Check Point 发布了基于全新软件Blade架构的最新安全网关和管理产品R70-中文全球首发

liuxingyuan

Reporting Software Blade（报告软件刀片）

Overview（概述）
Reporting Software Blade turns the vast amount of data collected from security and network devices into understandable information that organizations can use to validate the effectiveness of security policies and practices, plan network capacity, and maximize their security investment.
报告软件刀片调制从安全和网络设备上产生的大量数据到一个容易理解的信息。组织可以用于证实安全策略和惯例的应用，计划网络的能力，最大化他们的安全投资。
The Reporting Software Blade centralizes reporting on network, security, and user activity and consolidates the data into concise predefined and custom-built reports. Easy report generation and automatic distribution save time and money.
报告软件刀片集中了网络，安全和用户活动的报告，将数据集成到简明的预定义的和客户自定义的报告内。报告的易于产生和自动分布节约了时间和金钱
Key Benefits（主要优点）
² Demonstrates the value of security investments（展示安全投资的价值）
² Reduces management time and cost（减少管理时间和成本）
² Increases visibility of security threats（提高安全威胁的可见度）
² Provides reporting for regulatory compliance（提供法规遵从性的报告）
² Predefined report templates（预定义的报告模板）

[ 本帖最后由 liuxingyuan 于 2009-3-2 21:16 编辑 ]

liuxingyuan

Features（特性）
Centralized reporting（集中的报告）
Automatic report distribution and database maintenance （自动的报告分部和数据库维护）
Scalability and deployment flexibility（可度量和部署灵活）
Easy trending and analysis（易于分析趋势）
Regulatory compliance reports（法规遵从性报告）
Centralized reporting（集中的报告）
Reporting provides a large number of predefined reports that save administrative time and cost by eliminating the need to create custom reports. These reports are organized into easy-to-use categories like cross-product security and network activity, firewall security and network activity, endpoint security, and antivirus as well as product-specific reports.
报告提供了大量的预定义的报告，节省了管理员的时间和成本，消除了创建自定义报告的需要。这些报告组织进易于使用的类别，比如产品安全和网络活动，防火墙安全和网络活动，端点安全和防病毒，特定产品报告。
Each report is further subdivided into sections that provide detailed information about a particular type of traffic or activity on the network. Also, reports can be tailored to suit the information requirements of different users. If there is a specific need not addressed by a predefined report, a security administrator easily can customize a report by adjusting the report filters to capture only the relevant data.
每一个报告被进一步划分为节，提供了关于特定类型流量或网络活动的详细信息。而且，报告可以根据不同用户需求进行调整。如果有一个特殊的需求不在预定义报告中，安全管理员能容易的自定义报告，可以调整报告过滤器仅抓取相关的数据。
Automatic report distribution and database maintenance （自动报告分布和数据库维护）
Reporting enables administrators to schedule regular reports without constant manual intervention. Multiple reporting schedules can be maintained, making it flexible enough to meet the most demanding reporting needs. These reports can be automatically distributed to specific users via email or uploaded to ftp or Web sites.
报告能使管理员调度有规律俄报告，不需要经常人工干预。可以维护多个报告调度，使其具有足够的灵活性满足最费力的报告需求。这些报告可以自动的向特定用户通过email或上传到ftp或web站点。
Scalability and deployment flexibility（可度量和部署灵活性）
Reporting supports both SmartCenter™ and Provider-1® environments. In the Provider-1 environment, Reporting can be configured for global reporting or reporting targeted at a specific network segment or customer. Multiple Reporting deployments can be implemented to run in parallel, scaling to meet the reporting needs of large-scale environments. Reporting offers a variety of installation configurations for both large and small organizations. Where performance and deployment flexibility are key requirements, Reporting can be installed on a dedicated machine. Where cost and simplicity are the primary considerations, Reporting can be installed on the same machine as the SmartCenter or Analyzer server.
报告支持SmartCenter和Provider-1环境。在Provider-1话您个，报告可被配置成全局报告或以特定望断或客户为目标的报告。多个报告部署能被平行的实现，调整报告的需求以满足大型环境。报告提供了多种安装配置，适用于大型和小型组织。在那些要求性能和部署灵活性的环境中，报告可以被安装在专注的机器上。当成本和简单是主要考虑时，报告可以被安装在SmartCenter或分析服务器所在的相同机器上。
Easy trending and analysis （易于分析趋势）
By automating report generation, Reporting enables organizations to efficiently capture security and network intelligence on an ongoing basis. Administrators can also generate reports to be sent to upper management for overall security performance analysis or auditing purposes.
通过自动报告产生，报告使组织能有效地持续不断抓取安全和网络情报。管理员也能产生报告呈送给上层管理者，以总体安全性能分析或审计为目的。
Regulatory compliance reports（法规遵从性报告）
Compliance Reports in the Reporting Software Blade enable enterprises to report on their regulatory compliance posture. The Reporting Software Blade’s Compliance Reports have been mapped to relevant requirements within the PCI, SOX, HIPAA, COBIT, and ISO 27002 regulations and standards.
在报告软件刀片中的遵从性报告使企业能报告他们法规遵从性的表现。报告软件刀片遵从性报告映射了许多需求，保括PCI，SOX，HIPAA，COBIT，和ISO27002规则和标准。

liuxingyuan

Event Correlation Software Blade （事件关联软件刀片）

Overview（概述）
The Event Correlation Software Blade provides centralized, real-time security event correlation and management for Check Point security gateways and third-party devices. Automated aggregation and correlation of data not only substantially minimizes the time spent analyzing data but also isolates and prioritizes the real security threats.
事件关联软件刀片为Check Point安全网关和第三方设备提供了集中的，实时地安全事件关联和管理。自动地汇聚和关联数据不仅大大的减少了分析数据所花费的时间，同时也分离出那些高优先级的实时安全威胁。
With the Event Correlation Software Blade, security teams no longer need to comb through the massive amount of data generated by the devices in their environment. Instead, they can focus on deploying resources on the threats that pose the greatest risk to their business.
使用事件关联软件刀片，安全团队不在需要梳理大量的数据，这些数据由他们环境中的设备产生。代替的是，他们可以集中精力部署资源，以应付对他们企业产生巨大风险的威胁。
Key Benefits（主要优点）
² Translates security events into action items（转换安全事件为活动条目）
² Quickly identifies previously undetectable activity（快速识别以前无法察觉的活动）
² Reduces business risk by responding in real-time（实时响应减少企业风险）
² Prioritizes resources to address the most critical threats（优化资源应对最关键的威胁）
² Easily installs and deploys for low TCO（易于安装和部署，低TCO）
² Generates increased value from current security investments（在目前安全投资上产生增值）

[ 本帖最后由 liuxingyuan 于 2009-3-2 21:19 编辑 ]

liuxingyuan

Features（特性）
Scalable, Distributed Architecture（可升级的，分布式架构）
Centralized Event Correlation（集中式的事件关联）
Easy Deployment（易于部署）
Easy Maintenance（易于维护）
Scalable, Distributed Architecture （可升级的，分布式架构）
The Event Correlation Software Blade delivers a flexible, scalable platform capable of managing millions of logs per day per correlation unit in large enterprise networks. Through its distributed architecture, the Event Correlation blade can be installed on a single server but has the flexibility to spread its processing load across multiple correlation units.
事件关联软件刀片提供了一个灵活的，可扩展的平台，能够在大型企业网络中管理每天每关联单位产生的数以万计的记录。通过它的分布式架构，事件关联刀片能被安装在一个单一服务器上，其灵活性表现在它的处理负载分布在多个关联单元上。
Centralized Event Correlation（集中式事件关联）
The Event Correlation Software Blade provides centralized event correlation and management for all Check Point products—as well as third-party devices such as firewalls, routers, switches, operating systems, mail servers, Web servers, intrusion detection systems, and antivirus applications. Raw log data is collected via secure connections from Check Point and third-party devices by the Event Correlation Software Blade correlation units where it is centrally aggregated, normalized, correlated, and analyzed. Third-party device logs can be easily converted into Check Point format by the patent-pending log parsing technology within the Event Correlation blade. Data reduction and correlation functions are performed at various layers, so only significant events are reported up the hierarchy for further analysis. Log data that exceeds the parameters set in predefined event policies triggers security events. The Event Correlation blade provides a large number of predefined, but easily customizable, security events for quick deployment. These events can be unauthorized scans targeting vulnerable hosts, unauthorized logins, denial of service attacks, network anomalies, and other host-based activity. IT security staffers can also easily create their own events using a wizard or predefined event to fine-tune the system to their particular needs.
事件关联软件刀片提供了集中的事件管理和管理，包括所有的Check Point产品，第三方产品，比如防火墙，路由器，交换机，操作系统，邮件服务器，web服务器，入侵检测系统，和防病毒应用程序。通过安全的连接从Check Point和第三方设备上收集原始数据，送到时间关联软件刀片关联单元集中的聚合，恢复，关联和分析。第三方设备日志能够被容易的转化为Check Point格式，这是通过在事件关联刀片中的日志分析技术（正在申请专利）实现的。在各个层次提供了数据整理和关联功能，所以只有重要的事件被报告到上层做进一步的分析。那些违反了预先定义的事件策略的记录事件触发安全事件。事件关联刀片提供了大量的预定义策略，并易于自定义安全事件，实现了快速部署的目的。这些事件可能是未授权的目标主机扫描，未授权的登录，拒绝服务攻击，网络异常和其他基于主机的活动。IT安全人员使用向导和预定义的事件容易的创建他们自己的事件以更好的调节系统满足特定的需求。
Events are then further analyzed and severity levels assigned. Based on the severity level, an automatic action may be triggered at this point to stop the harmful activity immediately at the gateway. As new information flows in, severity levels can be adjusted to adapt to changing conditions.
事件然后进一步分析做严重级别分类。基于严重级别，一个自动的动作可能在这一点上被触发，在网关上立即停止有害的活动。当信的信息流进入时，严重级别能被适当的调节以适应变化的条件。
Easy Deployment （易于部署）
The Event Correlation Software Blade interfaces with existing SmartCenter™ and Provider-1® log servers, eliminating the need to configure each device log server separately for log collection and analysis. All objects defined in SmartCenter or Provider-1 are automatically accessed and used by the Event Correlation blade server for event policy definition and enforcement. In addition, this tight integration enables the Event Correlation blade to automatically learn the network’s topology and detect correlated events that are sensitive to topological parameters.
事件关联软件刀片接口使用已经存在的SmartCenter和Provider-1日志服务器，消除了为日志收集和分析目的在每个设备进行配置的要求。在SmartCenter和Provider-1上定义的所有对象被事件关联刀片自动地访问和使用，为事件策略定义和执行的政策。附加的，这种紧密地集成使事件关联刀片能自动地学习网络的拓扑和检测那些拓扑参数敏感的关联事件。
Easy Maintenance （易于维护）
Once installed on the network, the Event Correlation Software Blade has a learning mode to baseline the normal activity pattern for a given site and suggest policy changes for fine-tuning the system. Easy-to-use event wizards provide users greater flexibility in customizing events to suit their particular environments. The ease of installation and maintenance enables customers to leverage existing IT/security staff
一旦在网络上被安装，事件关联软件刀片具有一个学习模式，对于一个给定的站点建立一个正常活动模式的基线，并且为更好的地微调系统提出策略改变的建议。易于使用的事件向导提供用户在自定义事件中极大的灵活性以满足他们特定的环境。易于安装和维护使客户充分利用现有的IT/安全职员

liuxingyuan

终于发完了，总结一下
Check Point软件刀片架构由2类容器、10个安全网关刀片和10个安全管理刀片组成
安全网关容器，SG系列，按照支持CPU核心分类，包括SG100，SG200，SG400，SG800，分别支持单核，双核，四核和八核。每一个安全网关容器都包含了一个防火墙刀片，提供了其他安全网关软件刀片的运行环境。
安全管理容器，SM系统，按照管理的网关数量分类，包括SM1000，SM2500，SMU000。分别可管理10个网关，25个网关，和无网关数量的限制，提供了安全管理软件刀片的运行环境。

network

绝对原创中文翻译

全球首翻

swap

超赞 顶一下

lzwjly

超赞~~~
努力学习~~~超赞~~~
努力学习~~~

wangmeng

好强悍的cp啊

network

小伙啊。你还有几成功力对CP呵呵