Konferencia Virtual Info jeseň 2011 www.virtualinfo.sk Check Point, Petr Kadrmas Video k tejto prezentácii si môžete pozrieť na: http://bit.ly/pYmTnL

1. Security in the cloud:
Check Point security for virtual environments
Petr Kadrmas <pkadrmas@checkpoint.com>
SE Eastern Europe
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone

2. Agenda
1 Virtualization and Security
2 Private Cloud Security
3 Public Cloud Security
4 Check Point SMB Cloud
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 2
2

3. On Data Center Consolidation
Private cloud1
28% have one 30% plan one
CIOs will virtualize
55% of production
servers next year, up
from 42% this year2
1 Information Week, June 2010
2 Morgan Stanley, June 2010
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 3
3

4. On Cloud Computing
Top concerns with private clouds
What are your greatest concerns about deploying and managing them?
Loss of control 80%
Data security 76%
Data portability and ownership 73%
Regulatory compliance 62%
Reliability 60%
Morgan Stanley
2010 CIO Cloud Survey
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 4
4

5. Enterprise Virtualization Initiatives
Top Security Challenges for Server Virtualization
What are the biggest security challenges preventing server virtualization in your
enterprise?
Lack of skills in security team 36%
Cost of new information security solutions 28%
Lack of knowledge
Can’t port existing security tools from physical in security teams
26%
to virtual world remains the
biggest challenge
Lack of security best practices for server
virtualization
24% in moving to
virtualized
Regulatory compliance issues 24% environments.
Enterprise Strategy Group
2010 Survey of enterprise decision makers
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 5
5

6. Agenda
1 Virtualization and Security
Private Cloud Security
• Secure Dynamic Cloud
2 • Security Gateway Virtual Edition
3 Public Cloud Security
4 Check Point SMB Cloud
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 6
6

7. Private Cloud - Security Needs
Protection from external threats
Inspect traffic between
Virtual Machines (VMs)
Secure new Virtual Machines
automatically
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 7
7

8. Private Cloud - Security Needs
Protection from external threats
Inspect traffic between
Virtual Machines (VMs)
Secure new Virtual Machines
automatically
VM VM VM
Hypervisor
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 8
8

9. Private Cloud - Security Needs
Protection from external threats
Inspect traffic between
Virtual Machines (VMs)
Secure new Virtual Machines
automatically
Ensure Security in dynamic
environment
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 9
9

10. Introducing Check Point
Security Gateway Virtual Edition (VE)
Check Point Secures the Private Cloud
Check Point
Security Gateway
Virtual Edition Best Virtual Security Gateway
Securing the Virtual Machines
Unified Management for
Physical and Virtual
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 10
10

11. Virtual Edition Features
Best Security
Check Point
Security Gateway
► All Software Blades Virtual Edition (VE) Firewall
VPN
► Flexible Security IPS
Antivirus
VE VM VM
Hypervisor Connector
Hypervisor
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 11
11

12. Virtual Edition Features
Best Security VMs Protection
VM VM
► Securing New VMs
► All Software Blades Automatically
► Flexible Security ► Secure Dynamic
Environment
VE VM VM
Hypervisor Connector
Inspecting Inter-VM Traffic Hypervisor
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 12
12

13. Virtual Edition Features
Best Security VMs Protection
► Securing New VMs
► All Software Blades Automatically
► Flexible security ► Secure Dynamic
Environment
VE VM VM
Hypervisor Connector
Hypervisor
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13
13

14. Virtual Edition Features
Best Security VMs Protection Unified Management
► Securing New VMs ► Same management for
► All Software Blades Automatically Physical and Virtual
► Flexible security ► Secure Dynamic
Environment ► Virtualize the Management
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 14
14

15. Virtual Edition Features
Best Security VMs Protection Unified Management
► Securing New VMs ► Same management for
► All Software Blades Automatically Physical and Virtual
► Flexible security ► Secure Dynamic
Environment ► Virtualize the Management
VM VM
Hypervisor Connector
Hypervisor
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 15
15

16. Agenda
1 Virtualization and Security
2 Private Cloud Security
Public Cloud Security
• Multitenancy Security
3 • Check Point Solution
4 Check Point SMB Cloud
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 16
16

17. Cloud Providers – Security Needs
Multitenancy: Servicing Multiple Customers
From the Same Environment
Secure
connection to the
Cloud
Cloud
Security of the
Cloud
Security within
the Cloud
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 17
17

18. Check Point Cloud Security
Check Point Secures the Public Clouds
VPN-1 Power VSX for secure connectivity with the
Public Cloud
Secured VMs and Inter-VMs connection with
Security Gateway Virtual Edition
Multi-tenancy management and customized
policy via Multi-Domain Management
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 18
18

19. VPN-1 Power VSX
“Making it Virtual”
Physical Virtual
VPN-1 Firewall Module Virtual System (VS)
VPN-1 Firewall Module in Virtual System in Bridge
Bridge mode mode
IP Router Virtual Router (VR)
Switch Virtual Switch (V-SW)
Network Cable Virtual Cable (warp link)
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 19
19

20. How does it work ?
Each Virtual System is a unique routing and security
domain featuring most Firewall and VPN-1 Power
functionality.
Each Virtual System has its own:
Security and VPN Policy
Configuration Parameters
Interfaces and Links
Secure Internal Communication Certificate
Packets arriving to a VSX gateway are routed to the relevant
firewall based on incoming interface, source or destination
IP Address
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 20
20

21. Security Virtualization Benefits
Consolidation
 Cost reduction
 The simplest management for consolidated
environments
Multi- Customers Tenancy
 Servicing multiple customers on a single system
 Dedicated management & policy per customer
 Add-on services per virtual system (IPS, URLF)
Scalability
 Adding more Virtual Systems without
additional hardware
 Unique offering of linear performance scale-up
with additional hardware
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 21
21

22. Check Point
Multi-Domain Security Management
Check Point Eases the Way to Multi-Domain
Security Management
Maximize security by segmenting
management in virtual domains
Achieve better security
with consistent global policies
Deploy multi-domain management
simply and affordably
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 22
22

23. Get Increased Flexibility and Control
Segment your Security Management Environment into
Virtual Domains
Multi Domains
Customer A Customer B Customer C Customer D Customer E
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 23
23

24. Agenda
1 Virtualization and Security
2 Private Cloud Security
3 Public Cloud Security
4 Check Point SMB Cloud
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 24
24

25. Main SMB Security Challenges
Running Your Business
While Keeping Up With:
Growing complexity in protecting your network
and data
Evolving and more sophisticated security threats
Increasing budget pressure and unpredictable
security expenses
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 25
25

26. Check Point Cloud
Management Services
Check Point
Central Management
Firewall URL Filtering
Check Point
VPN Intrusion Prevention (IPS)
Antivirus Logging & Reporting
Security Management
Anti-Spam
Best Ongoing
Protection
Your Expert Management
Business
24x7 Support
Services
Protecting Your Business, Optimizing
Performance, Uptime and Flexibility
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 26
26

27. Simple to Start
1. Determine # of users
2. Choose connection type 1. Activate service
3. Select protection package
Set It and Forget It!
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 27
27

28. Cost-Effective Offerings
Two All-in-One Packages to Choose From:
Standard Premium
 Firewall  Standard package
 VPN +
 Software Updates  Intrusion Prevention (IPS)
 Logging & Reporting  Antivirus
 Management Services  Anti-Spam
 24x7 Support Services  URL Filtering
Starts at $19 /month! Starts at $33 /month!
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 28
28

29. Summary
Check Point provides effective Cloud Security
for every enviromnet
Virtual Security Gateway For Multi-Tenant
Cloud Environments
Best Hypervisor security for Virtual
Machines
Cloud Managed Security for SMB
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 29
29

30. Thank You
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone