Cisco Security and Check Point
How Check Point and Cisco Security work together
Check Point Software Technologies Ltd. is a provider of software and combined hardware and software products for IT security, including network security, endpoint security, mobile security, data security and security management.
Product Integrations
XDR Investigate: Check Point Quantum Smart-1 Cloud is a unified network security policy management platform for firewalls, applications, users, and workloads. With real-time threat visibility, large-scale event logging, and rich Management API. This integration uses the Management API to access Check Point NGFW alerts. Check Point NGFW is built on the basic concept of traditional firewalls but additionally includes deep packet inspection, application-level inspection, intrusion prevention, and advanced malware prevention capabilities like sandboxing. It also brings in threat intelligence from outside the firewall.
Integration with Check Point Quantum Smart-1 Cloud allows Cisco XDR to incorporate NGFW alerts in investigations and incidents. These alerts provide detailed visibility into network traffic and malicious activity. Use this integration to query for security detections of observables including IP, hostname, domain, process name, file name, URL, MD5, and SHA-256. This integration also provides an automatic target in Cisco XDR automation which can be used for various firewall-related workflow use cases.
XDR Automate: Check Point Quantum Smart-1 - Add IP Address to Network Group
This workflow appears in the pivot menu and allows you to add an IP address to a network group in Check Point Quantum Smart-1. Supported observables: IP, IPv6. Note: This workflow is designed for use with Quantum Smart-1 Cloud. If you want to use it with an on-premises Smart-1 instance, you may need to deploy an XDR automation remote. See the XDR automation documentation for more information about remotes.
- Identity Services Engine / pxGrid: pxGrid integration with Cisco ISE enables Check Point Identity Awareness blade to associate users and network privilege level with security policies, monitoring and reporting across Check Point security services.
- Cloudlock: With Check Point and CloudLock, organizations can unify security efforts in hybrid cloud environments, surface user-enabled, shadow IT cloud apps, and detect and remediate malware. The joint integration allows security teams to enable the success of their employees through cloud technologies, all while improving the security integrity of the organization