How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
The Check Point Application Control solution is used by us on two firewall clusters. It is used both on the inside and on the outside. Analyzing internal traffic helps us to understand which applications are used within our network. It does more than simply allowing or blocking traffic. It provides a report on how much these applications consume on the network and where they are used. On the foreign side, we only allow applications considered safe and we always use the report to identify external attacks or improper use from the inside out.
Our primary use case of Check Point Application Control is to filter which application categories we want to allow our organization members to have access to so that they are secured. For example, we don't allow access to malicious applications and some categories that could be threats. We only allow organization members to access secure applications and applications that are aligned with the company's strategy. It also enables us to save internet bandwidth by filtering applications that are not work-related.
Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Application Control software blade is one of the numerous blades activated on the NGFWs and serves for the security improvement in the application detection, categorization, and filtration.
The Check Point Application Control blade provides application security and identity control for our organization. It gives us very easy to create policies based on users and groups. We use Critical Risk and Anonymizers, P2P file sharing, Spyware, and Remote admin categories. We use Application Control in two ways, separate rule base and with access policy as well. My all over experience is good.
The primary use case of this solution is security, threat prevention, antivirus, and ransomware. You can use it for everything.
What do you like most about Check Point Application Control?
Thanks for sharing your thoughts with the community!