Check Point Software Technologies has announced the Agentic Network Security Orchestration Platform, a platform that introduces an autonomous agent architecture intended to operate network security functions across enterprise environments with reduced need for continuous human intervention.
Enterprise networks have become more complex due to factors such as the adoption of hybrid cloud environments, increased fragmentation from mergers and acquisitions, and the growing use of AI agents. As a result, operational processes such as change requests can take extended periods to complete, sometimes resulting in delays and disruption. In some cases, project execution may become prolonged, and security policy updates may not keep pace with operational needs, which may increase organisational exposure.
The platform is designed to address three main areas: moving from static rules to intent-based policy, evolving from fixed threat profiles to more dynamic controls, and consolidating multiple vendor consoles into a single orchestration layer across network environments.
Within this model, security teams define business intent while AI agents handle execution within defined parameters. Activities such as rule creation, policy tightening, and virtual patching are automated under human oversight. According to Check Point, this approach can reduce the time required for some processes from weeks to days.
A key component of the platform is the Network Knowledge Graph, described as a continuously updated relational model of a customer’s environment. It is intended to provide agents with current operational data rather than relying solely on static datasets.
The platform also includes a semantic layer that interprets the intent behind firewall policies rather than only their syntax. Once interpreted, agents can perform actions across several areas, including translating business requirements into firewall rules, applying ongoing policy optimisation, diagnosing operational issues, and mapping changes to compliance frameworks such as DORA and PCI-DSS.
As part of its development approach, Check Point has acquired the Deepchecks team and intellectual property. Deepchecks provides evaluation tools for multi-agent systems, and this integration is intended to support evaluation and iteration of agent performance in line with customer requirements.
Security oversight remains part of the model, with organisations retaining authority to approve significant changes and monitor agent activity through execution logs. Check Point also states that it secures more than 100,000 organisations globally, and positions this approach as a way to manage complexity in large enterprise environments.
