SlideShare a Scribd company logo

2018 06 Presentation Cloudguard IaaS de Checkpoint

e-Xpert Solutions SA
e-Xpert Solutions SA

This document discusses Check Point's CloudGuard solution for securing cloud environments. It begins by noting concerns about cloud security from IT leaders and the need for new security models for the cloud. It then outlines CloudGuard's advanced threat prevention capabilities for cloud environments. The following sections describe how CloudGuard provides security across private, public, hybrid, and multi-cloud deployments using automation, orchestration, and a hub and spoke architecture. Check Point's cloud security blueprint aims to deliver agile, automatic, efficient, and controlled security that enables innovation across cloud platforms.

Related slideshows

Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
 
1 of 25
Download to read offline
1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Thierry Silly – Check Point SE CLOUDGUARD IAAS
2©2018 Check Point Software Technologies Ltd. IT leaders worry about cloud security (dimensional Research survey) 62% : on-premises security is better than in the cloud 63% : existing security don’t integrate with Devops 48% : Security haven’t changed and remain the bottleneck We must be able to do better than that…
3©2018 Check Point Software Technologies Ltd. Traditional Security is Not Designed for Cloud Static workloads Manually intensive DevOps don't know Security IT Security doesn't know Cloud
4©2018 Check Point Software Technologies Ltd. IT’S TIME FOR A NEW SECURITY MODEL
5©2018 Check Point Software Technologies Ltd. Private Cloud Public Cloud Hybrid Cloud Cloud: One word, one idea, but different realities
6©2018 Check Point Software Technologies Ltd. ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENT Check Point CloudGuard
7©2018 Check Point Software Technologies Ltd. Access Rule Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor Would you Secure your Datacenter with Simple access lists ? CLOUDGUARD PROTECTS YOUR CLOUD WITH THE INDUSTRY’S BEST THREATS CATCH-RATE
8©2018 Check Point Software Technologies Ltd. CloudGuard brings Advanced Protection for your clouds Basic Firewall / Access Rule Firewall IPS App Control DLP Zero-Day Anti-bot Forensics FilteringAntivirus Threat Emulation Threat Extraction Multi-cloudVPN Identity Awareness Anti-Spam
9©2018 Check Point Software Technologies Ltd. ACI SDN Public Cloud Private Cloud Hybrid Cloud CloudGuard Family
10©2018 Check Point Software Technologies Ltd. R80.10 & Cloudguard controler : THE REAL DIFFERENCE API CLI Connectors Delegation Automation Orchestrati on Front End Scripts AUTOMATION, ORCHESTRATIONS, INTEGRATION ACROSS ALL CLOUDS
©2018 Check Point Software Technologies Ltd. PRIVATE CLOUD
12©2018 Check Point Software Technologies Ltd. Micro segmentation With threat protection Automation & orchestration Dynamic updates Visibility CISCO ACI Automating security inside the Datacenter Private Cloud : Automated UNIFIED security
13©2018 Check Point Software Technologies Ltd. Use Case : Shared Operations Private Cloud A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p Managed by Security For control Managed by Devops Automated Ordered layers for secure delegation Automation for Agility Full visibility for control Business Oriented, Fast and Secure
14©2018 Check Point Software Technologies Ltd. SECURITY THAT ENABLES INNOVATION Easy to secure and connect Multi-clouds application Applications are protected with the best security DevOps and IT Security speaks the same language Policy is updated when application is deleted Application owner never waits Reduce security tickets by 60%
©2018 Check Point Software Technologies Ltd. PUBLIC CLOUD
16©2018 Check Point Software Technologies Ltd. Would you expose your safe in the street ?
17©2018 Check Point Software Technologies Ltd. Public Cloud : UNIFIED security extended Firewall Anti-Virus Anti-Bot Application Control IPS Threat Emulation URLF Secure extension Segmentation Protection Secure Access Security Visibility Scalability Orchestration
18©2018 Check Point Software Technologies Ltd. CLOUD SECURITY BLUEPRINT - ARCHITECTURE Northbound Hub Southbound Hub Spoke 1 Spoke 2 Spoke 3 Spoke N… VPN
19©2018 Check Point Software Technologies Ltd. THE HUB & SPOKE ARCHITECTURE (TRANSIT) Cloud Northbound HUB Southbound HUB SPOKE 1 SPOKE 2 SPOKE N…. WWW VPN • Advanced threat protection on perimeter • North-South & East-West security is controlled by security admin • Inside spoke security controlled by DevOps
20©2018 Check Point Software Technologies Ltd. Cloud Northbound-HUB SPOKE-1 SPOKE-2 CloudGuard IaaS Auto-Scale CloudGuard IaaS-N CloudGuard IaaS-1 ….. SPOKE-N… Southbound-HUB CloudGuard IaaS Cluster WWWLoad Balancer Load Balancer THE HUB & SPOKE ARCHITECTURE (TRANSIT) Load Balancer SPOKE-3 VPN Corporate • Northbound security auto-scales • Southbound security deployed in high-availability • Supported Clouds • Azure Transit- vNET • AWS Transit - VPC CloudGuard IaaS - 2 CloudGuard IaaS - 1
21©2018 Check Point Software Technologies Ltd. MULTI & HYBRID CLOUD ENVIRONMENTS Southbound-HUB Southbound-HUB Northbound-HUB Northbound-HUB ….. VPN WEB APP SPOKE-3 VPN ….. DB AAD SPOKE-3 VPN ….. Northbound-HUB WEB APP SPOKE-3 Southbound-HUB Azure AWS Google VPN WWW
22©2018 Check Point Software Technologies Ltd. • Agile - security architecture that enables DevOps innovation • Automatic - security architecture provisioning • Efficient – automatically deploy, provision & scale security in the Cloud • Control - Security admins gain full visibility of east-west and north-south traffic • Multi-Clouds – unified security architecture for all environments CHECK POINT’S CLOUD SECURITY BLUEPRINT
23©2018 Check Point Software Technologies Ltd. Headquarters Remote Employees Branch Private Cloud & SDN SAASPublic IAAS UNIFIED SECURITY FOR ALL CLOUDS PROTECTION AT THE SPEED OF DEVOPS
24©2018 Check Point Software Technologies Ltd.
25©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. THANK YOU

More Related Content

2018 06 Presentation Cloudguard IaaS de Checkpoint

  • 1. 1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Thierry Silly – Check Point SE CLOUDGUARD IAAS
  • 2. 2©2018 Check Point Software Technologies Ltd. IT leaders worry about cloud security (dimensional Research survey) 62% : on-premises security is better than in the cloud 63% : existing security don’t integrate with Devops 48% : Security haven’t changed and remain the bottleneck We must be able to do better than that…
  • 3. 3©2018 Check Point Software Technologies Ltd. Traditional Security is Not Designed for Cloud Static workloads Manually intensive DevOps don't know Security IT Security doesn't know Cloud
  • 4. 4©2018 Check Point Software Technologies Ltd. IT’S TIME FOR A NEW SECURITY MODEL
  • 5. 5©2018 Check Point Software Technologies Ltd. Private Cloud Public Cloud Hybrid Cloud Cloud: One word, one idea, but different realities
  • 6. 6©2018 Check Point Software Technologies Ltd. ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENT Check Point CloudGuard
  • 7. 7©2018 Check Point Software Technologies Ltd. Access Rule Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor Would you Secure your Datacenter with Simple access lists ? CLOUDGUARD PROTECTS YOUR CLOUD WITH THE INDUSTRY’S BEST THREATS CATCH-RATE
  • 8. 8©2018 Check Point Software Technologies Ltd. CloudGuard brings Advanced Protection for your clouds Basic Firewall / Access Rule Firewall IPS App Control DLP Zero-Day Anti-bot Forensics FilteringAntivirus Threat Emulation Threat Extraction Multi-cloudVPN Identity Awareness Anti-Spam
  • 9. 9©2018 Check Point Software Technologies Ltd. ACI SDN Public Cloud Private Cloud Hybrid Cloud CloudGuard Family
  • 10. 10©2018 Check Point Software Technologies Ltd. R80.10 & Cloudguard controler : THE REAL DIFFERENCE API CLI Connectors Delegation Automation Orchestrati on Front End Scripts AUTOMATION, ORCHESTRATIONS, INTEGRATION ACROSS ALL CLOUDS
  • 11. ©2018 Check Point Software Technologies Ltd. PRIVATE CLOUD
  • 12. 12©2018 Check Point Software Technologies Ltd. Micro segmentation With threat protection Automation & orchestration Dynamic updates Visibility CISCO ACI Automating security inside the Datacenter Private Cloud : Automated UNIFIED security
  • 13. 13©2018 Check Point Software Technologies Ltd. Use Case : Shared Operations Private Cloud A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p A p p Managed by Security For control Managed by Devops Automated Ordered layers for secure delegation Automation for Agility Full visibility for control Business Oriented, Fast and Secure
  • 14. 14©2018 Check Point Software Technologies Ltd. SECURITY THAT ENABLES INNOVATION Easy to secure and connect Multi-clouds application Applications are protected with the best security DevOps and IT Security speaks the same language Policy is updated when application is deleted Application owner never waits Reduce security tickets by 60%
  • 15. ©2018 Check Point Software Technologies Ltd. PUBLIC CLOUD
  • 16. 16©2018 Check Point Software Technologies Ltd. Would you expose your safe in the street ?
  • 17. 17©2018 Check Point Software Technologies Ltd. Public Cloud : UNIFIED security extended Firewall Anti-Virus Anti-Bot Application Control IPS Threat Emulation URLF Secure extension Segmentation Protection Secure Access Security Visibility Scalability Orchestration
  • 18. 18©2018 Check Point Software Technologies Ltd. CLOUD SECURITY BLUEPRINT - ARCHITECTURE Northbound Hub Southbound Hub Spoke 1 Spoke 2 Spoke 3 Spoke N… VPN
  • 19. 19©2018 Check Point Software Technologies Ltd. THE HUB & SPOKE ARCHITECTURE (TRANSIT) Cloud Northbound HUB Southbound HUB SPOKE 1 SPOKE 2 SPOKE N…. WWW VPN • Advanced threat protection on perimeter • North-South & East-West security is controlled by security admin • Inside spoke security controlled by DevOps
  • 20. 20©2018 Check Point Software Technologies Ltd. Cloud Northbound-HUB SPOKE-1 SPOKE-2 CloudGuard IaaS Auto-Scale CloudGuard IaaS-N CloudGuard IaaS-1 ….. SPOKE-N… Southbound-HUB CloudGuard IaaS Cluster WWWLoad Balancer Load Balancer THE HUB & SPOKE ARCHITECTURE (TRANSIT) Load Balancer SPOKE-3 VPN Corporate • Northbound security auto-scales • Southbound security deployed in high-availability • Supported Clouds • Azure Transit- vNET • AWS Transit - VPC CloudGuard IaaS - 2 CloudGuard IaaS - 1
  • 21. 21©2018 Check Point Software Technologies Ltd. MULTI & HYBRID CLOUD ENVIRONMENTS Southbound-HUB Southbound-HUB Northbound-HUB Northbound-HUB ….. VPN WEB APP SPOKE-3 VPN ….. DB AAD SPOKE-3 VPN ….. Northbound-HUB WEB APP SPOKE-3 Southbound-HUB Azure AWS Google VPN WWW
  • 22. 22©2018 Check Point Software Technologies Ltd. • Agile - security architecture that enables DevOps innovation • Automatic - security architecture provisioning • Efficient – automatically deploy, provision & scale security in the Cloud • Control - Security admins gain full visibility of east-west and north-south traffic • Multi-Clouds – unified security architecture for all environments CHECK POINT’S CLOUD SECURITY BLUEPRINT
  • 23. 23©2018 Check Point Software Technologies Ltd. Headquarters Remote Employees Branch Private Cloud & SDN SAASPublic IAAS UNIFIED SECURITY FOR ALL CLOUDS PROTECTION AT THE SPEED OF DEVOPS
  • 24. 24©2018 Check Point Software Technologies Ltd.
  • 25. 25©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. THANK YOU