The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Infinity Threat Prevention Management
We are happy to announce the new Infinity Threat Prevention Management
A whole new way to manage your Threat Prevention gateways
Single Click Configuration - The admin just needs to choose one of 5 types of networks the gateway protects (Perimeter/Multipurpose, East-West DC, Internal Network, Guest Network, Highly Sensitive) and that's it.
Automatic Configuration Updates - Check Point will automatically update the profile and the customers will automatically enjoy new features, advanced protections enabled (based on research and ongoing attacks) and other best practices.
Streamlines configuration and deployment of policy profiles across your gateways.
Provides simple and powerful customization to best serve your organization's needs.
Zero day-to-day maintenance required from the admin, while maintaining optimal security.
Customers that don't have time to handle Threat Prevention configurations
Customers that don't know how to and want to be more secured
Customers that would like their Threat Prevention configuration will be always up to date
A 2-minute video:
Can Customers/Check Point Personnel Enable it on their Own?
YES - Infinity Threat Prevention is already available in
Give permissions to the script (chmod +x installItpDarwin.sh)
In the GW_PKG folder, run this script: ./installItpDarwin.sh --local $(pwd)
When finished, script shows 'Finished'
Step 2 - Install 3 Infinity Threat Prevention packages on the Management server:
Copy the Management packages to the Security Management Server and put them in a new folder (name it MGMT_PKG).
Download the installItpDrawin.sh script and upload it to MGMT_PKG folder.
On the Security Management Server, give permissions to the script (chmod +x installItpDarwin.sh)
In MGMT_PKG folder, run this script: ./installItpDarwin.sh --local $(pwd).
When finished, script shows 'Finished' and a list of the installed packages.
In SmartConsole under Threat Prevention profile, you will see Infinity Threat Prevention
Step 3 - Enable Infinity Threat Prevention on a Security Gateway Object:
In SmartConsole, go to Gateways & Servers, right-click the Gateway and click Edit.
Go to the Threat Prevention tab (right-lower section of the window) and select Infinity Threat Prevention.
Step 4 - Create an Infinity Threat Prevention policy (if you already have a Threat Prevention policy package, skip to step 5):
In SmartConsole, go to main Menu and select Manage policies and layers
The Manage policies and layers window opens
Click New - the New Policy window opens
Enter a name for the policy package.
In the General page > Policy types section, select Threat Prevention (you can select more policy types if required).
In SmartConsole, go to Security Policies > Infinity Threat Prevention > Policy
From the drop-down list the 5 pre-defined profiles, select the required profile
Step 5 - Install the Infinity Threat Prevention policy:
In SmartConsole, from the main menu, select Install policy
Select Threat Prevention
Select the your gateways targets for policy installation
Note: The Infinity Threat Prevention policy will be installed on gateways with Threat Prevention Infinity enabled. Gateways with no Threat Prevention Infinity enabled will receive the traditional Threat Prevention Policy
Success criteria: Install policy success
Verify the policy is enforced - download malicious file and verify prevention and correct log generated.
Give us Feedback
Thanks for your feedback!
Are you sure you want to rate this stars?