Support Center > Search Results > SecureKnowledge Details
Infinity Threat Prevention Management Technical Level
Solution

We are happy to announce the new Infinity Threat Prevention Management

  • A whole new way to manage your Threat Prevention gateways

  • Single Click Configuration - The admin just needs to choose one of 5 types of networks the gateway protects (Perimeter/Multipurpose, East-West DC, Internal Network, Guest Network, Highly Sensitive) and that's it.

  • Automatic Configuration Updates - Check Point will automatically update the profile and the customers will automatically enjoy new features, advanced protections enabled (based on research and ongoing attacks) and other best practices.

  • Streamlines configuration and deployment of policy profiles across your gateways.

  • Provides simple and powerful customization to best serve your organization's needs.

  • Zero day-to-day maintenance required from the admin, while maintaining optimal security.

  • Main Beneficiaries

    • Customers that don't have time to handle Threat Prevention configurations
    • Customers that don't know how to and want to be more secured
    • Customers that would like their Threat Prevention configuration will be always up to date
  • A 2-minute video:

Can Customers/Check Point Personnel Enable it on their Own?

YES - Infinity Threat Prevention is already available in 

FAQ

  • Q: Do we need a special license?

    • A: No, same licenses apply ( NGTP/NGTX)

  • Q: Does ITPM have an impact on performance?

    • A: No, there is no change in gateway engines, only policy reader was changed. Relevant technologies are enabled by default according to license.

  • Q: Is install policy needed following ITPM updates?

    • A: No, gateway is updated automatically & doesn't require install policy unless customer overrides policy with exceptions/file overrides.

  • Q: What profile should I use if the same gateway protects as perimeter, protects internal network & guest network?

    • A: Recommended for Perimeter is also the recommended profile for multi purposes protections

  • Q: How can I check if a specific IPS protection/CVE is active?

    • A: According to performance impact and severity shown in profiles comparison

How to decide what is the best profile to choose?

  • Click on "Help me decide" to compare the profiles.

Are there any known limitations?

MTA ( Mail Transfer Agent) is not supported with Infinity Threat Prevention mode. Gateways configured as MTA can be managed by the traditional Threat Prevention mode.

How to contact us?

To get more details and contact us for any question,  email your local Check Point representative and copy INFINITY_THREAT_PREVENTION@checkpoint.com

How to enable ITPM as EA over R80.40?

Download packages from sk167109

Manual Installation
Show / Hide Instructions

Note: first, install Check Point R80.40 GA

  1. Step 1 - Download and install the Infinity Threat Prevention package GOT_TPCONF on the Security gateway (on cluster, install on each member):

    1. Copy the Gateway package to the Security Gateway and put it in a new folder (name it GW_PKG).

    2. Download the installItpDrawin.sh script and place it to the GW_PKG folder.

    3. Give permissions to the script (chmod +x installItpDarwin.sh)

    4. In the GW_PKG folder, run this script: ./installItpDarwin.sh --local $(pwd)

      When finished, script shows 'Finished'

  2. Step 2 - Install 3 Infinity Threat Prevention packages on the Management server:

    1. Copy the Management packages to the Security Management Server and put them in a new folder (name it MGMT_PKG).

    2. Download the installItpDrawin.sh script and upload it to MGMT_PKG folder.

    3. On the Security Management Server, give permissions to the script (chmod +x installItpDarwin.sh)

    4. In MGMT_PKG folder, run this script: ./installItpDarwin.sh --local $(pwd).

      When finished, script shows 'Finished' and a list of the installed packages.

    5. In SmartConsole under Threat Prevention profile, you will see Infinity Threat Prevention

  3. Step 3 - Enable Infinity Threat Prevention on a Security Gateway Object:

    1. In SmartConsole, go to Gateways & Servers, right-click the Gateway and click Edit.

    2. Go to the Threat Prevention tab (right-lower section of the window) and select Infinity Threat Prevention.

    3. Click OK

  4. Step 4 - Create an Infinity Threat Prevention policy (if you already have a Threat Prevention policy package, skip to step 5):

    1. In SmartConsole, go to main Menu and select Manage policies and layers

    2. The Manage policies and layers window opens

    3. Click New - the New Policy window opens

    4. Enter a name for the policy package.

    5. In the General page > Policy types section, select Threat Prevention (you can select more policy types if required).

    6. In SmartConsole, go to Security Policies > Infinity Threat Prevention > Policy

    7. From the drop-down list the 5 pre-defined profiles, select the required profile

    8. Click Ok

  5. Step 5 - Install the Infinity Threat Prevention policy:

    1. In SmartConsole, from the main menu, select Install policy

    2. Select Threat Prevention

    3. Select the your gateways targets for policy installation

      Note: The Infinity Threat Prevention policy will be installed on gateways with Threat Prevention Infinity enabled. Gateways with no Threat Prevention Infinity enabled will receive the traditional Threat Prevention Policy

    4. Click Install

    5. Success criteria: Install policy success

    6. Verify the policy is enforced - download malicious file and verify prevention and correct log generated.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment