Check Point: Introducing Software-defined Protection | Cyber Security Software


– [Announcer] Technology is all around us, and keeps evolving on a daily basis. Proprietary systems are
much more open and connected today and therefore are more
vulnerable to security threats. If technology evolves fast, so do threats. Every year, they’re becoming more frequent and more sophisticated. IT environments have also evolved quickly from simple and static to
dynamic infrastructures, expanding to private and public clouds, branch offices, remote users, and so on. The traditional way to
secure such environments has been to deploy point
security products everywhere. But this method causes a new challenge. It became too complex
to deploy and manage, and most importantly, in many cases it does not protect against
new types of threats. Enterprises need advice. We need new security
architecture that is modular, agile, and most importantly secure. Check Point introduces software-defined protection architecture, a
new security architecture to protect organizations today
against tomorrow’s threats. Software-defined protection partitions the security architecture into
three interconnected layers: enforcement, control, and management. Let’s start with the enforcement layer. The enforcement layer inspects traffic and enforces protections
through enforcement points. Enforcement points can
be deployed via software, installed on computers or smart phones, as physical appliances,
or virtual gateways on-site or on the cloud. One of the questions is where to deploy these enforcement points in our network. When networks were simple we could enforce protections on
the perimeter alone. But when perimeters are not well-defined, where should enforcement
points be deployed? Segmentation is the answer,
it is the new perimeter. By dividing a complex environment into small segments based
on security profiles, and deploying an enforcement point at the boundary of each segment,
the environment is secure. The next element of our
security architecture is the control layer. It is where protections are generated and security policies are pushed
to the enforcement points. Using access control and
data protection policies, administrators define rule-based policies to control interactions between users, assets, data, and applications. This is basically a firewall
and next generation firewall. These policies also control
data at rest and in motion. Most organizations are using firewalls and it works quite well, but we also need to protect organizations against the bad guys and
the evolving threats. We need to implement
protections that can identify known and unknown attacks
we haven’t seen yet. Threat prevention is part
of the control layer. Here the threat protections
are being updated in real time and automatically protected
by the enforcement points. The key for effective threat
prevention is intelligence. Threat intelligence should be built from as many resource as possible, processed and translated
into new security protections and fed to all enforcement
points in real time. The third layer is the management layer. That brings the SDP architecture to life. The management layer has
three key characteristics: modularity, automation, and visibility. Modularity provides a layered policy with the ability to segregate
administrative duties for optimum management flexibility. Automation and openness allow integration with third-party systems,
creating policies and protection in real time. And finally, visibility,
the ability to collect security information from
all enforcement points, providing a global view of the security posture of the organization. Software-defined protection
delivers a modular and dynamic infrastructure
that adapts quickly to evolving threats and IT environments. Check Point defined and
embraced the SDP architecture and provides the
flexibility needed to cope with new threats and
embrace new technologies. Check Point offers a wide-range
of enforcement points, including high-performance
network security appliances, virtual gateways, and point-host software and mobile device applications. It can be deployed at
the enterprise network or in the cloud. Check Point has the best next generation firewall in the market. Our threat cloud is the
largest open big data real-time threat knowledge base that feeds our enforcement points in real time. And finally, Check Point architecture is managed from a unified security console that is modular, highly scalable and open to third-party systems. Check Point provides the
security architecture organizations need today to protect against tomorrow’s threats. For more information about SDP, go to: www.checkpoint.com/sdp (upbeat music)

Leave a Reply

Your email address will not be published. Required fields are marked *