Professional Documents
Culture Documents
Handling Objections
Objection
Isnt IPS Software Blade just an update to SmartDefense?
Response
Lower IT costssave up to 85% on the cost of your current IPS solution Leverage your security investment Decrease your carbon footprint
No, IPS Software Blade is a completely new IPS solution with a new threat protection engine and architecture IPS R70 adds a new preemptive multi-method signature and behavioral prevention engine, focused contextual inspection and SecureXL integration Also compare the IPS performance improvement of R70 which is 24xs that of R65 using the Recommended Profile Incorporates Confidence Indexing for flexible enforcement and reduced false positives Ask for specific concerns then address them (i.e. performance, scalability, coverage, etc.) Reiterate the efficiencies that are realized by collapsing IPS into the firewall fewer point solutions and consoles, better performance and lower costs Address any performance issues (see below) Highlight security benefitsmulti-method detection and analysis and industry leading Microsoft coverage Delivers over 15Gbps combined Firewall / IPS throughput Leverages SecureXL for packet-processing acceleration. Plus, CoreXL technology leverages multiple cores to assure inspection and performance. IPS Software Blade incorporates high-speed pattern matching with multi-layered, 2-tier inspection for maximum performance All IPS protections have Performance Impact rating Provides Gateway Load Threshold and Fail Open settings to ensure firewall performance with IPS enabled
Integrated wont work for us; need dedicated because were enterprise not SMB
Consistent leadership in total signature production Industry leader on Microsoft vulnerability coverage since 2008 Thousands of proactive, preemptive protections right out-of-the-box Leverages five signature centers around the world Built-in Attack Mitigation Engine blocks up to 1 million attack packets per second for effective DoS/DDoS protection Leverage your investment to add best-of-breed IPS for only 15% of the cost of traditional, stand-alone network IPS Choose an existing IPS appliance with over $50K in CAPEX & OPEX costs OR choose the IPS Software Blade for just $3K in OPEX cost! Over $50k in savings per chokepoint! Plus, savings on ongoing operational costs reduced hardware, rack space, power and cabling Business-level view to forensics in 3 clicks and 3 simple screens Reduced security infrastructure to simplify server room Single management console and user interface for firewall and IPS simplifies and makes security team more efficient Check Points dedicated security/partner focus Broad portfolio of award-winning network, management and endpoint security solutions
Strong on networking, but not a focused and dedicated network security vendor Poor usability and manageability; lacks integrated console Customer QA issues with poor signature quality Often distracted due to their near-exclusive focus on Cisco Significant IPS manageability problems with integration of firewall / VPN / IPS technologies into JUNOS Juniper NSM security management tool cannot be used to easily manage integrated IPS in JUNOS security platforms (Network World) Only a stand-alone IPS vendor. Nothing more Customers would have to go to other security vendors for remaining security needs Stand-alone IPS vendors, nothing else Unproven and high-risk vendor choice for critical network security Basic firewall features, such as NAT, VPN, routing and HA options are all fairly primitive (Network World) Known more for host security offerings Not considered by enterprises as a strong network security provider Enterprise firewall product (formerly Sidewinder) has no market visibility and weak IPS
Juniper
Cost/TCO/ROI
TippingPoint
Niche Start-ups
Security Focus
McAfee
2009 Check Point Software Technologies Ltd. All rights reserved. September 21, 2009
Ability to have both without compromise Firewall/VPN and IPS on a single, integrated platform
Minimize your capital costs (CAPEX) and leverage your existing solution to do more
Questions to Ask
2009 Check Point Software Technologies Ltd. All rights reserved. September 21, 2009
Check Points new integrated, super-fast, scalable and robust IPS Software Blade offers the same performance as dedicated IPS solutions
Full range of appliances with IPS throughput up to 15Gbps Multi-Gigbit performance with 100% protections enabled
Check Points network-class gateways and integrated Software Blade architecture define next-generation security
Best-in-class, unified platform that integrates Firewall, VPN, IPS and more into single next-generation platform New integrated IPS is flexible, granular, robust, and offers best-of-breed proactive protection and coverage
Check Point is innovating and pioneering. Were changing the face of IPS in the industry
All-new Software Blade architecture and breakthrough IPS Software Blade Truly integrated IPS, Firewall and VPNon a single appliance and unified management interface Offer the same solution and architecture on openplatforms. Also run on high-end Crossbeam platforms
Check Points IPS software blade offers same or better protections as a dedicated IPS solution
We offer protections for thousands of signatures with the new IPS engine Integrated protocol analyzer, multilayered protections and pattern matcher provide comprehensive IPS coverage
New niche vendors do not have the feature set and depth that compares to Check Point
Basic firewall features, such as NAT, VPN, routing and HA options are all fairly primitive (Network World) Simple/common NAT policies cant be created easily VPN is missing configuration features that allow it to interoperate with standards-based IPSec implementations Niche vendor firewalls are unproven and not capable of replacing an enterprise firewall
Adding dedicated IPS appliances to the enterprise edge adds cost and complexity
High cost of additional hardware, administration, power, cabling and rack space
Integrating IPS into your Check Point firewall is the most effective strategy
Niche vendor firewalls are more like a dedicated IPS than a next-generation security gateway
They sacrifice central management features by focusing on user-control and protection Are designed to be placed behindor in front ofan existing firewall. Not designed to replace the firewall
Cisco and Junipers integrated IPS solution is just an add-on to their old IPS technology!
Usability
One integrated management console for firewall and IPS Integrated policy, monitoring, reporting and event management in a single, easy-touse interface Software Blades that can be enabled and configured on any gateway with a simple click of the mouseno additional hardware required Proven security research and response Most robust enterprise firewall in the industry Revolutionary Software Blade architecture and breakthrough IPS Software Blade Dedicated, trusted security vendor with broad portfolio of award-winning network, endpoint and management security solutions
Leadership
Well-known, pure-play security company and network security pioneer Proven leader in security software and hardware Leader in Gartner Enterprise Firewall Magic Quadrant Highly decorated, award-winning security technology Industrys highest performing firewall/VPNdelivering up to 25Gbps performance Industrys highest performing integrated IPSdelivering up to 15Gbps performance Broad range of industry-leading, integrated, multi-Gigabit enterprise gateways
Security Focus
Performance
2009 Check Point Software Technologies Ltd. All rights reserved. September 21, 2009