©2016 Check Point Software Technologies Ltd. All rights reserved. [Restricted] ONLY for designated groups and

individuals

Q3, 2016 | 1

ITEM 1: THIRD-PARTY FINDINGS

CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS:

Efficacy : Cisco quotes NSS-BDS 2016 results where it indeed scored 100% and Check Point Scored 99.4% (both great

results) , what is not mentioned that Cisco used 2 products to achieve that score (Firepower and AMP endpoint) where Check

Point used 1

If comparing apples-to-apples NGFW solutions which is the scope of THEIR COMPARISON , if we take the latest NSS NGFW

test, check point scored 99.8% security efficacy where cisco missed 2900% more exploits than check point (see more here)

Time to Detection: not clear why they represent it like this , in fact Check Point average response was ~50% faster than Cisco

(see more here)

WHAT CISCO PUBLISHED A COMPETITIVE COMPARISON OF ITS NGFW SOLUTION VS. OTHER VENDORS (PAN,

FORTINET, CHECK POINT) : http://www.cisco.com/c/m/en_us/products/security/firewalls/competitive-comparison.html

THE COMPARISON CONTAINS SOME INACCURACIES ABOUT CHECK POINT

THE BELOW CONTAINS FUD – FACTS, UNDERSTANDING AND DETAILS ABOUT CISCO COMPARISON IN

REGARDS TO CHECK POINT

VS. CISCO IRON PORT

CHECK POINT RESPONSE TO CISCO NGFW COMPETITIVE

©2016 Check Point Software Technologies Ltd. All rights reserved. [Confidential] ONLY for designated groups and

individuals

Q3, 2016 | 2

Competitive Cheat Sheet

ITEM 2: SECURITY FEATURES CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS Cisco claims are inaccurate:

1. Continuous analysis and retrospective detection – supported (in Early Availability )

2. Network file trajectory – supported (SandBlast Agent)

3. Impact assessment – supported (SmartEvent, Sandblast)

4. Security automation – supported (R80)

5. Behavioral IOC – supported (Anti-bot)

6. User, network, endpoint awareness – supported (across all products)

7. NGIPS – supported , with the highest security effectiveness in the industry (according to NSS LABS)

8. Integrated ATP – supported (Sandblast suite)

9. Malware remediation – supported (SandBlast Agent)

©2016 Check Point Software Technologies Ltd. All rights reserved. [Confidential] ONLY for designated groups and

individuals

Q3, 2016 | 2

Competitive Cheat Sheet

ITEM 3: OPERATIONAL CAPABILITIES CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS Cisco claims are inaccurate (except the claim that our management is excellent):

1. Scanning architecture: Check Point supports parallel processing (more info here 1:19)

2. Software-based segmentation : supported (actually with Cisco TrustSec & ACI , but also NSX, Azure, Aws,OpenStack and

more)

3. Automatic threat containment : supported (actually with the same Cisco ISE , but also with cooperative enforcement )

4. Operations and management : we agree it is indeed excellent

5. Different API’s : supported (REST API ,SANDBLAST API, similar to their proprietary ones)

©2016 Check Point Software Technologies Ltd. All rights reserved. [Confidential] ONLY for designated groups and

individuals

Q3, 2016 | 2

Competitive Cheat Sheet

ITEM 4: ICS/SCADA CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS Cisco claims are inaccurate (except the first and last statement):

1. Base feature set : Check Point includes all relevant protections for SCADA

2. SCADA rules : rules meaning numbers of signatures and AVC , check point supports over 1,000 “rules” (more than 800

SCADA detectors , more than 300 IPS signatures)

For a more accurate comparison, read the “zero tolerance” report here) below a recap

©2016 Check Point Software Technologies Ltd. All rights reserved. [Confidential] ONLY for designated groups and

individuals

Q3, 2016 | 2

Competitive Cheat Sheet

ITEM 6: THREAT INTELLIGENCE CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS Cisco claims are inaccurate:

Check Point ThreatCloud holds over 30M of IOC’s (files, hashes, domains, URL), with more than half a million unique samples per day

ITEM 7: SERVICE PROVIDER CISCO CLAIM

CHECK POINT FACTS, UNDERSTANDING & DETAILS Cisco claims are mostly accurate, though shows their weakness:

Cisco uses third-part stitching (mostly as a concept except Radware), where check point can provide best of breed in house solution

©2016 Check Point Software Technologies Ltd. All rights reserved. [Confidential] ONLY for designated groups and

individuals

Q3, 2016 | 2

Competitive Cheat Sheet

THE CHECK POINT ADVANTAGE Unbeatable security & best management efficiency with predictable performance in the real world

Strongest Protection with Multi-Layer Security Industry-leading security award winning Next Generation Firewall

- Leader in Gartner's 2016 Magic Quadrant of Enterprise Network Firewall (NGFW), since 1997 - Recommended rating in NSS Labs 2016 Breach Detection System test (BDS) - Recommended in NSS Labs 2016 Next-Gen Firewall test (NGFW)

Best management and visibility Easily control over 7,270 apps, 264,256 internet widgets and 200M websites by user, group, or OU

Protect clear and encrypted traffic against data breaches with strong DLP

Provide simple and secure corporate access from all mobile and fixed endpoints

Most efficient security consolidation while keeping predictable real world performance Predictable real-world performance with Security Power (SPU)

Lowest management labor time according to NSS

Industry’s only true unified management and reporting solution covering all aspects of security

CISCO FACTS Security: with its integrated Sourcefire solution, Cisco provides partial security solution

Cisco ASA equipment affected by severe vulnerability – (Read more: http://goo.gl/B6IVKR)

Vulnerable to a full inspection bypass, allowing an attacker to bypass malware detection mechanisms (https://goo.gl/VwCELc)

Cisco Botnet filter lacks core components to detect network behavioral anomalies

Cisco has limited visibility of risk with 68 P2P/File sharing types vs. Check Points 342+

The APP Gap: Cisco has limited application awareness with ~4,366 apps vs. Check Point over 7,270

Cisco management has multiple vulnerabilities (CSRF - http://goo.gl/I9ukZP) and (Cross-Site Scripting http://goo.gl/cRXw0n)

Cisco new unified image Firepower Threat Defense (FTD) has many limitations and missing features such as High

Availability, remote access VPN, multiple context, QoS, PBR, etc.

Cisco has 3 separate images (ASA, FirePOWER and FTD) for different appliances lines and different managements which adds

to deployment complexity and increase admin labor time

Management: with its Sourcefire integrations, Cisco solution requires two separate management Interfaces Cisco needs 3 separate management consoles to properly manage Threat Prevention, Content Security, and 3

rd party event

analysis (Splunk, Logrythm) (vs. 1 from Checkpoint). In some cases with cisco CSM (core FW) is also needed

Cisco needs an added Security Administrator headcount compared to Check Point due to cumbersome management

interface (according to 3rd party analysts)

Cisco lacks an Event Analysis solution—no correlation of security events leads to lack of visibility & added management time

Cisco troubleshooting with FirePOWER management, requires an admin to look at seven different categories for threat

prevention and Next-Gen logs

Cisco central management lacks some basic multi-domain tasks such as Global IPS, Global services, Global VPN

Performance: Cisco very high price performance makes it a less attractive solution Cisco is limited in regards to VPN setup rate with 95% less tunnels comparing Check Point

Cisco fastest appliance performs only 225Gbps of Firewall throughput (Check Point’s is 400Gbps)

Cisco shows very high cost performance (x3 times more than Check Point )

Cisco-FirePOWER SSP20,40,60 with FirePOWER services and 4000 series show very low performance throughputs

compared to Check Point parallel appliances

FOR MORE FACTS SEE “WINNING AGAINST“SLIDE DECK IN COMPETITIVE WIKI OR PARTNERMAP