250 likes | 441 Views
CheckPoint new security architecture and R70 highlights. What organizations want. total. security. Total security across all enforcement points. flexible. security. The right protection at the right investment. simple. security. Ease of deployment Ease of management .
E N D
What organizations want total security Total security across all enforcement points flexible security The right protection at the right investment simple security Ease of deployment Ease of management
Introducing Check Point R70 with New Software Blade Architecture
What is a software blade? • A software blade is a security building block • Independent • Modular • Centrally managed
How does it work? Select a container Select the blades Configure the system
Two options to construct your solution Option 1:A La Carte Option 2:Pre-Defined Systems* SG103 1 core 3 blades SG407 4 cores 7 blades SG805 8 cores 5 blades *Examples
Total SecurityComplete Security & Management Portfolio Security Gateway Blades Security Management Blades
Customer Benefits TOTAL • Total security across all enforcement points • Custom configuration for the right security at the right investment • Simple planning, fast deployment FLEXIBLE SIMPLE SECURITY MIGRATION • Ease of consolidation • Add/activate blades easily into existing infrastructure • Segregation of duties in a single system • Dedicate system resources per software blade • Simple migration and scaling CONSOLIDATION LOWERTCO
Check Point R70 Debut of Check Point Software Blade Architecture NEW Check Point Security Gateway R70 IPS Blade: IPS Redefined
Check Point Security Gateway R70The Evolution Continues • Main-train release featuring Software Blade architecture New IPS Software Blade Improved Core Firewall Performance New Provisioning Software Blade
Check Point IPS Blade Debut of Check Point Software Blade Architecture NEW Check Point Security Gateway R70 IPS Software Blade: Next Generation Integrated Intrusion Prevention
Check Point IPS Blade • Check Point IPS Blade: • Complete intrusion prevention integratedwith firewall • Enterprise-class performance • Comprehensive and dynamic management
New Threat Control Engine • Utilizing multiple methods of detection and analysis for accurate and confident security • Pre-emptive and accurate detection via NEW! multi-method signature & behavioral prevention engine. • Wide protection coverage for both server and client vulnerabilities. • Protection profiles with attack severity, confidence, and performance settings to automatically set protections to Detect or Prevent. • Open language for writing protections and protocol decoders. • Application Identification for application policy enforcement.
Complete Intrusion Protection • Protection against server vulnerabilities • Protection against client & OS vulnerabilities • Protection against malware and worm infections • Block stealthy P2P and IM applications • Prevent buffer overflow attacks • Protection against network reconnaissance gathering Only gateway with IPS across product line
Smoothing The Transition Performance
R70 Performance Enhancements Network • Deeper multi-core integration • Multi-tier IPS filtering engine • quickly filters ~90% of traffic • Filter attacks only on the relevant sections of the traffic • reduce overhead • Reduce false positives • Performance Improvements in Secure Platform OS Firewall Firewall … IPS Engine IPS Engine CoreXL Secure Platform Network
Ensure Total System Performance • Ensure firewall performance withload threshold safety-valve • Automatically activate protectionsbased on your criteria: • Estimated performance impact • Severity level • Confidence level
New Threat Management Requirements • Manage High Volume of IPS Events • Manage in Real Time • Manage across multiple Security functions • Adapt to Constantly Evolving Threat Environment
IPS Software Blade Timeline View Quickly go from high-level business view to detailed forensics Easily isolate important information
IPS Protection Browser • Easily Browse, Search, Set Protections • Easy navigation through protection list • Detailed protection description • Review attributes: Severity, Attack Confidence, Performance • Impact, Release Data, Industry Reference • View and adjust protection settings – Prevent, Detect, Inactive • Keyword search: easily find Attack, Protection, Category, CVE…
‘Sandbox’ New Protections Gain confidence in protections: Automatically ‘sandbox’ new protections in ‘Detect Only’ mode until you are ready to put them in Prevent mode.
Extensive Graphs and Reports Meet Compliance and Management Information Needs
Check Point R70 Summary Debut of Check Point Software Blade Architecture NEW Check Point Security Gateway R70 IPS Blade: Next Generation Intrusion Prevention