Presentation is loading. Please wait.

Presentation is loading. Please wait.

Check Point vSEC STORY [Protected] Non-confidential content.

Published byIrma Bell Modified over 7 years ago

Similar presentations

Presentation on theme: "Check Point vSEC STORY [Protected] Non-confidential content."— Presentation transcript:

1 Check Point vSEC STORY [Protected] Non-confidential content

2 The Problem Of Creating New Services
Business Need Time to market is crutial - driven by customer needs , costs sensetive Served by Aplications Flexible adoptable to Business needs, fast evolution , Inovation is the key Served by Infrastructure Needs to be stable and reliant , current aproach = one layout fits all. Business Expectations Exceed Legacy Datacenter Capabilities  [Confidential] For designated groups and individuals​

3 [Confidential] For designated groups and individuals​
HYBRID CLOUD ALLOWS IT TO DELIVER APPLICATIONS IN A FRACTION OF COST AND TIME!  [Confidential] For designated groups and individuals​

4 [Confidential] For designated groups and individuals​
LEGACY SECURITY IS A SHOWSTOPPER, AND DOESN’T PROTECT APPLICATIONS FROM MODERN THREATS  [Confidential] For designated groups and individuals​

5 SECURITY IN THE HYBRID CLOUD….
Must prevent lateral move of threats between applications and not only at the perimeter Should protect new IT services and applications in seconds not in weeks Should automatically be provisioned and scale within the environment without operational overhead  [Confidential] For designated groups and individuals​

6 INSTANTLY SECURE RAPIDLY-EVOLVING SERVICES
IN ALL HYBRID CLOUD ENVIRONMENTS WITH PAY-AS-YOU-GO VIRTUAL SECURITY  [Confidential] For designated groups and individuals​

7 [Confidential] For designated groups and individuals​
SECURE YOUR MODERN DATACENTER WITH AUTOMATION AND TIGHT SECURITY BETWEEN APPLICATIONS  [Confidential] For designated groups and individuals​

8 [Confidential] For designated groups and individuals​
vSEC SECURES YOUR APPLICATIONS EVERYWHERE  [Confidential] For designated groups and individuals​

9 PREVENT LATERAL THREATS BETWEEN APPLICATIONS
CISCO ACI Tightly integrate with leading SDN Datacenter vSEC Inspects East-West traffic between physical and virtual machines with Sandblast Advanced Threat Prevention  [Confidential] For designated groups and individuals​

10 [Confidential] For designated groups and individuals​
SECURE YOUR APPLICATIONS IN THE HYBRID CLOUD vSEC for AWS Extend your vSEC Security to your Public IaaS PUBLIC IaaS vSEC for Azure PRIVATE CLOUD vSEC for vCloud Air  [Confidential] For designated groups and individuals​

11 [Confidential] For designated groups and individuals​
FROM WEEKS TO SECONDS WITH vSEC AUTOMATION  [Confidential] For designated groups and individuals​

12 vSEC SECURITY AUTOMATION USE CASES
PERFORM THESE OPERATIONS… Security is automatically provisioned Application is instantly secured Application admin never waits No tickets overhead Everything is auditable KNOWING THAT…. Change application’s networking Scale up your application Virtual Patching Provision a new application Connect a new IOT device  [Confidential] For designated groups and individuals​

13 CHANGE APPLICATION NETWORKING
Legacy Way Many Days / Manual process App owner opens ticket to FW Admin to change policy FW admin changes the policy New policy is published on the weekend Changing Web VM IP Seconds / Dynamic Process vSEC dynamically learns about this change from vCenter and all virtual and physical GWs are instantly updated vSEC Way  [Confidential] For designated groups and individuals​

14 SCALE UP YOUR APPLICATION
Many Days / Manual process Open ticket to FW Admin to change policy FW admin changes the policy New policy is published on the weekend Legacy Way Add a new Web VM cluster vSEC dynamically learn about the change and instantly update GW policy Seconds / Dynamic Process VM is automatically added to web SDN Group vSEC Way  [Confidential] For designated groups and individuals​

15 [Confidential] For designated groups and individuals​
VIRTUAL PATCHING Virtually patch your applications with vSEC IPS and advanced threat prevention before security patch is announced vSEC Way Legacy Way It takes days to test, approve and deploy a new security patch Meanwhile, vulnerability is known and applications are exposed  [Confidential] For designated groups and individuals​

16 PROVISION A NEW APPLICATION
Many hours / Manual process Develop a manual procedure for new Database Manually configure the FW to secure the new Database Legacy Way Develop an orchestration recipe for new Database with security Seconds / Automation Process Recipe is executed and provision the FW policy vSEC Way  [Confidential] For designated groups and individuals​

17 CONNECT A NEW IOT DEVICE
vSEC Portal for IOT Admin Enter the new IOT name Add Connect IOT to the network New rule is created to IOT and all GWs are instantly updated 30 Secs Manual (avoid open a ticket) Seconds / Automation Process vSEC Way  [Confidential] For designated groups and individuals​

18 [Confidential] For designated groups and individuals​
5 REASONS WHY vSEC R80 IS THE BEST SECURITY AUTOMATION SOLUTION  [Confidential] For designated groups and individuals​

19 [Confidential] For designated groups and individuals​
1st REASON Check Point vSEC & R80 Other Vendors Trusted Policy Delegation Scope automation privileges only to relevant application’s rules Giving the keys for the kingdom If you allow automation to change one rule, you allow it change any rule  [Confidential] For designated groups and individuals​

20 [Confidential] For designated groups and individuals​
2nd REASON Check Point vSEC & R80 Other Vendors Simultaneous updates Many automations can run simultaneously Entire Policy Lockdown Only one automation can run at a time  [Confidential] For designated groups and individuals​

21 [Confidential] For designated groups and individuals​
3rd REASON Check Point vSEC & R80 Other Vendors Dynamic Changes Gateways policy dynamically learns about network changes of VMs & Applications Static Changes Admin must manually update policy anytime VM networking is changed  [Confidential] For designated groups and individuals​

22 [Confidential] For designated groups and individuals​
4th REASON (roadmap) Check Point vSEC & R80 Other Vendors Auto security service chaining vSEC automatically configures SDN controller to chain security based on policy Manual security service chaining SDN Admin must manually configure the controller policy to chain security  [Confidential] For designated groups and individuals​

23 [Confidential] For designated groups and individuals​
5th REASON (roadmap) Check Point vSEC & R80 Other Vendors Application role Auto-Discovery Admin is educated on what policy to apply between VMs Security role manual discovery Admin is oblivious on what security policy to apply between VMs  [Confidential] For designated groups and individuals​

24 [Confidential] For designated groups and individuals​
THE JOURNEY TO HYBRID CLOUD STARTED BE RELEVANT STAY COMPETITIVE  [Confidential] For designated groups and individuals​

25 120K 100+ 7200+ ACI-ready customers
HYBRID CLOUD & SDN TIPPING POINT (July 2016) AZURE 120K New customers/month VMware NSX 100+ Customers spent over $1M on NSX Cisco ACI ACI-ready customers  [Confidential] For designated groups and individuals​

26 SECURITY MUST PAVE THE WAY OF THIS JOURNEY
THE EFFORT OF HYBRID CLOUD MOVING TO CLOUD IS A STRATEGIC MOVE IT TAKES TIME AND EFFORT TO REALIZE THE FULL POTENTIAL Phase #1: New Infrastructure Compute (Hypervisor) SDN (Network) Phase #2: New Applications Software Defined Applications Phase #3: New Operation DevOps & Orchestration SECURITY MUST PAVE THE WAY OF THIS JOURNEY  [Confidential] For designated groups and individuals​

27 [Confidential] For designated groups and individuals​
vSEC SECURES THE FUTURE DATACENTER TODAY  [Confidential] For designated groups and individuals​

28 [Confidential] For designated groups and individuals​
vSEC SOLUTIONS & PRODUCTS vSEC for Private Cloud with SDN vSEC for NSX vSEC for ACI vSEC for Virtual-Datacenter vSEC Virtual Edition (also known as VE) vSEC for OpenStack vSEC for Public IaaS vSEC for AWS vSEC for AZURE vSEC for vCloud Air  [Confidential] For designated groups and individuals​

29 Advanced Security for Hybrid Cloud Unified Security Control
SUMMARY: Advanced Security for Hybrid Cloud PUBLIC CLOUD PRIVATE Unified Security Control &Visibility Security Automation SECURITY THAT TAKES YOUR MODERN DATACENTER ONE STEP AHEAD [Restricted] ONLY for designated groups and individuals

30 THANK YOU [Protected] Non-confidential content

Download ppt "Check Point vSEC STORY [Protected] Non-confidential content."

Similar presentations

System Center 2012 R2 Overview

System Center 2012 R2 Overview
BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
How to protect your Virtual Datacenter Michiel van den Bos.

How to protect your Virtual Datacenter Michiel van den Bos.
Data Center Network Redesign using SDN

Data Center Network Redesign using SDN
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.

© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
AUTOMATING ADVANCED SECURITY

AUTOMATING ADVANCED SECURITY
CON8474 - Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.

CON Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.
Automating Operational and Management Tasks in Microsoft Operations Management Suite and Azure

Automating Operational and Management Tasks in Microsoft Operations Management Suite and Azure
Microsoft Azure Active Directory. AD Microsoft Azure Active Directory.

Microsoft Azure Active Directory. AD Microsoft Azure Active Directory.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.

Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.
Data Center Automation using Python

Data Center Automation using Python
Microsoft Virtual Academy. Microsoft Virtual Academy First HalfSecond Half (01) Introduction to Microsoft Virtualization(05) Hyper-V Management (02) Hyper-V.

Microsoft Virtual Academy. Microsoft Virtual Academy First HalfSecond Half (01) Introduction to Microsoft Virtualization(05) Hyper-V Management (02) Hyper-V.
Commvault and Nutanix October 2015. Changing IT landscape Today’s Challenges Datacenter Complexity Building for Scale Managing disparate solutions.

Commvault and Nutanix October Changing IT landscape Today’s Challenges Datacenter Complexity Building for Scale Managing disparate solutions.
Deep Security and VMware NSX Advanced Security Framework for the Software-Defined Data Center Anand Patil National Sales Manager, SDDC CONFIDENTIAL1.

Deep Security and VMware NSX Advanced Security Framework for the Software-Defined Data Center Anand Patil National Sales Manager, SDDC CONFIDENTIAL1.
READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.

READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.
R80 security management The Future of Security Management.

R80 security management The Future of Security Management.

Similar presentations

Ads by Google