Download presentation
Presentation is loading. Please wait.
Published byJasmine Sybil McCarthy Modified over 8 years ago
1
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Moving Beyond the Perimeter with Intelligent Security Alfredo Cusin Channel Mgr Italy Paolo Della Pietra Product Manager e-Security COMPUTERLINKS pdp@computerlinks.it
2
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 2 Agenda Internet Security Drivers in 2004: Security must be intelligent Our Security Leadership: Raising the Bar Our Vision for Perimeter, Internal and Web Security Summary
3
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 3 A Changing World 19932004 Internet reliance Security threats 19962000 2004 Network Attacks Application Attacks Web Attacks Intelligent, Adaptive, Pre-Emptive Security
4
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 4 Damage Hour 1Hour 2Hour 3Etc. None Everywhere Reactive: Clean-up after the damage is done. Proactive: Catch it before the damage is done. Web Intelligent, Adaptive, and Pre-Emptive Security is a MUST
5
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 5 INSPECT Stateful Inspection Application Intelligence Web Intelligence Malicious Code Protector To Be Effective, Security Must Be Intelligent, Adaptive and Pre-Emptive
6
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 6 Check Point INSPECT – More than Deep Packet Inspection Based on INSPECT Engine: –Stateful Inspection for high-performance network protection –Application Intelligence for application-level protection Support for over 150 applications plus custom services Over 3 Gbps throughput
7
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 7 Stateful Inspection/ FireWall-1 1993 OPSEC 1997 VPN-1 1998 Application Intelligence 2001 InterSpect 2002 Web Intelligence + Malicious Code Protector 2003 Check Point: Always a step ahead of customer’s real-world challenges Check Point: Always a step ahead of customer’s real-world challenges 1994 19951996 19992000 2004 Check Point is Proactively Meeting Customer Needs
8
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 8 Application Intelligence Introduced Application Intelligence Enhanced Web Intelligence Introduced Q203 Q403 Q104 Q303 SECURITY INNOVATION ? Q204 Cisco PIX OS 6.3 Check Point security solutions are proactively adapting to meet security challenges of tomorrow…. Juniper Screen OS 5.0 InterSpect Introduced Check Point Continues to Lead by Raising the Bar in Security
9
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 9 SOURCE: Frost and Sullivan, April 2004 *Check Point Family includes all hardware revenue from OPSEC appliance partners and open server hardware Check Point 36% Cisco Juniper 26% 10% 5% 4% 19% Nortel SonicWall Other Check Point is the Global Leader
10
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 10 Blocking Attacks: Perception vs. Reality
11
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 11 CiscoNetScreen Check Point SMART Common Security Architecture -- Scalable to Manage 1000s of devices CiscoWorks VMS limited to 1000 devices - Solution Designed for Service Providers -- 1-click VPN technology -- Management High Availability -- Centralized policy & software management - Visualization of security - No way to view interaction between objects & rules SMART Security Management: No One Comes Close!
12
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 12 SMART management Worry-free protection Intelligent Security Solutions Perimeter In-depth inspection Internal Web In 2004 Check Point Launched Our Expanded Strategy: Perimeter, Internal and Web Security Protecting Beyond the Perimeter
13
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 13 Delivering Intelligent Solutions Perimeter Internal Web
14
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 14 Perimeter Security Challenges Attack protection solutions must Protect network and servers Protect applications Web, DNS, mail, SQL, Microsoft, P2P… Deploy timely defenses against new attacks Defend against known and unknown threats Secure office connectivity Cost effective management Consistent application of policy Large scale VPNs Remote employee access Easy configuration and deployment Client protection – Outside the office Resilient network availability Controllable Internet access Perimeter Security
15
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 15 Check Point Perimeter Security Solutions Application Intelligence [Q2 2003] –Fully integrated application-level protection Check Point Express [Q3 2003] –Most Comprehensive Mid-Market Solutions VPN-1 Edge [Q4 2003] –The Best Solutions for Branch Office Access Installed base 330,000+ gateways 60,000+ accounts
16
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 16 Internal Security Challenges Contain threats Prevent worms from spreading Contain attacks to a single device or network segment Compartmentalize the network Must be simple Must be fast Do not disrupt legitimate traffic Protect the Desktop Inside the office Protect the Server Secure the Data Center Internal Security
17
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 17 New Solutions Internal Security New Solutions InterSpect [Q1 2004] –New Category of Internal Security Gateways Endpoint Security [Q1 2004] –Zone Labs Integrity
18
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 18 Cumbersome configuration, management burden Limited Basic IDS/IPS No, Requires virus definitions Varies by vendor--- Pre-emptive Attack Protection Check Point InterSpect Requires setup on every device Granular policy based on explicitly allowed traffic Security policy difficult to configure and manage Seamless Deployment & Management Only from the host perspective Varies by vendor --- LAN Protocol Protection Available--- Quarantine --- Limited Network Zone Segmentation Signature and/or Response Based (Reactive) Varies by vendor --- Worm Defenses Anti-Virus Perimeter Firewalls Secure Switches/ Routers Others Try, But …
19
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 19 Web Security Challenges Protect Web servers & applications Protect against Web-specific threats Transparent security Easy-to-deploy Must not interfere with simplicity of the Web Secure Web access Unified Web portal to internal resources Protect internal resources Integrate access control Including authentication and authorization Integrate multiple logins & authentication systems Endpoint security Protect the desktop Protect the server against the desktop Web Security Web Security (Web protection and access control)
20
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 20 Internal Web Security New Solutions Web Intelligence [Q2 2004] –Web application firewall – In-depth web protection –Add-on license to VPN-1 gateways SSL Network Extender [Q2 2004] –Secure application access (non-web) over SSL Connectra Web Security Gateways [Q2 2004] –Web-based Connectivity with unmatched Security
21
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 21 Web Security & SSL VPN - Server Security Protecting the Web Server and the Operating System on which it Runs Minimal Network Access over Web Native Access ANY Application (Legacy, Terminal, ERP, Voice) through a Web Tunnel Secure Browser Access Using the Browser to access Pages, Files, E-mail through a Secure Socket Layer (SSL) Varies by vendor Endpoint Security Protecting the Web Client and the Operating System Environment, PC, PDA SSL VPNs Connectra with Web Intelligence SSL VPN Solutions
22
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 22 Check Point Raised the Bar for IPSec Check Point Sets the Bar for SSL VPN 1996199920032004 Integrated Firewall for IPSec VPN Personal Firewall in Secure Client Application Intelligence Web Intelligence & Connectra Non-Check Point SSL VPN The New Security Bar SSL VPN: 1st Gen SSL VPN with Check Point Connectra Non-Check Point SSL VPN Check Point Sets the Security Bar
23
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Summary
24
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 24 Check Point Intelligent Solutions Management VPN & Remote Access Application Access SMART Stateful Inspection Application Intelligence Integrity SecureClient Web Portal Network & Application Security Endpoint Security Integrity Integrity Clientless Security WebInternal Perimeter Granular Access Control Application Level Authorization Network Zone Segmentation SSL Remote Access IPSec Remote Access Site to Site VPN (IPSec) Web Intelligence InterSpect Internal Security Gateway Connectra Web Security Gateway VPN-1 Perimeter Security Gateway Web Intelligence SSL Network Extender VPN-1 Endpoint Security Product Line Integrated Security & Management Architecture (SMART)
25
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 25 Compartmentalizing the network Contain threats Desktop protection Server protection Data center security Web Security Perimeter Security Attack protection Secure office connectivity Remote employee access Controllable Internet Access Easy access Unified front end Integrated Authentication Content Verification Internal Security Auditable Broader Deeper Smarter Intelligent Security Solutions
26
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential 26 Summary Check Point has always anticipated customer requirements and set the security bar Our Roadmap Focuses on Layering Solutions for Perimeter, Internal and Web Security We always have … and always will! Check Point provides the industry’s best and most intelligent security solutions
27
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Thank You!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.