Check Point Software Technologies Ltd., a pioneer and global leader in cyber security solutions, launched its Agentic Network Security Orchestration Platform, a purpose-built autonomous agent architecture that executes network security operations across enterprise environments, without requiring constant human intervention.
The launch continues the company’s mission to fundamentally transform the way enterprise network security is managed, an approach that has remained largely unchanged since the early days of the firewall era.
Enterprise networks have grown beyond human capacity to manage. Hybrid cloud adoption, M&A-driven fragmentation, the explosion of connected devices, and the rapid proliferation of AI agents across infrastructure have created environments that no human team was designed to secure at this scale. A single change request can take two to four weeks to work through analysis, security review, and policy dependencies – only to break something else and restart the cycle. Segmentation projects sit on the board for years and never ship. Policies drift because workloads move faster than any team can follow. The result is predictable: Zero Trust projects stall, policy tightening never completes, and organisations are left exposed. Check Point’s platform addresses this by beginning a transformation across three dimensions that have defined and constrained network security management for decades: moving from thousands of static rules to intent-based policy, from fixed threat prevention profiles to dynamic exposure-based controls, and from fragmented vendor consoles to a single orchestration layer across the entire network. Security teams set the business intent. The agents handle everything below it.
At the center of the platform is a proprietary Network Knowledge Graph, a live, relational model of the customer’s actual environment, continuously updated with topology, traffic flows, asset dependencies, and real-time configuration data. This is what separates Check Point’s agents from generic AI applied to security problems. Rather than reasoning over static training data, agents reason over the customer’s actual network as it exists right now, grounding every decision in the customer’s specific reality.
The platform’s semantic intelligence layer goes further, interpreting not just the syntax of existing firewall policies but the business intent behind them, including rules created years or decades ago. Once that intent is understood, agents act on it autonomously across four core capabilities:
- Intent-to-Policy translates natural language business requirements into hardened, risk-validated firewall rules across multi-vendor environments.
- Zero Trust and Policy Tightening continuously analyses active traffic to identify shadow access and over-permissive configurations, autonomously applying validated tightening recommendations without risking connectivity breaks.
- Autonomous Troubleshooting conducts multi-step reasoning across topology, policy history, and logs to diagnose failures autonomously, reducing mean time to resolution from hours to minutes.
- Continuous Compliance maps every rule and configuration change to DORA, PCI-DSS, and NIST in real time, replacing annual audit fire drills with continuous automated enforcement.
- Security teams retain authority at the intent level, approving high-impact changes before execution, with full visibility into every agent’s action through a complete execution trace.
- Underlying the platform are agent skills fine-tuned on more than 30 years of operational expertise protecting over 100,000 organisations, spanning the edge cases and configuration complexity that generic models have never encountered.
