Network SecurityCheck Point network security solutions are the market- leading choice for securing the network infrastructure.

key benefitSn Robust security to protect your

network and business against increasingly sophisticated attacks and attack vectors

n Efficient management to overcome data overload with tools that provide direct, graphical focus only on impor-tant security events associated with critical business systems

n Flexible deployment to deliver defense configurations to meet ever-changing network dynamics and policy requirements

IPS-1Robust and accurate intrusion prevention

Today’s networks operate in an environment that is ever changing, with dynamic configurations, policy requirements, deployment needs, and security threats. Check Point IPS-1™ is a dedicated intrusion detection and prevention system (IDS/IPS) that helps organizations secure their enterprise network, and protect servers and critical data against worms, automated malware, and blended threats both known and unknown.

IPS-1 provides the strong, robust, and dynamic security for which Check Point is known. In addition, IPS-1 features superior management tools that increase administrator efficiency and provide unique rapid-response mitigation. The highly intuitive IPS-1 centralized interface provides graphical management tools that allow a system administrator to quickly identify and act on threats to the network. IPS-1 management and enforcement are unified with the Check Point security architecture, so administrators can implement IPS defenses seamlessly across an entire network security infrastructure. Also, because of this unifica-tion, the familiar, intuitive Check Point interface helps reduce IPS-1 training costs and increase administrator effectiveness.

IPS-1 solutions are available both as turnkey Check Point appliances and soft-ware-only versions that can run on open servers. IPS-1 also offers multiple deployment modes—inline, bridge, IDS—that add to its flexibility.

the SecUrity to protect yoUr networkIPS-1 utilizes multiple methods of defense to protect your network and business against the multitude of increasingly sophisticated attacks and attack vectors.

accurate and granular attack preventionDesigned to provide immediate and reliable blocking of unwanted network traffic, IPS-1 systems not only stop backdoor and blended threats (such as Code Red, MS Blaster, Nimda, and SQL Slammer worms), but also attacks including SQL injection, command tampering, and polymorphic buffer overflows—in real time before they can affect your organization. From its core outward, IPS-1 is built to deliver trusted intrusion prevention while minimizing the time, costs, and staff requirements associated with intrusions.

hybrid Detection engineAt the heart of IPS-1 is the Hybrid Detection Engine, which uses multiple detection and analysis techniques including vulnerability signatures, exploit signatures,

*

IPS-1

puresecurity™puresecurity™

anomaly detection, protocol analysis, operating system and application fingerprinting, smart IP reassembly, multi-element correlation, and dynamic worm mitigation. This robust detec-tion engine enables broad coverage across the threat spectrum, ensuring IT assets are protected against known and unknown threats.

attack confidence indexingIPS-1 includes a unique feature called Attack Confidence Indexing that enables administrators to direct and calibrate prevention enforcement according to factors such as the threat and asset under attack. Attack Confidence Indexing allows known exploits to be blocked with no concern of blocking critical business traffic.

Multi-alert correlationMulti-alert Correlation identifies patterns in alert activity that would otherwise be reported as separate, unrelated events. For example, a single source IP launching multiple attacks across a geographically distributed network would be correlated and raised as a higher priority correlated alert.

Dynamic worm MitigationDynamic Worm Mitigation recognizes rapidly propagating worms and automatically blocks them from proliferating across your entire network.

aware, adaptive, and actionable securityIPS-1 automatically recognizes threat points and dynamically protects them against inevitable attack. IPS-1 determines critical vulnerabilities and changes in the network, alerts security managers to these threatened points, and automati-cally deploys the proper signature sets to protect them before they are attacked.

ongoing security updates via SmartDefense ServicesIPS-1 systems are backed by Check Point SmartDefense™ Services, which provide ongoing, real-time updates and security advisories, helping ensure that Check Point security solutions are continuously updated to stay ahead of today’s constantly evolving threats. Security experts at the SmartDefense Research Center continuously monitor the Internet for new exploits and vulnerabilities and rapidly develop and deliver new protections to help ensure that your network and business are protected from evolving threats.

the ManaGeMent to SolVe Data oVerloaDOnly IPS-1 delivers the management tools required to keep your administrators from drowning in data and starving for critical, actionable information.

Situational VisibilityIPS-1 provides instant awareness of only what’s important—important security events associated with business-critical systems. A real-time graphical interface isolates and high-lights critical attacks against essential business systems accelerating the ability to recognize, evaluate, and act upon truly critical events. This “at a glance” monitoring not only makes operators of any skill level more efficient, but a simple mouse click allows them to quickly and easily evaluate critical events, set response, and remediation actions.

advanced forensic analysisIPS-1 allows you to quickly sort through an overload of alert information to identify actionable events and their patterns, including the attack source, attack methods, severity, targets, frequency, and many others. From there, a single mouse click provides alert detail information including attack description, effect, importance, remediation, third-party information sources, and more.

packet captureView deep forensic analysis and packet capture information of attacks.

alert flood suppressionAlert flood suppression recognizes and automatically consoli-dates bursts of alert floods and presents them as a single consolidated alert rather than an unmanageable flood of alerts on your screen.

top 10 graphsDelivers quick and exacting graphical views of the “Top 10” attackers, attack targets, protocols, and so on.

An intuitive Timeline View makes it easy for administrators to analyze alerts that appeared within a particular time period.

The IPS-1 Vulnerability Browser enables vulnerability scanning, viewing, and management from a single dashboard.

puresecurity™

Robust and accurate intrusion prevention

puresecurity™

check point eventia analyzerAutomate event correlation for compliance audits with Eventia® Analyzer integration. Additionally, utilize Eventia Analyzer to correlate data from IPS-1 and other security devices to prioritize events for decisive, intelligent action.

intuitive, centralized managementIPS-1 centralized management delivers simplicity with small deployments and intuitive, powerful centralized control and scalability for large enterprise deployments. Using graphics, automation, and wizard-driven features, IPS-1 saves your security staff time by making management of network security more intuitive and more efficient.

the fleXibility to Meet the neeDS of toDay’S DynaMic networkSIPS-1 delivers the flexibility to meet the ever-changing network dynamics, policy requirements, and deployment needs of today’s network environments.

Multiple deployment modesIPS-1 sensor appliances have a built-in hardware-level bypass function and can be deployed in passive IDS mode,

inline bridge mode, or inline blocking mode with fail severed/unsevered, and can be deployed to meet mixed IDS and IPS chokepoint requirements.

Software-only optionBuild your own sensor for deployment, easy staging, or as a quick, hot spare with the IPS-1 software-only option. Leverage the fully hardened and secured Check Point operat-ing system, SecurePlatform™, which combines the simplicity and builtin security of an appliance with the flexibility of an open server. Then you can turn an off-the-shelf server into a high-performance IPS-1 sensor in less than 30 minutes.

open SiGnatUreS anD SiGnatUre lanGUaGeIPS-1 signatures and its signature language are open, thus allowing you to see how IPS-1 works, and, more importantly, enabling you to meet any special, unforeseen security requirements such as supporting nonstandard protocols.

IPS-1 Sensors• Hybrid Detection Engine (HDE)• Attack Confidence Indexing• Open signature language• Multi-mode prevention appliance with fail severed or unsevered options

IPS-1 Management Server• Optimized data store• Multi-alert Correlation• Dynamic shielding

IPS-1 Dashboard• Check Point Unified Security Architecture• Scalable, centralized management• Graphical, Situational Visibility• Granular forensic analysis• Reporting and compliance

Flexible Integration• Check Point products • Common third-party SIMs• Nessus• More

The IPS-1 intrusion prevention system is based on a three-tier architecture, providing reliability and scalability.

Worldwide Headquarters5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.comU.S. Headquarters800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com

contact check point

*NSS-approved certification achieved on Sentivist™ Smart Sensor 100C v1.3.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. Check Point, the Check Point logo, Attack Confidence Indexing, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Hybrid Detection Engine, IPS-1, PURE Security, the puresecurity logo, Sentivist, SmartCenter, and SmartDefense are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, and 7,165,076 and may be protected by other U.S. Patents, foreign patents, or pending applications.

May 19, 2008 P/N 503054

ipS-1 applianceS ipS-1 Software only

ipS-1 Sensor 50

ipS-1 Sensor 200

ipS-1 Sensor 500

ipS-1 Sensor 1000 integrated Solution

ipS-1 power Sensor 2000

ipS-1 open Sensor 100

ipS-1 open Sensor 200

ipS-1 open Sensor 500

ipS-1 open Sensor 1000

Network location

Remote office/network

perimeter

Remote office/ network

perimeter

Network perimeter

(multisegment)

Network perimeter

(multisegment)

Network perimeter

(multisegment)

Remote office/network

perimeter

Remote office/network

perimeter

Network perimeter

(multisegment)

Network perimeter

(multisegment)

performanceThroughput (IPS/IDS) 50/75 Mbps 200/250 Mbps 500 Mbps/

1 Gbps 1.3/2.3 Gbps 2/4 Gbps 100/200 Mbps 200/250 Mbps 500 Mbps/ 1 Gbps 1/2 Gbps

Maximum number of CPU cores

1 2 4 8

attributes

Monitoring interfaces

2 x 10/100/1000 Mbps copper

Copper—4 x 10/100/1000

Mbps or Mixed—4

10/100/1000 copper plus 4

1000 Mbps fiber

Copper—8 x 10/100/1000

Mbps or Mixed—4

10/100/1000 copper plus 4

1000 Mbps fiber

8 x 10/100/1000 Mbps copper or 8 x 1000 Mbps

fiber

8 x 10/100/1000 Mbps copper or 8 x 1000 Mbps

fiber

Maximum of 4 Maximum of 4 Maximum of 6 Maximum of 8

Management interfaces

1 x 10/100/1000 Mbps copper

1 x 10/100/1000 Mbps copper

1 x 10/100/1000 Mbps copper

1 x 10/100/1000 Mbps copper

1 x 10/100 Mbps copper

N/A N/A N/A N/AForm factor 1U 1U 1U 2U 4U

Dimensions, H x W x D in. (cm)

1.703 x 16.8 x 13.4 (4.325 x 42.6 x 37.98)

1.70 x 16.93 x 20 (4.325 x 43.0

x 50.8)

1.70 x 16.93 x 20 (4.325 x 43.0

x 50.8)

3.36 x 17.5 x 27.5 (8.54 x

44.36 x 69.8)

2 @ 3.5 x 17 x 22.5 (8.9 x 43.2

x 57.1)

Weight lbs (kg) 15 (6.8) 31 (14.1) 35 (15.9) 46 (20.86) 2 @ 40 (18)

physical characteristicsRedundant power supplies

No No No Yes YesN/A N/A N/A N/A

Hardware-level bypass Yes Yes Yes Yes Yes

powerAmps 6/3 6.5/3.2 6.7 10/5 10 (5 per box)

N/A N/A N/A N/AVoltage (AC) 110/220 100/127 100/127 110/220 100/240

Input range (AC) 100–240 100–127/ 200–240

100–127/ 200–240

100–127/ 200–240 —

environmental rangeOperating temperature

0°C to 40°C (ambient) 10°C to 35°C 10°C to 35°C 10°C to 35°C 0°C to 40°C

(ambient)

N/A N/A N/A N/A

Nonoperating temperature -20°C to 80°C -40°C to 70°C -40°C to 70°C -10°C to 43°C —

Relative humidity (nonoperating)

10% to 90% (non condensing)

10% to 95%, non-condensing

at temps of 23°C to 40°C

10% to 95%, non-condensing

at temps of 23°C to 40°C

10% to 95%, non-condensing

at temps of 23°C to 40°C

10% to 90% (non condensing)

RF emissions FCC Class A Device

FCC Class A Device

FCC Class A Device

FCC Class A Device

FCC Part 15 Class A

Subpart B (US/Canada)