Check Point Connectra NGX R 60 Patrick Hanel

Check Point Connectra NGX R 60 Patrick Hanel 2/20/2021 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Agenda § SSL VPN - Anywhere access - Everywhere issue - The future of SSL VPN § Check Point Connectra: Secure Web-based connectivity - Integrated endpoint security and application security - Universal updateability - Easy deployment and management - Flexible platform options - Uniqueness in SSL VPN 2/20/2021 2 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

SSL VPN: Anywhere Access Add more remote users beyond current 20 percent § Less technical employees § Partners Reduce remote access support costs § Browser based; no client maintenance § Less end user complexity Additional access options § Access from home PC, corporate Day Extenders • Email • Basic applications • Home computer Teleworkers • Email • Applications • Company computer PC, Internet kiosk 2/20/2021 Intranet • Email • Applications • Files Extranet • Portal • Applications • Files Mobile workers • Email • Basic applications • Company computer or public computer Extranet access • Partner computers 3 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

SSL VPN: Everywhere Access § With IPSec you knew who was coming in Firewall, antivirus Companyowned PC + Access Agreement Partner PC § With SSL VPN you don’t (usually) Company- Employee owned PC home PC 2/20/2021 Partner PC Public Internet kiosk Completely unmanaged/unsecured 4 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

SSL VPN: The Everywhere Issue Internal applications • Generally nonhardened “Spyware is no longer just an annoying pest swarming home PCs; rather, it has evolved into a serious enterprise security threat. ” – IDC Worldwide Spyware 2004 -2008 SSL VPN Gateway Forecast and Analysis (Nov. 2004) External endpoints • Range from secure to completely unsecured 2/20/2021 5 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

The Future of SSL VPN: Unification Key SSL VPN Needs Anywhere Access Network Access Enforce Policy and Secure Data Secure Applications Easy to Deploy 2/20/2021 SSL VPNs will follow IPSec evolution: Connectivity + Security ANYWHERE ACCESS ü Browser-based access ü Provide access to client/server applications EVERYWHERE SECURITY ü Manage the everywhere security problem ü Harden applications from security threats UNIFIED MANAGEMENT ü Minimize deployment and support time 6 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Check Point Connectra Web Connectivity with Unmatched Security Authentication Server (Optional) Web Server Email Server File Share Server Non-Web Application Server Check Point Connectra Anywhere Access Network Access Enforce Policy and Secure Data Secure Applications Easy to Deploy 2/20/2021 Unified Web Security Gateway ü Secure Web-Based Connectivity ü Integrated Endpoint Security ü Integrated Application Security ü Easy Deployment and Management ü Flexible Deployment Options 7 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Secure Web Based Connectivity Connectra Web Portal Access client/server applications through browser plug-in Web-based access to email Access Web sites and applications Access file share servers 2/20/2021 8 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Integrated Endpoint Security Key benefits § Minimizes risk from unsecured endpoints § Stops ID, password, and data theft • Scans for spyware and malware • Enforces endpoint security compliance (antivirus/firewall) • Provides secure browser for data encryption and cache cleaning • Real-time endpoint security updates Check Point Connectra Guest PC, unmanaged • Limit access rights Public PC using secure browser • Grant higher access rights þ Spyware and malware þ Antivirus and firewall compliance þ Secure browser 2/20/2021 Spyware detected • Deny access 9 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Integrated Application Security Key benefits § Ensures internal applications and resources are secure § Increases security protection for when endpoints are less secure § Application Intelligence and Web Intelligence Application-layer protection – • DNS, FTP, HTTP, Microsoft CIFS, etc. Block malicious data • – Buffer overflows, DOS attacks, SQL injection, worms, etc. Real-time security updates Normal user Hacker/ infected PC Check Point Connectra 2/20/2021 Normal user 10 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Universal Updateability § Perimeter, Internal, Web Strategy: Universal Updateability – Update to All Security Components • Application Intelligence and Web Intelligence • Endpoint Security – Universal Smart. Defense Delivers the power to update each Check Point solution in real time against the latest known and unknown security threats 2/20/2021 11 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Easy Deployment and Management Key benefits § Authentication Integration § Simplifies installation and management § Leverages existing infrastructure Smart. Center Server – LDAP, RADIUS, Secure. ID § Application Integration – OWA, Citrix, i. Notes, etc. – Email, File Share – SSO Authentication Server § Management – Web-based – Optional Smart. Center integration Management Station (Smart. Center) 2/20/2021 Check Point Connectra SSL Check Point VPN-1 12 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Connectra NGX R 60 and Smart. Center § Unified Security Management – NGX Smart. Center • • 2/20/2021 Smart. View Tracker Smart. View Monitor Smart Update Smart. Defense Service 13 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Flexible Platform Options Key benefits § Match platform with price/performance requirements • Available as dedicated appliance or software for open servers § Connectra appliance – Turnkey solution – Hardened Check Point or OPSEC hardware platform – Multiple platforms to match deployment size § Connectra software – Software for open servers – Based on Secure. Platform Connectra software 2/20/2021 Connectra appliance 14 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Connectra Uniqueness in SSL VPN Key SSL VPN Needs Anywhere Access Network Access Enforce policy and Secure Data Secure Applications Easy to Deploy 2/20/2021 Connectra 2. 0 warrants consideration, especially when compared with other enterprise remote-access solutions. It has all of the core features, plus solid endpoint security. With Connectra 2. 0, Check Point March 14, 2005 Software Technologies Ltd. leverages its vast experience securing networks, applications and client endpoints to provide the most comprehensive security feature set we've seen in an SSL VPN product to date. CONNECTIVITY § Almost all vendors deliver similar set of connectivity features üSSL Network Extender a solid performer SECURITY § Some deliver some features § Most rely on third-party startups to fill in gaps üConnectra the most integrated security, only solution with real-time security updates MANAGEABILITY § Standalone solutions, no integration üUnified Security Architecture: Centralized security management 15 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential

Thank You! Authentication Server (Optional) Web Server Email Server File Share Server Non-Web Application Server Check Point Connectra Anywhere Access Network Access Enforce Policy and Secure Data Secure Applications Easy to Deploy 2/20/2021 Unified Web Security Gateway ü Secure Web-Based Connectivity ü Integrated Endpoint Security ü Integrated Application Security ü Easy Deployment and Management ü Flexible Deployment Options 16 © 2005 Check Point Software Technologies Ltd. Proprietary & Confidential