 Check Point products consistently meet and exceed the stringent requirements established by internationally recognized standards, approval processes and independent security industry tests. That’s why Check Point solutions are essential for agencies and companies tasked with maintaining the highest level of security and confidentiality.
The following list summarizes third-party certifications received by Check Point products.
If your organization requires additional certifications not listed here, please contact us to learn more about certification for Check Point solutions. |
| |
| Certification |
Check Point Solution |
Common Criteria
Internationally recognized standard and an ISO standard (ISO-IEC 15408) for evaluating the security claims of IT products and systems. Certification provides customers with a higher level of assurance that the security of a product as evaluated meets the standards for security requirements..
|
Check Point offers EAL4 certified security solutions for firewall, VPN, IDS, IPS, management, secure logging, and endpoint security. Check Point Integrity is the only endpoint security solution from a major security vendor to achieve Common Criteria EAL 4 certification.
- VPN-1/FireWall-1 NGX HFA-03 is certified as EAL4 Augmented with Application-Layer Firewall Medium Robustness V1, June 2000, the Traffic-Filter Firewall Protection Profile for Medium Robustness Environments, V1.4 June 2000, and the Intrusion Detection System Protection Profile, March 9, 2005. The EAL4+ will also meet the requirements of Flaw Remediation (ALC_FLR.3) and a higher level of vulnerability and testing with AVA_VLA.3.
- Integrity 6.5 Agent
Is certified as EAL4 with ALC_FLR.2, AVA_VLA.3, (in evaluation)
- VPN-1/FireWall-1 NGX is certified to EAL4 including the R65 release. Platforms include UTM-1, Firefly, Nokia, Crossbeam, HP, IBM, Siemens and Solaris
- NFR Sentivist™
(now Check Point IPS-1™)
Is certified as EAL2, conformant to the US government IDS/IPS Protection Profile
- Pointsec PC is certified as EAL4
|
FIPS
Federal Encryption Processing Standard (FIPS) 140-2 defines security requirements for cryptographic modules for US government National Security Telecommunications and Information Systems. Security Policy (NSTISSP) #11.
|
FIPS 140-2 Level 1 and 2 certified solutions include:
- VPN-1 NGX HFA-03 with certificate #450, #722
- Pointsec 4.1 with certificate #208
- FIPS 140-2 Pointsec for PocketPC Cert #441
- FIPS 140-2 Pointsec Media Encryption Cert #237
FIPS 140-2 Pointsec® Crypto Module Cert #770 (Used by and from version:)
a. Pointsec PC v6.2
b. Pointsec Mobile:
c. Symbian v3 3.0 b135
d. Smart Phone - v3.1
e. Pocket PC - v3.3
FIPS 140-2 Reflex Magnetics Cryptographic Library Cert #784 (used by and from version:)
a. Pointsec Protector from v4.90 |
ICSA
Independent testing and certifications for Firewall and IPSec, including the security functions of data source authentication, data integrity and confidentiality.
|
- VPN-1 NGX HFA03 is IPsec certified to ICSA IPsec 1.1D criteria
- VPN-1/FireWall-1 and VPN-1 UTM
Edge W are certified to ICSA corporate firewall 4.1 criteria
|
VPN Consortium
|
- VPN-1 NGX has passed IPSec conformance testing
- Connectra has passed SSL VPN conformance testing
|
IPv6
Certified to include IPv6 mandatory core protocols and interoperability with other IPv6 implementations.
|
- VPN-1/FireWall-1 NGX has passed extensive interoperability testing
|
NSS
Leading independent security products testing organization evaluating performance, security effectiveness and usability.
|
- NFR Sentivist (now Check Point IPS-1™) is "NSS approved" for IDS/IPS
|
BITS Financial services security laboratory
|
- Pointsec now offers the only endpoint data encryption solution certified to meet the security needs of the financial services industry.
|
|
- SecureClient Mobile was awarded logos for passing the Microsoft™ Designed for Windows Mobile™ program in both the Pocket PC and Smartphone Applications categories.
|
Section 508
Section 508 of the United States Rehabilitation Act of 1973 mandates that Federal agencies acquire products which enable people with disabilities to have access to information and data in a way that is comparable to the access and use experienced by people without disabilities.
|
- VPN-1 NG FP-1 complies with Section 508, and is compatible with assistive technology.
|
Euro Symbol
|
- Eventia Reporter, where accounting functions are utilized, implements the concept of 'units' in place of any specific currency. Since neither the EURO nor any other monetary symbol appears in our software products, Check Point therefore states that it is in EURO symbol compliance.
|
|
