Q2 2016

Overview – our manifesto Check Point Security – one step ahead Market Leadership
We believe only the best security is acceptable. We • Uncompromised security: • Check Point Software Technologies leads
built the most comprehensive security architecture • Largest Pure play Security vendor worldwide market share with 20.6% of the
with the most advanced management translating Firewall Equipment market in Q3 2015
your security strategy into reality. We continue to • 3000 security experts according to Gartner
innovate and build new technologies and • Largest ($131.5M) R&D spend on • Check Point Software Technologies leads
protections against the ever changing threat security innovations development the global market in combined Firewall
landscape. and UTM appliance revenue share for Q2
• Fastest to respond to industry 2015 according to IDC
We secure over 100,000 organizations, from small vulnerabilities • Leader in Gartner Magic Quadrant for
leaders to the giants of the world. They trust us to • Broadest NGFW product offering Enterprise Network Firewalls (since 1997)
secure their most complex and sensitive
environments and we continue to work every day to • Operational efficiency
earn that trust. • Check Point integrated management
architecture perceived as the gold
Check Point is the standard by which all security standard according to Gartner
solutions are measured.
• NSS LABS best management Labor
TCO for NGFW

Sales Enablement Resources

Facts at glance Third Party Analysis

• 2015 Gartner Magic Quadrant
Success stories • 2016 NSS NGFW Test Report
• 2015 NSS BDS Test Report
Sales enablement portal (wiki) • 2015 Gartner Market Guide Industry’s proven Best Security
• 2014 Miercom Test Report • Only vendor to get 11th consecutive NSS
Competitive WIKI Labs Security Value Map “Recommended
Other resources ” rating since 2011 in FW,NGFW,IPS,BDS
Videos • Corporate presentation • NSS LABS best management Labor TCO
• Software Defined Protection for NGFW
• Zero Second White Paper • Miercom Rated Best NGTP 4800 for
• Unknown 300 White Paper advanced threat protection
• TCO White Paper, Nick Lippis
 Q2 2016

Check Point
How to Compete Against...

Sourcefire
Networks
Palo Alto
Vendors
Network

Fortinet

McAfee
Cisco-
• PAN susceptible to severe evasions techniques due to their flawed single-pass
architecture
• PAN has limited application visibility (awareness)
Strong Stateful 1
• Troubleshooting requires admin to look at six different places Inspection FW
• Received caution rating in the latest NSS Labs NGFW test 1 6 6
Integrated IPS

• Fortinet leaves the network vulnerable with security shortcuts (IPS skipping)
App Awareness
• Management: Fortinet needs an added security administrator head count over 7161 apps ~2197 apps ~2590 apps ~4403 apps ~2100 apps
3 3
according to 3rd party analysts Identity awareness,
User acquisition
• Fortinet ASIC acceleration become ineffective in Next-Gen FW implementation
7 7 7 7
with up to 94% performance degradation (e.g. 3700D) End-User Education
& user Engagement
2 4 2
In-house Event
• Four separate management consoles needed (FW, NGFW, SWG, Splunk). Analysis
5
• Cisco has limited application visibility (awareness) Unified management

• Cisco-Sourcefire default IPS configuration creates security holes by performing

SSL Content 7 7
security shortcuts (IPS skipping)
Inspection
• Cisco management is cumbersome with regards to integrating IPS and FW
Summary
configuration (ASA-Firepower integrated services)
A complete Next-Gen
• McAfee application control lacks basic elements leaving the network vulnerable Firewall Solution

to risks (e.g. very few anonymizers & P2P applications)

Prone to evasions 4) Multiple management consoles
• McAfee application control categorization is basic. It doesn’t enable granularity 1)

2) 3rd party SIEM 5) Using IPS skipping

for a NGFW admin (e.g. WebEx) 3) No Agentless Based option 6) No business justification prompt
4) Only for IPS 7) Need separate appliance
• McAfee out-of-the-box reports and event analysis is limited, it requires
templates configuration, meaning more time and expertise needed
 Q2 2016

Target Audience and Questions to Ask Objection Handling

Other vendors have WebUI Check Point is the leader of the Security market &
CIO, CISO DIRECTOR IT / SECURITY based management one of the strongest points of Check Point always was
INFOSEC MANAGERS the management & the logging & reporting tools
Check Point management is the “Gold Standard”
against which other consoles that are measured
Would you consider a How would you reduce When you test NGFW (Gartner)
single, total security man labor / IT cost do you test it with NAT, Also see what NSS Labs have to say about it
solution from the managing NGFW day Logging, a real world Check Point is only a This is not the opinion of security analysts: Gartner
world’s most trusted to day tasks? rule base, the correct FW company PAN published the components of NGFW in its magic
security vendor if you traffic blend? claims they are the Quadrant and positioned us at the top of the leader
NGFW company & you quadrant. In addition, according to NSS in every
could significantly are an old technology.”
reduce your IT NGFW component we are ranked at the top (FW, IPS
administration tasks? & Application Control) claimed we are the best
NGFW. add to those 20 years of security innovation
Check Point is too If you consider a comparable 3yr TCO, you’ll find that
expensive CP actually have attractive pricing and adds
uncompromised security on top of it
What level of How do you correlate Does running separate
application visibility do events between NGFW products make
you have across your separate NGFW it difficult to consolidate I don’t have the Check Point offers a pain-free POC process. We can
organization? products? alerts? resources/bandwidth now leverage a tap or span port on your network to show
to start an evaluation you the products in action on your network without
disrupting any services or changing your
architecture.

How is your How long does it take How does your current Top Positioning Tips from the Field
organization prepared to identify IPS incidents NGFW solution handle
1. Highlight the proven (NSS Labs) “Recommended” rating and evasion resistant
for intrusion prevention, in your network? advanced evasion detection capabilities
application and user techniques 2. Stress out the importance of practical prevention Check Point offers vs.
awareness? detection only with the other players
3. For existing customers elaborate on their ability to capitalize on their
investment with Check Point and add into integrated alerts and management
consoles
4. Push for POC for customers, if not, offer a security checkup
5. Stress that POCs are performed using real-world traffic with NAT, Logging,
diverse rule base and blend of protocols (http, https, DNS etc..)