FORM 20-F - Check Point

More documents

Recommendations

Info

endpoint devices, such as personal computers. Endpoint security includes personal-firewall, Network Access Control (NAC), program control, antivirus, anti-spyware, data security, URL filtering, anti-spam and remote access features that have been specifically designed for remote personal computing devices. Lost or stolen computers can end up in the wrong hands, intentionally or unintentionally. Companies of all sizes and government agencies face the consequences of losing sensitive data from lost laptop computers, removable media or plug-and-play storage devices. This drives the need for a complete data protection solution that secures data on all common platforms, deploys easily, scales to any size organization and meets strict compliance requirements related to privacy laws and regulations. For example, a number of publicized cases involving large corporations losing unencrypted laptops and exposing millions of customers and employees to potential identity theft have prompted a surge in data protection legislation and regulatory compliance laws worldwide. The relative ease with which data may be lost makes data security a major concern for organizations. To mitigate this risk, organizations are looking to extend security beyond the network infrastructure, to the data itself. The primary means of protecting data that resides on endpoints are: full-disk encryption of the hard drive with access control (rendering the data useless to unauthorized parties), media encryption and port protection (to prevent unauthorized copying of sensitive data to USB flash drives, writable CDs and DVDs, etc.) and mobile device and memory card data encryption (to prevent sensitive data from being accessed on lost or stolen PDAs and smartphones). Products and Services Our products, services and technologies provide the following protection: 1. Network and gateway security: Our wide range of network security gateways allows our customers to implement their security policies on network traffic between internal networks and the Internet as well as between internal networks and private networks used with partners. These gateways are available as either software solutions or integrated into complete solutions including hardware and can scale to meet the requirements of organizations of many sizes. Versions of our software include the following technologies to secure traffic: � Firewall – Inspects traffic as it passes through security gateways, classifying it based on various criteria such as source and destination of connection, protocol, services and application used. This provides a means to allow, block and log each connection based on the organization’s security policy. Our firewall technology is based on several key differentiated technologies, including: o Patented Stateful Inspection technology that allows flexible and programmable classification of network traffic. o Application Intelligence technology that contains various means to detect the correct use of application protocols and can block attacks that attempt to utilize such exploits in specific applications. o Network Address Translation – Allows hiding of internal addresses so internal users are not exposed to external threats, as well as connecting private networks that use “generic” addresses using publicly defined external addresses. o Specific technologies to prevent denial-of-service (DoS) attacks on networks. These attacks include various ways of overloading applications and networks in multiple requests that try to slow and stop their response. 22
� Intrusion Prevention Technologies – Our SmartDefense online security update services and our IPS-1 products provide the means to detect specific attacks based on their usage patterns as well as “unknown” attacks based on “out of bounds” usage of certain services and protocols. � Virtual Private Networks (VPNs) – Provide the means to enable private communication over a network by encrypting traffic between various sub-networks (site-to-site) or individual computers (such as mobile computers) and the corporate network. This prevents exposing sensitive traffic and attempts to modify such communication and replicate certain transactions. � Content Screening – Enables screening of specific application protocols such as Web traffic to allow/block access to specific Web addresses based on their content. Screening for viruses (antivirus) to detect downloads of malicious applications. � Messaging Security – Prevents the use of the messaging infrastructure (such as email) to attack the organization. Six dimensions of messaging security technologies are available in our products including prevention of emailed spam and the use of messaging protocols for various attacks as well as enabling the scanning of email traffic for malware and viruses embedded in email. � Web-Based Communications – Allow remote and mobile employees to securely connect to their organizations’ networks via a Web browser and defend against attacks that target our customers’ Webbased business applications. 2. Data and endpoint security: Our data and endpoint security technologies provide multiple technologies that run on individual computers (endpoints) connecting to the network such as desktop computers and mobile computers and communications devices. These technologies include: � Personal Firewall - Prevents network attacks on individual computers by blocking internal attacks and the proliferation of network “worms” within the corporate network as well as attacks on home and mobile computers that are connected to public networks. Our personal firewall technologies include proprietary technologies such as: o Inbound and Outbound Firewalls – Prevent malware and Trojan horses not only from attacking individual computers but also from sending data out through unauthorized applications. o Program Advisor and Operating System Firewall – Using a real-time network service, we can detect malicious and/or unauthorized applications running on individual computers and block their activities. o Network Access Control – Provides the network with information on the compliance of individual computers to the organization’s security policy and allows selective connectivity of devices to the network based on their compliance. 23
Page 1 and 2: SECURITIES AND EXCHANGE COMMISSION
Page 3 and 4: Currency of Presentation and Certai
Page 5 and 6: Year Ended December 31, 2003 2004 2
Page 7 and 8: in customer requirements, or to dev
Page 9 and 10: � Harm to our existing business r
Page 11 and 12: Report on Form 20-F for each fiscal
Page 13 and 14: others. Our suppliers and licensors
Page 15 and 16: We are exposed to various legal, bu
Page 17 and 18: o In a criminal action in which the
Page 19 and 20: of our operations in Israel, and th
Page 21: the enterprise, and with business p
Page 25 and 26: 3. Security management: A key eleme
Page 27 and 28: These charts summarize our primary
Page 29 and 30: Data and Endpoint Security Check Po
Page 31 and 32: Application Intelligence Our Applic
Page 33 and 34: user interface for the Pre-Boot Aut
Page 35 and 36: implementing, upgrading, and optimi
Page 37 and 38: Check Point Software Technologies (
Page 39 and 40: Property, Plants and Equipment In M
Page 41 and 42: The following table presents the pe
Page 43 and 44: acquired brand will continue to be
Page 45 and 46: We estimate the fair value of emplo
Page 47 and 48: Results of operations The following
Page 49 and 50: oad coverage of our installed base
Page 51 and 52: General and Administrative General
Page 53 and 54: Year Ended December 31, 2006 Year E
Page 55 and 56: As a percentage of revenues: Year E
Page 57 and 58: December 31, 2006, and $1,241.5 mil
Page 59 and 60: Tabular Disclosure of Contractual O
Page 61 and 62: Systems (HDS). He began his career
Page 63 and 64: severance payments mandated by Isra
Page 65 and 66: deficiencies in the administration
Page 67 and 68: Equity Incentive Plans The followin
Page 69 and 70: Shares; (vi) Performance Units; and
Page 71 and 72: ITEM 7. MAJOR SHAREHOLDERS AND RELA
Page 73 and 74:
ITEM 8. FINANCIAL INFORMATION Conso
Page 75 and 76:
ITEM 9. THE OFFER AND LISTING Our o
Page 77 and 78:
directors is also required to conve
Page 79 and 80:
the other merging company (or certa
Page 81 and 82:
general manager, or in which he or
Page 83 and 84:
mere negligence), or committed with
Page 85 and 86:
(2) a year selected by the company
Page 87 and 88:
Taxation of Non-Israeli Shareholder
Page 89 and 90:
Dividends Paid on the Ordinary Shar
Page 91 and 92:
Information Reporting and Back up W
Page 93 and 94:
Foreign Currency Risk Most of our s
Page 95 and 96:
ITEM 16. Reserved. ITEM 16A. AUDIT
Page 97 and 98:
ITEM 16E. PURCHASES OF EQUITY SECUR
Page 99 and 100:
ITEM 19. EXHIBITS 1 Articles of Ass
Page 101 and 102:
CHECK POINT SOFTWARE TECHNOLOGIES L
Page 103 and 104:
REPORT OF INDEPENDENT REGISTERED PU
Page 105 and 106:
In our opinion, Check Point maintai
Page 107 and 108:
CONSOLIDATED BALANCE SHEETS U.S. Do
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
SIGNATURES The registrant hereby ce
Page 151 and 152:
Exhibit 12.1 I, Gil Shwed, certify
Page 153:
Exhibit 13 CERTIFICATION PURSUANT T
show all

FORM 20-F - Check Point

Create successful ePaper yourself

Delete template?

Save as template?