Introducing Check Point Software’s new Autonomous IoT Threat Prevention Solution “Quantum IoT Protect”

Check Point Quantum IoT Protect provides automatic zero trust protection, innovative threat prevention, firmware scanning, and on-device runtime protection for enterprises.

Join us on November 17th to learn more about how Check Point Quantum IoT Protect can secure your IoT devices.

EMEA and APAC: Nov 17 2022, 10:00AM BST / 5:00PM SGT

Americas: Nov 17 2022, 9:00AM PST / 12:00PM EST

In 2022, the market for the Internet of Things (IoT) is expected to grow 18% to 14.4 billion active connections. By 2025, as supply constraints ease and growth further accelerates, there will be approximately 27 billion connected IoT devices.1

It is important to consider these numbers and take them seriously. Year after year, more IoT devices are being manufactured and connected. Sticking to the theme of Halloween, here comes the scary part – in 2021 alone, there were over 1 billion IoT-related cyberattacks.2

IoT has become integrated everywhere and including your enterprise environment. IoT brings many benefits including increased productivity and enabling mission critical applications.   However, IoT can also open your enterprise up to cyberattacks. Take Verkada, the IoT building-security startup that was hacked in 2021, exposing footage from over 150,000 connected surveillance cameras belonging to 95 customers including enterprises, schools, police and hospitals.

In this article, we will go over the complexities involved with securing IoT devices and how our new solution, Quantum IoT Protect, provides value to our customers.

What was announced?


Quantum IoT Protect is available as a software blade within Check Point’s Quantum ‘Titan’ release R81.20, which revolutionizes network security by blocking the most evasive zero-day DNS, phishing, and IoT attacks. Titan combines our innovative AI deep learning technology, advanced global threat intelligence, and Check Point patented techniques to immediately identify and block the most sophisticated threats. Titan also delivers operational efficiency by extending new cloud-based capabilities to on-premises Quantum firewalls through Infinity Cloud Services. This makes it easy to expand network security capabilities without the traditional operational issues involved with updating firewalls.

However, in this article w will focus specifically on Quantum IoT Protect and the value it provides for our customers.

With Quantum IoT Protect, you can start discovering and protecting your IoT assets in just minutes. Check Point is the only vendor that provides autonomous protection against network IoT-related attacks. The solution automatically creates and autonomously enforces zero-trust network access profiles for IoT assets, protecting them against known and unknown cyber threats. In addition, Check Point also protects the IoT device themselves by analyzing and protecting the device’s firmware.

In summary, Quantum IoT Protect leverages industry leading threat intelligence, over 300 IPS signatures, firmware scanning, on-device run-time protection, and a single management console to protect all enterprises against known and unknown IoT cyber-attacks.


Check out the Quantum IoT Protect overview video below:

How does Quantum IoT Protect Work?

Quantum IoT Protect discovers all the assets connected to your organization, providing full visibility to all of these devices and their connections – including IP Cameras, Network Printers, PoS Systems, and more. The assets connected to your organization are identified, highlighted with its associated security risk, and automatically grouped together by device type and role.

The greatest value for our customers comes in this next step. It only takes a couple minutes after turning Quantum IoT Protect on for full visibility and protection for the discovered assets to occur. Plus, you don’t have to worry about any assets that will connect in the future, or change IP addresses, as Quantum IoT Protects keeps the inventory up to date.

Autonomous Zero Trust Protection

One of the consistent struggles our customers approach us with is the complicated task of manually creating zero-trust policies for their assets. Consequently, most of the traffic coming to and from the connected devices is left open. Luckily for them, Quantum IoT Protect automatically builds and enforces zero-trust network profiles for your entire inventory of connected assets on their Quantum Security Gateways. This blocks any unauthorized access preventing any damage to the organization. The autonomous zero-trust network profiles are built on advanced AI technologies, research, and behavior analytics to extend zero-trust practices into IoT assets. IoT and OT environments change frequently and it’s important that your IoT security solution can automatically adapt in real-time to secure these devices.

Advanced Network Threat Prevention

Leveraging Check Point’s industry leading IPS, Quantum IoT Protect can block attempts to exploit known IoT vulnerabilities in real-time. Check Point offers over 10,000 protections for IT and IoT related vulnerabilities as well as several hundreds of protections targeted at Industrial Control Systems. These protections can be applied as virtual patches, which is a huge benefit in a world where IoT device patches are near impossible to complete due to various reasons – including difficult to reach device locations, mission critical runtime, complex protocols and standards, etc.

Preemptive On-Device Security

Quantum IoT Protect also offers the ability to secure IoT devices themselves, at a high scale. For example, it may be difficult for some to protect certain IoT devices that cannot sit behind a security gateway or are so sophisticated that it seems impossible to protect against. This security is built directly into the IoT devices firmware, scanning the firmware for vulnerabilities, and blocking any threats in real time. The solution continuously monitors the device’s firmware to ensure security is always up to date. With Quantum IoT Protect, we are offering revolutionary on-device runtime protection for device manufacturers to develop connected IoT devices with built-in firmware security. Check Point’s Nano Agent® is added to the IoT device with the assistance of the device manufacturer monitoring the current state of the device and acting based on anomalies to identify and remediate zero-day attacks.

To learn more about this, read about some of the work we’ve been doing with Intel and Provision-ISR.

Unified Management Console

IoT discovery, protections, policy creation, event analysis and much more is offered as an end-to-end solution through a single management console with Quantum IoT Protect. With the new Quantum Cyber Security Platform ‘Titan’ release (R81.20) mentioned earlier, Quantum IoT Protect is integrated directly into the Check Point’s security management architecture, making it simple for customers to define unified access control policies and investigate threats through a single pane of glass. Now, you can autonomously monitor IoT logs/data using behavior-based AI & ML; which automatically updates the on-premises security management IoT access control and threat prevention policies.

Why Is Check Point Unique?

Quantum IoT Protect is the only autonomous IoT solution in the market that proactively prevents cyber threats at the device and network level, while other vendors are focused individually on scanning, posture, monitoring, and alerts. The reality of the market is that customers not only need discovery of attacks, but also technology that can prevent the attacks.

Plain and simple, we make device discovery effortless by embedding it directly into our Quantum Security Gateways without the need of any additional hardware sensors. Check Point is the first and only vendor to build and enforce autonomous zero-trust network access profiles to prevent IoT-related cyber threats. For use cases that require advanced discovery, like Industrial and Healthcare organization, we continue to deliver tightly integrated partnerships with industry experts (like Armis and Claroty). These specific partners bring the best device discovery and expertise into these specific use cases, while Check Point provides the best security capabilities. And lastly, we can embed IoT protections directly into the device firmware, creating additional partnerships with device manufacturers to provide preemptive threat prevention for zero-day attacks on IoT devices.

For additional information on how you can begin your journey to fully protect your organization from IoT-related cyber threats, check out the following resources: