|
Home
>
Rex Global Solutions
>
Check Point Solutions
>
Check Point VPN-1 Pro
Check Point
VPN-1 PRO
Integrated Security
Check Point VPN-1 Pro integrates access control,
authentication, and encryption to guarantee the security
of network connections, the authenticity of local and
remote users, and the privacy and integrity of data
communications. VPN-1 Pro supports both site-to-site
and, along with VPN-1 SecuRemote/SecureClient, remote
access VPN solutions.
-
FireWall-1
Integration
-
Flexible
Authentication
-
Strong
Encryption
-
OpenPKI Support
FireWall-1 Integration
For effective
enterprise security and efficient administration, VPNs
must include integrated firewall capabilities. To this
end, VPN-1 Pro includes the market-leading FireWall-1 to
secure all popular Internet services with Check Point's
patented Stateful Inspection technology. VPN-1 Pro
supports more than 150 pre-defined applications,
services, and protocols out of the box, as well as
important business applications such as Oracle SQL,
multimedia applications such as RealAudio, and
multimedia services such as H.323.
Flexible Authentication
For maximum
security and flexibility, VPN-1 Pro provides integrated
support for multiple user authentication methods. Mobile
VPN users can be authenticated using smart cards,
token-based products like SecurID, LDAP-stored
passwords, RADIUS or TACACS+ servers, pre-shared
secrets, X.509 digital certificates, or even advanced
biometric techniques.
With Check Point's
unique Hybrid Mode Authentication, VPN-1 Pro provides
additional flexibility by enabling organizations to
utilize any FireWall-1 supported authentication method
in conjunction with IPSec VPN deployments.
Strong Encryption
Beyond ensuring
that network access is secure, a VPN solution must
protect the privacy of the data being transmitted. By
adhering to the IPSec standard, VPN-1 Pro automatically
negotiates the strongest possible encryption and data
authentication algorithms available between
communicating parties. This includes the new Advanced
Encryption Standard (AES) Rijndael and Triple DES
algorithms for data encryption.
|
Encryption Algorithm |
Key Length |
|
Rijndael (Advanced Encryption
Standard - AES) * |
128- and 256-bit |
|
Triple DES* |
168-bit |
|
DES |
56-bit |
|
DES-40* |
40-bit |
|
CAST-40* |
40-bit |
|
User Authentication |
|
X.509 Digital Certificates |
|
Pre-shared Secret |
|
Hybrid Mode IKE * |
|
RADIUS |
|
TACACS/TACACS+ |
|
Token-based (two-factor) |
|
Operating System Password |
|
FireWall-1 Password |
|
S/Key |
|
Public Key Algorithms |
Key Length |
|
RSA |
512- to 1536-bit* |
|
Diffie-Hellman |
512- to 1536-bit* |
|
Key Management |
|
IKE (ISAKMP/Oakley) |
OpenPKI Support
Public Key
Infrastructures provide the necessary management
infrastructure for large IPSec VPN deployments by
enabling the use and management of keys and digital
certificates. VPN-1's OpenPKI support allows customers
to choose the PKI solution that best fits their needs.
OpenPKI ensures that VPN-1 products are compatible with
leading PKI solutions from vendors such as Entrust,
Verisign, Baltimore Technologies, and iPlanet, which are
certified as part of Check Point's OPSEC (Open Platform
for Security) Alliance. VPN-1 solutions also support
industry standards such as X.509, PKCS #11 and PKCS #12,
to ensure the highest levels of security and
interoperability as organizations expand their networks
through remote access and extranet VPNs.
|
VPN-1 Pro - Details