For all further security policy and blade management you download the SmartConsole software directly from the appliance. This installs a heap of management and monitoring utilities which includes the SmartDashboard for creating and deploying security policies.
A row of tabbed folders provides easy access to all the components. A network object is automatically created for the appliance and selecting it loads a properties window where you can activate each software blade.
All traffic is blocked by default so you need to create firewall rules which comprise source and destination objects, services, time schedules and logging options. Plenty of rule actions are possible as you can permit, deny or drop traffic and enforce user authentication.
Check Point has augmented its URL filtering services with a new AppWiki feature, so it doesn't just rely on traditional category databases. AppWiki makes the web filtering blade far more versatile as it provides a database of over 4,500 Web 2.0 apps, options for controlling specific Facebook activities and a list of nearly 250,000 social network widgets.
During testing we found this blade performed extremely well with very few web sites slipping past our filtering policies. For each policy you can block or allow access, request authentication and present warning web pages, redirect users or display a page informing them that an AUP is in place.
The anti-spam blade also performed well during testing with live mail as it returned a high detection rate of 98 per cent over a two week period. However, we had to tweak the confidence score for suspected spam as it was initially throwing up too many false positives.
The mobile access blade is a new feature and is designed to provide secure access for remote workers using PCs, laptops or mobile devices that want to access corporate resources. A wizard takes you through the process of creating SSL VPN portals, choosing which apps and resources are to be made available and picking an authentication method.
