Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical."— Presentation transcript:

1 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical Consultant Nubit 2005

2 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Agenda  Introduction to SSL VPN Solutions  Connectra 2.0 –New Security Features Integrity Clientless Security (ICS) 3.0 –Integrity Secure Browser (ISB) –AV Checking –Enhanced Protection Levels  SSL Network Extender (SNX) –ICS Integration with R55 HFA-12

3 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Security Solution

4 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Web Threat Environment Most cyber attacks and Internet security violations are generated through Internet applications.

5 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Web Security Portfolio  SSL VPN for Web-based remote access –Connectra, The Web Security Gateway Unified SSL VPN, Web security, and Endpoint security –SSL Network Extender Network-level SSL VPN for Connectra & VPN-1  Web Application Firewall –Web Intelligence Web Security for Connectra & VPN-1  Endpoint Security –Integrity Clientless Security Integrated into Connectra, available for Web applications Securing the Web for Business Bringing Business to the Web

6 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Introducing Connectra Web Connectivity with Unmatched Security Web Security Gateway Features Secure Web-Based Connectivity Integrated Server Security Adaptive Endpoint Security One-Click SSL Extranet Seamless Network Deployment and Management SSL VPN Integrated Security Integrated Security Easy Deployment Easy Deployment

7 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Connectra – The Web Security Gateway Security will be the #1 buying criteria for SSL VPN gateways in 2005 Key Advantage Today = MOST SECURE Endpoint Security Integration Integrated Attack Prevention “Endpoint security integration was the #1 reason we chose Check Point.” - Large Energy Company “Endpoint security is an escalating problem as SSL VPNs go mainstream.” - John Girard, VP of Gartner

8 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Introducing SSL Network Extender Secure Network-Level Connectivity over the Web SSL  Network-level connectivity over SSL VPN –Browser Plug-in  Supports all IP-based applications –TCP, UDP, ICMP, FTP, etc.  Integrated with Check Point Gateways –Connectra Enables native applications support –VPN-1 Combined IPSec and SSL

9 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Introducing Web Intelligence Protection for the Entire Web Environment Web application firewall technology for Check Point products.  Advanced Product Features –Malicious Code Protector ™ Patent-pending technology that catches buffer overflow attacks and other malicious code. –Advanced Streaming Inspection Extends the inspection and reconstruction capabilities of the INSPECT architecture by adding active traffic control of live traffic streams. –Simple Deployment and Management Built to be quickly deployed to protect Web servers without complex tuning and configuration.  Seamless Integration with Check Point Products Provides protection for the entire Web environment. Included in Connectra Available as an add-on to VPN-1 gateways Will be available on InterSpect Web Servers

10 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Introducing Integrity Clientless Security Key Benefits Stops ID and password theft, prevents data loss Makes it easy to secure non-IT controlled PC’s that access the enterprise network Prevents any non-compliant remote PC from compromising enterprise security Key Features Spyware Detection & Remediation Simple Deployment & Maintenance Network Access Policy Enforcement Integrates with Web Applications- Outlook Web Access, Extranet Portals Integrated with Connectra

11 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Integrity Secure Browser Configuration  Windows Only Solution –IE Offers Transparent Install –Other Browsers are Supported Manual Prompt to Install ISB –Mozilla, Netscape & Opera –Subsequent Connections will not require reinstallation

12 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Integrity Secure Browser

13 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Connectra 2.0 ICS 3.0 Integration  Integrity Secure Browser –ISB will safeguard data in: Password and Form fields URL history cached files recently-used files –Warns users of potentially unsafe actions Copy to local Clipboard Download Files

14 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Protection Level Enhancements  Added Options to require ICS &/or ISB  Enables Access to applications where ICS/ISB support is not currently available –Macintosh & Linux users can now connect even if ICS is enabled

15 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential ICS 3.0 Anti-Virus Checking  AV Checking Support for –Trend PC-cillin &OfficeScan –CA eTrust & VET –Symantec Norton Antivirus –Sophos AV –McAfee VirusScan –Zone Alarm Antivirus  DAT file version restrictions –Minimum DAT file version –DAT file creation date should be newer than –DAT file should be no older than days  You can check that the Anti Virus is: –Installed –Installed and running  Custom Error Message for Out of Compliance AV –Shared by all AV Checks

16 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Connectra Appliance vs. Software Comparison 501002505001,000U Connectra Series 1000 Cat 4 $10,000$15,000$24,000 Connectra Series 2000 Cat 4 $24,000$36,000$54,000 Connectra Series 6000 Cat 4 $44,000$60,000$90,000 Connectra SW Cat 1 $8,000 $15,000$30,000$50,000$60,000

17 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential SSL Network Extender for VPN-1

18 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential R55 HFA-12 SNX & ICS  R55 SNX Integrated with ICS 2.2 –AV Checking –File/Registry checks Requirement or Prohibition Observation Mode remote nodes  Separate Installations of ICS & VPN-1  Each Product is licensed & purchased independently  Manual Process for updating configuration file on VPN-1 gateways –$FWDIR/conf/extender/request.xml

19 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential ICS 2.2 Overview Browser control (ActiveX) sent to users before they log into their web based application. Scans, identifies, and disables spyware Displays detected threats and provides removal assistance Optionally, enforces security policy compliance by preventing network access to PCs that contain screened software, have outdated anti-virus definitions, or are missing other requirements

20 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential ICS Integration with SNX  User Presented with ICS Scan prior to authentication  Same ICS scan for all users per gateway  No Protection Level Granularity as with Connectra

21 ©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Thank You Questions???

Download ppt "©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
© 2012 All rights reserved to Ceedo. Enhanced Mobility with Tighter Security.

© 2012 All rights reserved to Ceedo. Enhanced Mobility with Tighter Security.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Next Generation with Application Intelligence Protection Against Network.

©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Next Generation with Application Intelligence Protection Against Network.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
ISSA Presentation. Agenda Remote Access Evolution SSL VPN Drivers Why SSL VPNs Basic Deployment Security vs. IPSec The New Security Concerns Addressing.

ISSA Presentation. Agenda Remote Access Evolution SSL VPN Drivers Why SSL VPNs Basic Deployment Security vs. IPSec The New Security Concerns Addressing.
1 Trend Micro InterScan Web Security Suite ™ 2.5 戴 燊 Samson Tai 趨勢科技 台灣區技術行銷部 技術顧問.

1 Trend Micro InterScan Web Security Suite ™ 2.5 戴 燊 Samson Tai 趨勢科技 台灣區技術行銷部 技術顧問.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Firewalls As Presented by Brian Dunn. Definition General Protects computer(s) from unauthorized access Types Hardware devices Software programs.

Firewalls As Presented by Brian Dunn. Definition General Protects computer(s) from unauthorized access Types Hardware devices Software programs.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Designed By: Technical Training Department

Designed By: Technical Training Department

Similar presentations

Ads by Google