Check Point NGFW
Get started fast with inventories of existing keys and certificates
Maximize inspection with full discovery of keys and certificates
Maintain inspection levels with fully automated lifecycle and key distribution
Automated discovery and setup of existing keys and certificates
Increased performance of inspection with automated distribution of keys and certificates
Automated distribution of replacement keys when new keys are generated
Together, Check Point and Venafi enable your organization to detect threats hiding in encrypted traffic. The Venafi Platform allows enterprises to protect and secure large numbers of highly complex machine identities. It provides the visibility needed to discover and automate the full lifecycle of SSL/TLS keys and certificates so that Check Point Next Generation Firewalls (NGFWs) always have current machine identities to inspect traffic for threats.
Check Point NGFWs and the Venafi Platform work together to protect privacy, secure network transactions and defend intellectual property. The integrated solution helps you identify which encrypted channels should be trusted, and which are being used as part of an attack. With Venafi in place, Check Point NGFWs have secure and unhindered access to machine identities, allowing them to detect and prevent attacks that hide in encrypted channels.
Venafi automates SSL/TLS machine identities used in Check Point inbound HTTPS inspection policies. Certificates are defined as Venafi-synced objects within Check Point and automatically kept in sync with the Venafi Platform.
- Bulk-provisioning jobs in Venafi allow new machine identities, matching specified policy, to be provided to Check Point gateways automatically on a schedule or on-demand.
- Expiring certificates are automatically renewed at the CA, provisioned by Venafi to Check Point NGFWs and applied in the Check Point NGFW HTTPS inspection policy.
- Inspection policies are always up-to-date with the most recent version of machine identities, ensuring there are no gaps in SSL/TLS visibility, and encrypted threats are never missed.