diff --git a/Checkpoint/checkpoint/CHANGELOG.md b/Checkpoint/checkpoint-ngfw/CHANGELOG.md
similarity index 100%
rename from Checkpoint/checkpoint/CHANGELOG.md
rename to Checkpoint/checkpoint-ngfw/CHANGELOG.md
diff --git a/Checkpoint/checkpoint/_meta/fields.yml b/Checkpoint/checkpoint-ngfw/_meta/fields.yml
similarity index 100%
rename from Checkpoint/checkpoint/_meta/fields.yml
rename to Checkpoint/checkpoint-ngfw/_meta/fields.yml
diff --git a/Checkpoint/checkpoint-ngfw/_meta/logo.png b/Checkpoint/checkpoint-ngfw/_meta/logo.png
new file mode 100644
index 0000000000..ec4f61deb7
Binary files /dev/null and b/Checkpoint/checkpoint-ngfw/_meta/logo.png differ
diff --git a/Checkpoint/checkpoint-ngfw/_meta/manifest.yml b/Checkpoint/checkpoint-ngfw/_meta/manifest.yml
new file mode 100644
index 0000000000..5b62a0d8c3
--- /dev/null
+++ b/Checkpoint/checkpoint-ngfw/_meta/manifest.yml
@@ -0,0 +1,9 @@
+uuid: f0a10c21-37d1-419f-8671-77903dc8de69
+name: Check Point NGFW
+slug: checkpoint-firewall
+description: "Check Point NGFWs are sophisticated security equipments.\nSending your firewall logs, especially the allowed events, to Sekoia.io will help you discovering potential network security threats."
+data_sources:
+  Network device logs: Check Point NGFW can record traffic events flowing through their firewall.
+  Network protocol analysis: Check Point NGFW does traffic analysis at physical/data/transport layers
+  Web logs: Domain names are extracted from HTTP traffic
+automation_module_uuid: af67e28c-fff0-489f-ac3c-a556e44a5cf5
diff --git a/Checkpoint/checkpoint/_meta/smart-descriptions.json b/Checkpoint/checkpoint-ngfw/_meta/smart-descriptions.json
similarity index 100%
rename from Checkpoint/checkpoint/_meta/smart-descriptions.json
rename to Checkpoint/checkpoint-ngfw/_meta/smart-descriptions.json
diff --git a/Checkpoint/checkpoint/ingest/parser.yml b/Checkpoint/checkpoint-ngfw/ingest/parser.yml
similarity index 99%
rename from Checkpoint/checkpoint/ingest/parser.yml
rename to Checkpoint/checkpoint-ngfw/ingest/parser.yml
index 6f17bb932f..9cc90d6d3e 100644
--- a/Checkpoint/checkpoint/ingest/parser.yml
+++ b/Checkpoint/checkpoint-ngfw/ingest/parser.yml
@@ -1,4 +1,4 @@
-name: cef
+name: checkpoint-ngfw
 ignored_values: ["-"]
 pipeline:
   - name: checkpoint
diff --git a/Checkpoint/checkpoint/tests/CEF.json b/Checkpoint/checkpoint-ngfw/tests/CEF.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF.json
diff --git a/Checkpoint/checkpoint/tests/CEF_ApplicationControl.json b/Checkpoint/checkpoint-ngfw/tests/CEF_ApplicationControl.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_ApplicationControl.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_ApplicationControl.json
diff --git a/Checkpoint/checkpoint/tests/CEF_accept.json b/Checkpoint/checkpoint-ngfw/tests/CEF_accept.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_accept.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_accept.json
diff --git a/Checkpoint/checkpoint/tests/CEF_allow.json b/Checkpoint/checkpoint-ngfw/tests/CEF_allow.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_allow.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_allow.json
diff --git a/Checkpoint/checkpoint/tests/CEF_cs2_2_times.json b/Checkpoint/checkpoint-ngfw/tests/CEF_cs2_2_times.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_cs2_2_times.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_cs2_2_times.json
diff --git a/Checkpoint/checkpoint/tests/CEF_decrypt.json b/Checkpoint/checkpoint-ngfw/tests/CEF_decrypt.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_decrypt.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_decrypt.json
diff --git a/Checkpoint/checkpoint/tests/CEF_drop.json b/Checkpoint/checkpoint-ngfw/tests/CEF_drop.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_drop.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_drop.json
diff --git a/Checkpoint/checkpoint/tests/CEF_drop_1.json b/Checkpoint/checkpoint-ngfw/tests/CEF_drop_1.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_drop_1.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_drop_1.json
diff --git a/Checkpoint/checkpoint/tests/CEF_geo_protection.json b/Checkpoint/checkpoint-ngfw/tests/CEF_geo_protection.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_geo_protection.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_geo_protection.json
diff --git a/Checkpoint/checkpoint/tests/CEF_https_bypass.json b/Checkpoint/checkpoint-ngfw/tests/CEF_https_bypass.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_https_bypass.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_https_bypass.json
diff --git a/Checkpoint/checkpoint/tests/CEF_network_protocol.json b/Checkpoint/checkpoint-ngfw/tests/CEF_network_protocol.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_network_protocol.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_network_protocol.json
diff --git a/Checkpoint/checkpoint/tests/CEF_proxy_src.json b/Checkpoint/checkpoint-ngfw/tests/CEF_proxy_src.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_proxy_src.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_proxy_src.json
diff --git a/Checkpoint/checkpoint/tests/CEF_reject.json b/Checkpoint/checkpoint-ngfw/tests/CEF_reject.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_reject.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_reject.json
diff --git a/Checkpoint/checkpoint/tests/CEF_syslog.json b/Checkpoint/checkpoint-ngfw/tests/CEF_syslog.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_syslog.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_syslog.json
diff --git a/Checkpoint/checkpoint/tests/CEF_tcp_accept.json b/Checkpoint/checkpoint-ngfw/tests/CEF_tcp_accept.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_tcp_accept.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_tcp_accept.json
diff --git a/Checkpoint/checkpoint/tests/CEF_user_agent.json b/Checkpoint/checkpoint-ngfw/tests/CEF_user_agent.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/CEF_user_agent.json
rename to Checkpoint/checkpoint-ngfw/tests/CEF_user_agent.json
diff --git a/Checkpoint/checkpoint/tests/Generic_icmp_decrypt.json b/Checkpoint/checkpoint-ngfw/tests/Generic_icmp_decrypt.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Generic_icmp_decrypt.json
rename to Checkpoint/checkpoint-ngfw/tests/Generic_icmp_decrypt.json
diff --git a/Checkpoint/checkpoint/tests/Generic_tcp_allow.json b/Checkpoint/checkpoint-ngfw/tests/Generic_tcp_allow.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Generic_tcp_allow.json
rename to Checkpoint/checkpoint-ngfw/tests/Generic_tcp_allow.json
diff --git a/Checkpoint/checkpoint/tests/Generic_tcp_drop.json b/Checkpoint/checkpoint-ngfw/tests/Generic_tcp_drop.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Generic_tcp_drop.json
rename to Checkpoint/checkpoint-ngfw/tests/Generic_tcp_drop.json
diff --git a/Checkpoint/checkpoint/tests/Syslog.json b/Checkpoint/checkpoint-ngfw/tests/Syslog.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Syslog.json
rename to Checkpoint/checkpoint-ngfw/tests/Syslog.json
diff --git a/Checkpoint/checkpoint/tests/Syslog_icmp.json b/Checkpoint/checkpoint-ngfw/tests/Syslog_icmp.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Syslog_icmp.json
rename to Checkpoint/checkpoint-ngfw/tests/Syslog_icmp.json
diff --git a/Checkpoint/checkpoint/tests/Syslog_key.json b/Checkpoint/checkpoint-ngfw/tests/Syslog_key.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Syslog_key.json
rename to Checkpoint/checkpoint-ngfw/tests/Syslog_key.json
diff --git a/Checkpoint/checkpoint/tests/Syslog_nat.json b/Checkpoint/checkpoint-ngfw/tests/Syslog_nat.json
similarity index 100%
rename from Checkpoint/checkpoint/tests/Syslog_nat.json
rename to Checkpoint/checkpoint-ngfw/tests/Syslog_nat.json
diff --git a/Checkpoint/checkpoint/_meta/logo.png b/Checkpoint/checkpoint/_meta/logo.png
deleted file mode 100644
index 17c24bbbcb..0000000000
Binary files a/Checkpoint/checkpoint/_meta/logo.png and /dev/null differ
diff --git a/Checkpoint/checkpoint/_meta/manifest.yml b/Checkpoint/checkpoint/_meta/manifest.yml
deleted file mode 100644
index 9c843b0c2f..0000000000
--- a/Checkpoint/checkpoint/_meta/manifest.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-uuid: f0a10c21-37d1-419f-8671-77903dc8de69
-name: Check Point NGFW
-slug: checkpoint-firewall
-description: "Check Point’s Firewalls are sophisticated security equipments.\nSending your firewall logs, especially the allowed events, to Sekoia.io will help you discovering potential network security threats."
-data_sources:
-  Network device logs: Check Point can record traffic events flowing through their firewall.
-  Network protocol analysis: Check Point firewall does traffic analysis at physical/data/transport layers
-  Web logs: Domain names are extracted from HTTP traffic
-automation_module_uuid: 096f4eda-68dd-11ee-8c99-0242ac120002