Check Point 2013

626
-1

Published on

Обзор продуктовой линейки Check Point 2013

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
626
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • 10 24 40
  • Now: User, application , regardless of where I connect from
  • with User and Machine awareness, Check Point is introducing unique technologies that enable a seamless integration with eth corporate Active Directory in order to obtain a real time picture of actual users, user-groups and specific machines used within the corporate network. Provides complete user identification with seamless and agent-less Active Directory integrationWith this new dimension we can create new firewall policies ( but not only) that actively discriminate based on the identity of the user or the machine used.
  • Can create control from here, then 2)UserCheck slide, then 3) User/Machine awareness with AD integrationSo show 3 points first, then the examples.Providing example of Application control usage across all Software Blades, the most evident is the Firewall itself. Starting from our legacy rule based method, adding the new dimension of applications you can now classify polices with more details granularityClassification can be done not only on a application level but also on a application category levelFinally using both dimensions of user awareness and application awareness, you can easily add strong policies per application and per specific user group
  • The second dimension provides fine-grain internet application awareness to the Check Point security gateway. Check Point’s application control library scanning and detection of more than 4,500 distinct applications and over 50,000 social networking widgets across a wide range of categories including Instant Messaging, Peer-to-peer file sharing, Social Networking, Web 2.0, Voice-over-IP, Anonymizers, IPTV, Multimedia, Games, Virtual Worlds, and Unified Communication. These applications are classified in different levels of business and non-business categories enabling a strong and flexible choice of parameters for any given policy. The applications are organized into 150 categories including categories for communication, IM, entertainment, commercial, financial, computing, government and a lot more.
  • Ask - Before defining a policy, we want to better understand usage patterns
  • SystemsRequirementCheck Point Security Gateway from these versions R71.50 R75.20 with the FLOW_HF_SHREK hotfix (EA only)R75.40 iOS 5.0 and above on these devices: iPod touchiPadiPad 2 and iPad 3iPhone 3GsiPhone 4 and 4s.Android 4
  • Tablet Computer Stock Photo  File #18993029 
  • Out of the box (>270)Wide range of predefined data typesBest practicesUser custom data types
  • So where are we going with data protection?In 2011, we plan to go beyond protecting data in motion.By the end of the year, we’ll have a document security blade
  • Document security provides very granular protection So we can protect documents while we are using themControlling specific actions like edit and printAnd extending our UserCheck framework to prompt and educate users on protection policy.And because users can be involved in choosing the protection profile, they can follow the company policy to protect information that THEY know to be confidential.
  • So now, I can work securely within my most common business applications,And I can extend security beyond my network perimeter to allow me to share encrypted documents easily and securely with business partners and other users outside my company.And of course all actions on the protected document are being audited and rolled up into our common SmartEvent and SmartReporter
  • As users work from a wide verity of devices, it is important to allow them to access and consume protected documents from any device. The document security provides a fully transparent experience on PC machines that run the document security thin client, however, also providing a simple experience for people consuming protected documents on their iPhone, iPad and Android devices, via a dedicated application. Any document is also accessible via a simpler web-portal for access from any other device.
  • Now it becomes even better – with R75.20.
  • SSL Encryption – used to secure communication of sensitive informatione.g. online banking, shopping, webmail, even social networksMore and more traffic is transmitted in secure channelsEncrypted traffic should be subjected to the same security measures (as traffic in-the-clear)
  • Today we present Check Point’s Compliance blade which changes the way organizations manage compliance!
  • Gain granular visibility with SmartEvent
  • Slide 15: Unified Management reporting: Come PCI Audit time, you go print a report from your Firewall, one from your DLP, one from IDS, one from your SIEMS, one from your endpoint and bind it into a book and give it to your auditor and pray !!! The beauty of unified management is that when you fact that you have a unified view, you can create a single application to deal with auditing, compliance and reporting.
  • Check Point 2013

    1. 1. Продукты и решения Check Point Дмитрий Воронков dvoronkov@checkpoint.com Консультант по безопасности Check Point Software Technologies ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution
    2. 2. Мировой лидер ► 100% Security Global Footprint ► Свыше 170,000 защищенных бизнесов ► Свыше 60 миллионов пользователей ► Leader Мировой лидер firewall/VPN и защиты данных 100% of Fortune 100 ► 100% фокус на безопасности ► Более 1,500 экспертов по безопасности ► Более 66,000 сертифицированных специалистов Check Point по всему миру ► 2,300 сотрудников, HQ в Израиле и США, 80 офисов в 30 странах ► 3,000 партнеров в 88 странах ► 120 авторизированных учебных центров ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 2 2
    3. 3. ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 3 3
    4. 4. 360° Check Point - лидер рынка Magic Quadrant Enterprise Network Firewalls Magic Quadrant Unified Threat Management ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 4 4
    5. 5. Результаты тестирования NSS 2013  Firewall 100% Security Effectiveness  Next Generation Firewall 98.5% Security Effectiveness  Intrusion Prevention System 99% Overall Protection  NSS Labs Recommend Rating ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 5 5
    6. 6. Check Point Software Blades Революционная технология для построения IT безопасности Интегрированная End-to-End Безопасность Гибкость и простота Защита инвестиций ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 6 6
    7. 7. Простота внедрения One-click активация функционала (блейда) Из единой централизованной консоли Application Control Identify and control usage of thousands of applications based on user and machine identity. ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 7 7
    8. 8. Шлюзы безопасности 61000 серия 21000 серия Линейка аппаратных, программных и виртуальных решений! 12000 серия (3 модели) 4000 серия (4 модели) 2200 серия Ultra High-End Datacenter Grade Small Office – Desktop Enterprise Grade ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 8 8
    9. 9. Полный контроль на всех уровнях безопасности IPS Anti-Bot Antivirus Полная видимость Mobile Access DLP Application Control URLF SmartEvent Identity Awareness ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 9 9
    10. 10. Определение политики Новый подход: Стандарт: ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 10 10
    11. 11. Интеграция с Active Directory Includes User Identification Corporate Active Directory Security Gateway User- and group-aware Machine-aware Идентификая по компьютеру, группе или пользователю. Поддерживаются терминальные сервера MS & Citrix. ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 11 11
    12. 12. APPLICATION CONTROL SOFTWARE BLADE ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 12 12
    13. 13. Определение приложение и контроль Протоколирование, разрешение, блокировка или ограничение использования приложение на уровне пользователя их группы ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 13 13
    14. 14. Check Point AppWiki Самая большая в мире библиотека приложений Более 4,900 приложений Более 310,000 виджетов Разбит на 30+ категорий (например: Web 2.0, IM, P2P, Voice & Video, File Share) appwiki.checkpoint.com ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 14 14
    15. 15. UserCheck агент ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 15 15
    16. 16. Реальность внедрения Разные варианты реагирования, Вовлекает пользователя Accept / Drop Традиционный подход для ясных случаев Inform Разрешить, но проинформировать пользователя о риске Ask Изучить типичное поведение и учесть при формировании политики Limit Сохранить ресурсы, не блокируя лишнего ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 16 16
    17. 17. Механизмы защиты ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 17 17
    18. 18. Механизмы защиты IPS Защита от существующих атак Antivirus Защита от вирусов и червей Anti-Bot Блокировка трафика зараженных компьютеров Emulation Защита от 0-Day атак ©2013 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. | 18
    19. 19. INSPECT EMULATE SHARE PREVENT Stop undiscovered attacks with Check Point Threat Emulation ©2013 Check Point Software Technologies Ltd. 19
    20. 20. Joseph H. Nyee Resume Report Threat Emulation @ Work Abnormal file activity ―Naive‖ processes created Joseph_Nyee.pdf Tampered system registry Remote Connection to Command & Control Sites A STANDARD CV? File System Activity System Registry System Processes Network Connections ©2013 Check Point Software Technologies Ltd. 20
    21. 21. Anyone can submit files for THREAT EMULATION threats@threats.checkpoint.com threatemulation.checkpoint.com ©2013 Check Point Software Technologies Ltd. 21
    22. 22. MOBILE ACCESS SOFTWARE BLADE ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 22 22
    23. 23. Подключение с любых устройств Защищенное Secure Check соединение с Point Web Portal Mobile смартфонов и App планшентников Check Point Mobile VPN VPN App Защищенное соединение с других устройств Secure SSL VPN Portal Web Portal Mobile Access Software Blade on a Check Point Gateway ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 23 23
    24. 24. Клиент бесплатно доступен в магазине приложений ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 24 24
    25. 25. Mobile Access Blade Просто защищенный доступ С любого устройства PC  Check Point Mobile for Windows   Web Lightweight IPSec client with compliance check On-demand VPN client (SNX)   SSL VPN portal  SmartPhone ESOD Check Point Mobile for iPhone / iPad    Check Point Mobile for Android SecureWorkspace Win, Mac and Linux  Active Sync support ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 25 25
    26. 26. Check Point Mobile Container Изоляция и шифрование корпоративной информации Business Data Идентификация перед доступом к даннам Personal Data & Apps Защита от jailbreak / rooted устройст ©2013 Check Point Software Technologies Ltd. 26
    27. 27. DATA LOSS PREVENTION (DLP) SOFTWARE BLADE ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 27 27
    28. 28. Check Point DLP Совмещение технологий позволяют DLP работать John.Stevens@yahoo.com Предотвращение Corporate Strategy Green World Strategy Plan 2010 John, Data Loss Prevention Alert An email that you have just sent has been quarantined. Let’s review the corporate strategy in our morning attached document contains meeting. Reason: Обучение confidential internal data The message is being held until further action. Send , Discard , or Review Issue Реальное применение ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 28 28
    29. 29. Check Point DLP Понимает множество форматов файлов и типов данных Форматы файлов ► Более 600 форматов файлов Типы данных ► Более 250 типов ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 29 29
    30. 30. Check Point DLP Переход от обнаружения к предотвращению Предотвращение злонамеренных и неумышленных действий Поддержка технологии Software Blade Поддержка протоколов HTTP, SMTP, FTP и … теперь для HTTPS! Способы оповещения пользователей UserCheck/E-mail Масштабирование ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 30 30
    31. 31. Endpoint Security ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 31 31
    32. 32. Check Point Endpoint security Наиболее полное единое решение! Firewall Disk Encryption Anti Malware Secure Browsing Единая консоль управления! Media Encryption VPN ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 32 32
    33. 33. Защита документов ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 33 33
    34. 34. ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution
    35. 35. Check Point Document Security Документы остаются закодированными– при хранение, при пересылке, в использовании  Безопасный и контролируемый обмен с внутренними и внешними пользователями  Детализированный отчеты  Легкая интеграция и использование В приложениях MS Office и Acrobat ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 35 35
    36. 36. Защитить документ – это просто Выбираем авторизованных пользователей и классификация для защиты документа Restricted ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 36 36
    37. 37. Простой доступ к защищенному документу Прозрачный доступ с Document Security Client Прозрачный доступ с iPhone, iPad и Android ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Доступ через веб портал с других устройств | [Protected] For public distribution 37 37
    38. 38. Управление из облака Глобальная система управления и доступа к документу из любой точки планеты без установки и поддержания сервера управления Document Security Security Administrator End User  Доступ к документу из любого места  Единая учетная запись с любого устройства  Простой Web портал с политиками и аудитом  Подключение к AD для управления пользователями и группами ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 38 38
    39. 39. Check Point GO  Удаленный доступ и безопасная обработка информации  Виртуальная рабочая среда  Plug-and-play, без установки и перезагрузки ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 39 39
    40. 40. Привычная среда Windows Разрешенные приложения Переключение между рабочими столами Доступ к зашифрованным данным Доступ к корпоративным ресурсам ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 40 40
    41. 41. Больше безопасности с… Check Point Во всех блейдах безопасности! ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 41 41
    42. 42. SSL траффик Все больше траффика передается по защищенным каналам Для защиты коммерческой и персональной информации ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 42 42
    43. 43. Анализ SSL траффика В всех блейдах безопасности DLP IPS Application Control Antivirus & Anti-Malware URL Filtering Выписывается сертификат – в браузере не будет ошибки! ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 43 43
    44. 44. HTTPS инспекция HTTPS инспекция входящего трафика   Поддерживает импорт сертификатов с HTTPS сервера, для анализа входящиго трафика Работает для всех блейдов безопасности ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 44 44
    45. 45. Check Point Endpoint Security UTM-1 Edge N Series ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 45 45
    46. 46. Check Point ATM Security Solutions     Endpoint Security UTM-1 Edge N Series     Защищенный удаленный доступ Антивирус и МСЭ Шифрование данных на ATM Контроль внешних портов Защищенный удаленный доступ Защита от сетевых атак Встроенный ADSL модем Возможность подключения по 3G Единая консоль управления и мониторинга ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 46 46
    47. 47. Представляем Check Point Check Point DDoS Protector™ Защита от DDoS атак за секунды! ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 47 47
    48. 48. Решения DDoS Protector Enterprise Grade  Up to 3 Gbps throughput  2M concurrent sessions  1 Mpps max. DDoS flood attack rate Datacenter Grade  Up to 12 Gbps throughput  4M concurrent sessions  10 Mpps max. DDoS flood attack rate  7 моделей  От 1GbE медные и 10GbE оптические порты  Низкий уровень задержки ©2012 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Unrestricted] For everyone | 48 48
    49. 49. Централизованное управление ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 49 49
    50. 50. Централизованное управление Единая консоль управления ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 50 50
    51. 51. Compliance Software Blade Compliance Check Point Presents: The first integrated and fully automated security and compliance monitoring ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 51 51
    52. 52. Соответствие стандартам становится проще [Restricted] ONLY for designated groups and individuals ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 52 52
    53. 53. Детализация по различным критериям [Restricted] ONLY for designated groups and individuals ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 53 53
    54. 54. Отчеты [Restricted] ONLY for designated groups and individuals ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 54 54
    55. 55. Как же стандарты отражаются на политике? PCIDSS ISO 27001 Cobit 4.1 HIPAA GLBA ISO 27002 NIST 800-41 ©2013 Check Point Software Technologies Ltd. | [Protected] For public distribution 55 55
    56. 56. SMARTEVENT SOFTWARE BLADE ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 56 56
    57. 57. Язык бизнеса? Разные ip адреса 200,000 Доступ с разных устройтв Событий Доступ из разных мест безопасности Используются различные приложения ©2011 Check Point Software Technologies Ltd. [Unrestricted] — Forrights reserved. | ©2013 Check Point Software Technologies Ltd. | [Protected] All public distribution [Restricted] ONLY for designated groups and individuals 57 57
    58. 58. Мы предлагаем: Отображение событий безопасности в простой и понятной форме ©2011 Check Point Software Technologies Ltd. [Unrestricted] — Forrights reserved. | ©2013 Check Point Software Technologies Ltd. | [Protected] All public distribution [Restricted] ONLY for designated groups and individuals 58 58
    59. 59. 360º Видимости всех событий безопасности ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 59 59
    60. 60. Построение отчетности Унифицированная система отчетов SOX Compliance ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 60 60
    61. 61. Check Point SmartLog Простой и интуитивно понятный поиск по событиям ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 61 61
    62. 62. 3D Security Report Tool ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution 62 62
    63. 63. Спасибо! Дмитрий Воронков dvoronkov@checkpoint.com Консультант по безопасности Check Point Software Technologies ©2013 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals | [Protected] For public distribution

    ×