1 / 38

Check Point

Check Point. SOFTWARE-DEFINED PROTECTION. E nterprise S ecurity B lueprint. TECHNOLOGY IS EVERYWHERE. The Internet of things BRINGS WITH IT NEW challenges. AN EVER- CHANGING THREAT LANDSCAPE. Every year THREATS are becoming more sophisticated and MORE FREQUENT. 2014. 2010. 2007.

lottie
Download Presentation

Check Point

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Check Point SOFTWARE-DEFINED PROTECTION Enterprise Security Blueprint [Confidential] For designated groups and individuals

  2. TECHNOLOGY IS EVERYWHERE The Internet of things BRINGS WITH IT NEW challenges [Confidential] For designated groups and individuals

  3. AN EVER- CHANGING THREAT LANDSCAPE Every year THREATSare becoming more sophisticated andMORE FREQUENT 2014 2010 2007 2004 1997 RANSOMWARE HACTIVISM STATE SPONSORED INDUSTRIAL ESPIONAGE NEXT GEN APTS (MASS APT TOOLS) UTILIZING WEB INFRASTRUCTURES (DWS) VIRUSES AND WORMS ADWARE AND SPYWARE DDOS APTS [Confidential] For designated groups and individuals

  4. THREATS BECOME A COMMODITY *Source: http://www.forbes.com [Confidential] For designated groups and individuals

  5. EVOLVING AND COMPLEX IT ENVIRONMENTS IT environments have EVOLVEDwith new EMERGINGtechnologies [Confidential] For designated groups and individuals

  6. HOW TO PROTECT AND MANAGE SUCH ENVIRONMENTS? [Confidential] For designated groups and individuals

  7. WE NEED SECURITY that is MODULAR AGILE SECURE!!! [Confidential] For designated groups and individuals

  8. Introducing SOFTWARE –DEFINED PROTECTION Today SECURITY for Tomorrow’s THREATS [Confidential] For designated groups and individuals

  9. SOFTWARE – DEFINED PROTECTION MANAGEMENT LAYERIntegrates security with business process CONTROL LAYERDelivers real-time protections to the enforcement points ENFORCEMENT LAYERInspects traffic and enforces protection in well-defined segments [Confidential] For designated groups and individuals

  10. ENFORCEMENT LAYER RELIABLE and FAST to deal with demanding IT networks and hosts. [Confidential] For designated groups and individuals

  11. ENFORCEMENTLAYER Enforcement points MEDIATE interactions between users and systems and EXECUTE protections CLOUD SECURITY MOBILE SECURITY NETWORK SECURITY GATEWAY ENDPOINT SECURITY VIRTUAL SYSTEMS [Confidential] For designated groups and individuals

  12. HOW TO PROTECT BOUNDLESS ENVIRONMENTS? [Confidential] For designated groups and individuals

  13. SEGMENTATION IS THE NEW PERIMETER In today’s NETWORKS, there is no single perimeter. Smartphones, clouds, and cloud move DATA and networks across boundless computing environments. [Confidential] For designated groups and individuals

  14. SEGMENTATION METHODOLOGY ATOMIC SEGMENTS STEP 1 Elements that share the same policy and protection characteristics SEGMENT GROUPING STEP 2 Grouping of atomic segments to allow modular protection CONSOLIDATION STEP 3 Protect interactions and data flow between segments TRUSTED CHANNELS STEP 4 Of physical and virtual components, as network security gateways or as host-based software [Confidential] For designated groups and individuals

  15. SEGMENTING YOUR NETWORK Atomic segment Group of Segments Consolidation [Confidential] For designated groups and individuals

  16. CONTROL LAYER Generates SOFTWARE-DEFINED protections and deploys them at the appropriate ENFORCEMENT points. [Confidential] For designated groups and individuals

  17. CONTROL LAYER Generate PROTECTIONS [Confidential] For designated groups and individuals

  18. ACCESS CONTROL AND DATA PROTECTION Control interactions between users, assets, data and applications Protect data in motion and at rest [Confidential] For designated groups and individuals

  19. NEXT GENERATION FIREWALL Controls interactions between USERS, ASSETS, DATA and APPLICATIONS [Confidential] For designated groups and individuals

  20. MOST ORGANIZATIONS ARE USING FIREWALLS TODAY AND IT WORKS QUITE WELL… BUT… [Confidential] For designated groups and individuals

  21. WHAT ABOUT PROTECTING AGAINST Zero Day Exploits? [Confidential] For designated groups and individuals

  22. THE THREATS WE NEED TO PREVENT Know Knows Know Unknowns Unknown Unknowns Threats we know we don’t know Threats we don’t know we don’t know Threats we know we know ANTI VIRUS THREAT EMULATION ANTI BOT ANTI BOT IPS [Confidential] For designated groups and individuals

  23. WHAT IS NEEDED? [Confidential] For designated groups and individuals

  24. THREAT PREVENTION Updated protections in REAL-TIME Utilizing the same enforcement points for real time dynamic Threat Prevention protections [Confidential] For designated groups and individuals

  25. EFFCTIVE THREAT PREVENTION IS BASED ON INTELLIGENCE [Confidential] For designated groups and individuals

  26. THREAT INTELLIGENCE REAL-TIME collaborative and open INTELLIGENCE translate into SECURITY protections. [Confidential] For designated groups and individuals

  27. THREAT INTELLIGENCE REAL-TIME collaborative and open INTELLIGENCE translate into SECURITY protections. [Confidential] For designated groups and individuals

  28. MANAGEMENT LAYER The MANAGEMENT Layer ORCHESTRATES the infrastructure and brings the highest degree of AGILITY to the entire architecture. [Confidential] For designated groups and individuals

  29. MANAGEMENT LAYER BRINGSthe SDP architecture to LIFEby integrating security with business processes VISIBILITY 360 degree situational awareness MODULARITY Support segmentation and segregation of management duties AUTOMATION Automates security policy administration and synchronizes it with other systems [Confidential] For designated groups and individuals

  30. MODULARITY ENDLESS FLEXIBILITY with LAYERS of POLICIES Management modularityprovides the flexibility to manage each segment and control Segregation of duties Layers of policy

  31. AUTOMATION OPEN INTERFACES support business process changes Open API Web services

  32. SDP AND SDN WORKING IN SYNERGY SDN An emerging network architecture, decoupling network control and data planes. Data flows between network nodes controlled via a programmable network SDN controller. SDP An overlay architecture enforcing security traffic flows within an SDN network Data flows are programmed to pass through SDP enforcement points

  33. VISIBILITY SITUATION AWARENESS & INCIDENT RESPONSE Collects information from every enforcement point Situation awareness view Generation of new protections

  34. SUMMARY [Confidential] For designated groups and individuals

  35. SOFTWARE – DEFINED PROTECTION MODULAR AND DYNAMIC SECURITY ARCHITECTURE FAST AND RELIABLE ENFORCEMENT WITH REAL-TIME INTELLIGENCE TODAY’S SECURITY ARCHITECTURE FOR TOMORROW’S THREATS [Confidential] For designated groups and individuals

  36. CHECK POINT SOFTWARE – DEFINED PROTECTION MANAGEMENT LAYERCheck Point Next Generation Security Management CONTROL LAYERNext Generation Firewall, Threat Prevention, ThreatCloud™ ENFORCEMENT LAYERNetwork, Host, Mobile, Cloud [Confidential] For designated groups and individuals

  37. GO TO WWW.checkpoint.com/sdp TO DOWNLOAD THE WHITE PAPER [Confidential] For designated groups and individuals

  38. THANK YOU! [Confidential] For designated groups and individuals

More Related