SlideShare a Scribd company logo

Csa Summit 2017 - Un viaje seguro hacia la nube

CSA Argentina
CSA Argentina

This document discusses securing workloads in the cloud. It recommends a 4 step approach: 1) control the cloud perimeter with advanced threat prevention, 2) securely segment workloads inside the cloud, 3) manage consistent security policies across hybrid environments, and 4) automate security to match the dynamic nature of the cloud. The document promotes Check Point's vSEC product family for providing adaptive security that learns and scales with applications in private and public clouds.

1 of 25
Download to read offline
1©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. Lucas S. García | Security Engineer Ar Py Uy garcial@checkpoint.com UN VIAJE SEGURO HACIA LA NUBE
2©2017 Check Point Software Technologies Ltd. WELCOME TO THE CLOUD
3©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent FROM DATA CENTER TO CLOUD DATA CENTER ​WHAT USED TO TAKE WEEKS ​TAKES MINUTES WITH CLOUD CLOUD
4©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent THE CLOUD IS HERE SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION (Gartner) ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017 (IDC) GROWTH 40% OF IT BUDGETS WILL BE CLOUD- BASED BY 2018 (Forbes)
5©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent WHY CLOUD? ​AGILITY ​Fast to react ​ELASTICITY ​ ​Fasttogrow
6©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD FUNDAMENTALS Cloud is a shared environment Cloud is a connected environment Cloud is a dynamic environment Therefore, cloud is vulnerable and exposed…
7©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD SECURITY MUST BE ADAPTIVE Legacy Security Cloud Security Adding new application Add rule is a SHOWSTOPPER Adaptive policy is an ENABLER Security inside the cloud Network change is COMPLEX SDN integration is AUTOMATIC Application growth Replacing appliances is EXPENSIVE Auto-Scale is EFFORTLESS
8©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent 4 STEPS TO SECURE YOUR CLOUD BUCKLE UP
9©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #1: CONTROL THE CLOUD PERIMETER •Use advanced threat prevention at the cloud perimeter •Securely connect your cloud with your on-premise environment ​CLOUD ​ON-PREMISE
10©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #2: SECURE THE CLOUD FROM THE INSIDE •Micro-segment your cloud to control inside communication •Prevent lateral threats movement between applications App App App App
11©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS • Deploy unified security management for your hybrid cloud (On-Premise and Cloud) • Ensure policy consistency • Reduce operation cost ​CLOUD ​ON-PREMISE
12©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #4: AUTOMATE YOUR SECURITY Security should be as elastic and dynamic as your cloud • Auto-provisioned • Auto-scaled • Adaptive to changes
13©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 13©2017 Check Point Software Technologies Ltd.
14©2017 Check Point Software Technologies Ltd. CHECK POINT CLOUD SECURITY PRINCIPLES Utmost protection Adaptive Security Hybrid Infrastracture
15©2017 Check Point Software Technologies Ltd. THE vSEC FAMILY [Protected] Non-confidentialcontent ACI Consistent security policy and control across ALL Private and Public Clouds
16©2017 Check Point Software Technologies Ltd. vSEC ADVANCED PROTECTION Access Rule vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor
17©2017 Check Point Software Technologies Ltd. CISCO ACI [Protected] Non-confidentialcontent SECURITY INSIDE YOUR CLOUD Securing the datacenter from the inside is now simple with SDN Micro segment the datacenter with advanced protection between applications App App App App
18©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent ADAPTIVE SECURITY vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve. •Security that learns about application changes •Auto-scaled virtual security •Pay-as-you-grow for private and public cloud Telefonica: “vSEC adaptive security is a game changer.”
19©2017 Check Point Software Technologies Ltd. Check Point Access Policy Rule From To Application Action 3 Finance_App1 (vCenter Object) Database_Group (NSX SecGroup) MSSQL Allow 4 HR_App2 (Open StackObject) Finance_Group (ACI EndPoint Group) CRM Allow 5 User_ID SAP_App (AWS Object) SAP Allow ADAPTIVE SECURITY Reduce Firewall Tickets by 60%
20©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent SUCCESS More than 1,000 customers purchased vSEC in 2016 20©2017 Check Point Software Technologies Ltd.
21©2017 Check Point Software Technologies Ltd. XERO is a global online accounting firm servicing over 1M accounts in AWS vSEC secures all their accounts in AWS Allegiant makes leisure travel affordable vSEC secures their new NSX-based Private Cloud HAPPY CUSTOMERS [Protected] Non-confidentialcontent 21©2017 Check Point Software Technologies Ltd.
22©2017 Check Point Software Technologies Ltd. THE CYBER SECURITY ARCHITECTURE OF THE FUTURE THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT PREVENTION. Introducing
23©2017 Check Point Software Technologies Ltd. ONE SECURITY PLATFORM PREEMPTIVE THREAT PREVENTION CONSOLIDATED SYSTEM MOBILE CLOUD THREAT PREVENTION
24©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 24©2017 Check Point Software Technologies Ltd. Utmost Protection, Adaptive Security , Hybrid Infrastructure
25©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. THANK YOU Itai Greenberg | Head of Cloud Security BU

More Related Content

Csa Summit 2017 - Un viaje seguro hacia la nube

  • 1. 1©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. Lucas S. García | Security Engineer Ar Py Uy garcial@checkpoint.com UN VIAJE SEGURO HACIA LA NUBE
  • 2. 2©2017 Check Point Software Technologies Ltd. WELCOME TO THE CLOUD
  • 3. 3©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent FROM DATA CENTER TO CLOUD DATA CENTER ​WHAT USED TO TAKE WEEKS ​TAKES MINUTES WITH CLOUD CLOUD
  • 4. 4©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent THE CLOUD IS HERE SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION (Gartner) ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017 (IDC) GROWTH 40% OF IT BUDGETS WILL BE CLOUD- BASED BY 2018 (Forbes)
  • 5. 5©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent WHY CLOUD? ​AGILITY ​Fast to react ​ELASTICITY ​ ​Fasttogrow
  • 6. 6©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD FUNDAMENTALS Cloud is a shared environment Cloud is a connected environment Cloud is a dynamic environment Therefore, cloud is vulnerable and exposed…
  • 7. 7©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD SECURITY MUST BE ADAPTIVE Legacy Security Cloud Security Adding new application Add rule is a SHOWSTOPPER Adaptive policy is an ENABLER Security inside the cloud Network change is COMPLEX SDN integration is AUTOMATIC Application growth Replacing appliances is EXPENSIVE Auto-Scale is EFFORTLESS
  • 8. 8©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent 4 STEPS TO SECURE YOUR CLOUD BUCKLE UP
  • 9. 9©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #1: CONTROL THE CLOUD PERIMETER •Use advanced threat prevention at the cloud perimeter •Securely connect your cloud with your on-premise environment ​CLOUD ​ON-PREMISE
  • 10. 10©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #2: SECURE THE CLOUD FROM THE INSIDE •Micro-segment your cloud to control inside communication •Prevent lateral threats movement between applications App App App App
  • 11. 11©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS • Deploy unified security management for your hybrid cloud (On-Premise and Cloud) • Ensure policy consistency • Reduce operation cost ​CLOUD ​ON-PREMISE
  • 12. 12©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #4: AUTOMATE YOUR SECURITY Security should be as elastic and dynamic as your cloud • Auto-provisioned • Auto-scaled • Adaptive to changes
  • 13. 13©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 13©2017 Check Point Software Technologies Ltd.
  • 14. 14©2017 Check Point Software Technologies Ltd. CHECK POINT CLOUD SECURITY PRINCIPLES Utmost protection Adaptive Security Hybrid Infrastracture
  • 15. 15©2017 Check Point Software Technologies Ltd. THE vSEC FAMILY [Protected] Non-confidentialcontent ACI Consistent security policy and control across ALL Private and Public Clouds
  • 16. 16©2017 Check Point Software Technologies Ltd. vSEC ADVANCED PROTECTION Access Rule vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor
  • 17. 17©2017 Check Point Software Technologies Ltd. CISCO ACI [Protected] Non-confidentialcontent SECURITY INSIDE YOUR CLOUD Securing the datacenter from the inside is now simple with SDN Micro segment the datacenter with advanced protection between applications App App App App
  • 18. 18©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent ADAPTIVE SECURITY vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve. •Security that learns about application changes •Auto-scaled virtual security •Pay-as-you-grow for private and public cloud Telefonica: “vSEC adaptive security is a game changer.”
  • 19. 19©2017 Check Point Software Technologies Ltd. Check Point Access Policy Rule From To Application Action 3 Finance_App1 (vCenter Object) Database_Group (NSX SecGroup) MSSQL Allow 4 HR_App2 (Open StackObject) Finance_Group (ACI EndPoint Group) CRM Allow 5 User_ID SAP_App (AWS Object) SAP Allow ADAPTIVE SECURITY Reduce Firewall Tickets by 60%
  • 20. 20©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent SUCCESS More than 1,000 customers purchased vSEC in 2016 20©2017 Check Point Software Technologies Ltd.
  • 21. 21©2017 Check Point Software Technologies Ltd. XERO is a global online accounting firm servicing over 1M accounts in AWS vSEC secures all their accounts in AWS Allegiant makes leisure travel affordable vSEC secures their new NSX-based Private Cloud HAPPY CUSTOMERS [Protected] Non-confidentialcontent 21©2017 Check Point Software Technologies Ltd.
  • 22. 22©2017 Check Point Software Technologies Ltd. THE CYBER SECURITY ARCHITECTURE OF THE FUTURE THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT PREVENTION. Introducing
  • 23. 23©2017 Check Point Software Technologies Ltd. ONE SECURITY PLATFORM PREEMPTIVE THREAT PREVENTION CONSOLIDATED SYSTEM MOBILE CLOUD THREAT PREVENTION
  • 24. 24©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 24©2017 Check Point Software Technologies Ltd. Utmost Protection, Adaptive Security , Hybrid Infrastructure
  • 25. 25©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. THANK YOU Itai Greenberg | Head of Cloud Security BU