility in designing client security policies.

VPN-1 SecureClient policies control access to or from the client PC by filtering traffic based on source, destination, or IP service.

Security Configuration Verification

Security Configuration Verification (SCV) is the process by which checks can be run on a client system to determine whether it is securely configured.

In Check Point NG, SCV is extensible, meaning that customized checks can be created by either OPSEC partners or customers. For example ' is the anti virus software active and current ?' If 'NO' then connectivity can be disallowed depending on your security policy.

SecureClient

VPN Client Management

The SecureClient Packaging Tool, enables administrators to create customized, self-extracting installation packages for their SecureClient users. All VPN-1 SecureClient options can be pre-configured, so the user simply obtains the software package (either by Web download, email, or physical media distribution), runs the executable, and reboots. The user experience is greatly simplified and ongoing maintenance and support costs are reduced.

VPN-1 SecureClient NG automatically updates software on the client machine. All components are checked to see if they are current. New components are sent to the client, applied, and any necessary restarting of services or of the machine itself is done automatically. This greatly improves client security by ensuring that all necessary software is always up to date. Because the process is completely automatic, users need not keep track of new versions or carry out upgrades on their system.

Client Logging & Security Alerts

VPN-1 SecureClient NG can generate log entries for client security events.Client logs can be centrally viewed and sorted. Security is improved by the ability to track attempted breaches or policy violations on remote access client machines.

Security Administrators gain control and improve security with the ability to track or be notified immediately of attempted breaches or policy violations on remote access client machines.

Client-side IP Compression

VPN-1 SecureClient NG supports IP Compression, using the latest industry-standard DEFLATE algorithm. IP Compression improves performance on client systems that must transmit large amounts of encrypted data.

AES Encryption

VPN-1 SecuRemote NG supports Rijndael encryption, the Advanced Encryption Standard (AES) algorithm. This algorithm supports variable key lengths from 128- to 256-bits. This provides highly efficient symmetric encryption, with performance approximately 300% that of Triple-DES.

Back to the Check Point Product Page