Defining your Private Cloud Blueprint

851 views

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
851
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Defining your Private Cloud Blueprint

  1. 1. Defining your PrivateCloud BlueprintCaroline Ikomicikomi@checkpoint.com ©2011 Check Point Software Technologies Ltd. | [[PROTECTED] – All rights reserved
  2. 2. Agenda 1 Market Landscape 2 Private Cloud Security 3 Public Cloud Security 4 Summary ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 2 2
  3. 3. The Cloud Evolution On Premise Off Premise Hybrid Cloud Private Cloud Public CloudEfficiency Virtualization SaaS Legacy Datacenter Web Hosting $11.8 billion by 2014 $55 billion by 2014 ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 3 3
  4. 4. Agenda 1 Market Landscape Private Cloud Security • VLAN Sprawl problem 2 • Secure Dynamic Cloud • Security Gateway Virtual Edition 3 Public Cloud Security 4 Summary ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 4 4
  5. 5. On Cloud ComputingTop concerns with private cloudsWhat are your greatest concerns about deploying and managingthem? Loss of control 80% Data security 76% Data portability and ownership 73% Regulatory compliance 62% Reliability 60% Morgan Stanley 2010 CIO Cloud Survey ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 5 5
  6. 6. Moving to Private Cloud Legacy DatacenterCorpnet DMZ Extranet 1:1 Server per Application 1:10 Security Zone (VLANs) per Server ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 6 6
  7. 7. Moving to Private Cloud Application VirtualizationCorpnet DMZ Extranet 1:5 Server per Application 1:1 Security Zone (VLANs) per Server ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 7 7
  8. 8. Moving to Private CloudNetworks VirtualizationCorpnet DMZ Extranet 1:20 Server per Application 5:1 Security Zone (VLANs) per Server ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 8 8
  9. 9. Moving to Private Cloud Datacenter ConsolidationCorpnet DMZ Extranet 1:100 Server per Application 20:1 Security Zone (VLANs) per Server ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 9 9
  10. 10. The VLANs Sprawl ProblemCheap and VMs Sprawl More VLANs to Everyone wantseasy to add How to secure? segment VMs more VMsapplications Hard to manage VLANs Lack of compliance Sprawl Problem Black spots Latency ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 10 10
  11. 11. Private Cloud - Security Needs Protection from external threats Inspect traffic between Virtual Machines (VMs) Secure new Virtual Machines automatically ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 11 11
  12. 12. Private Cloud - Security Needs Protection from external threats Inspect traffic between Virtual Machines (VMs) Secure new Virtual Machines automatically VM VM VM Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 12 12
  13. 13. Private Cloud - Security Needs Protection from external threats Inspect traffic between Virtual Machines (VMs) Secure new Virtual Machines automatically Ensure Security in dynamic environment ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 13 13
  14. 14. Check Point Security Gateway Virtual Edition Check Point Secures the Private Cloud Check Point Security Gateway Virtual Edition Best Virtual Security Gateway Securing the Virtual Machines Unified Management for Physical and Virtual ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 14 14
  15. 15. Secure the Virtual Infrastructure Protects Virtual Machines ► Hypervisor security VE VM VM ► Certified by VMWare ► Audit virtualization system Hypervisor Connector Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 15 15
  16. 16. Flexible Virtual Machine security The Fast Path Agent configuration options ► Bypass: Pass the packet without inspection ► Secure: Forward the packet to security gateway ► Block: Drop the packet ► Monitor-only: Inspects and log packets that would have been dropped ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 16 16
  17. 17. Virtual Edition Features Best Security Check Point Security Gateway► All Software Blades Virtual Edition Firewall (VE) VPN► Flexible Security IPS Antivirus VE VM VM Hypervisor Connector Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 17 17
  18. 18. Virtual Edition Features Best Security VMs Protection VM VM ► Securing New VMs► All Software Blades Automatically► Flexible Security ► Secure Dynamic Environment VE VM VM Hypervisor Connector Inspecting Inter-VM Traffic Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 18 18
  19. 19. Virtual Edition Features Best Security VMs Protection ► Securing New VMs► All Software Blades Automatically► Flexible security ► Secure Dynamic Environment VE VM VM Hypervisor Connector Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 19 19
  20. 20. Virtual Edition Features Best Security VMs Protection Unified Management ► Securing New VMs ► Same management for► All Software Blades Automatically Physical and Virtual► Flexible security ► Secure Dynamic ► Virtualize the Environment Management ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 20 20
  21. 21. Virtual Edition Features Best Security VMs Protection Unified Management ► Securing New VMs ► Same management for► All Software Blades Automatically Physical and Virtual► Flexible security ► Secure Dynamic ► Virtualize the Environment Management VM VM Hypervisor Connector Hypervisor ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 21 21
  22. 22. Single security management Unified administration of physical and virtualized environments Single console for Single console to IPS manage all firewall rules ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 22 22
  23. 23. Agenda 1 Market Landscape 2 Private Cloud Security Public Cloud Security • Public Cloud Potential 3 • Multi-tenancy Security • Check Point Solution 4 Summary ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 23 23
  24. 24. ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 24 24
  25. 25. Public Cloud in 2011 Few Global Clouds Many Regional Clouds25 ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 25 25
  26. 26. Cloud Providers – Security Needs Multi-tenancy: Servicing Multiple Customers From the Same Environment Secure connection to the Cloud Cloud Security of the Cloud Security within the Cloud ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 26 26
  27. 27. Check Point Cloud Security Check Point Secures the Public Clouds Use VSX for secure connectivity with the Public Cloud Secure VMs and Inter-VMs connection with Security Gateway Virtual Edition Offer Multi-tenancy management and customized policy via Multi-Domain Management ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 27 27
  28. 28. Agenda 1 Market Landscape 2 Private Cloud Security 3 Public Cloud Security Summary • Best Practices 4 • Summary ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 28 28
  29. 29. Virtualized Security Scenarios VE Securing the Virtual Environment Use the new Virtualization Software Blade to apply Virtualization Blade granular Firewall and IPC policy on traffic between virtual machines. Hypervisor VE Office in a Box Use the Security Gateway VE with FW, IPS, VPN Hypervisor and any other software blade to secure your office networks and assets VE VE VE Enterprise Security Gateways Hypervisor Consolidate your Security Gateways deployment into a virtualized environment. ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 29 29
  30. 30. Cloud Security – Best PracticesUse Firewall to segment between Virtual MachinesUse IPS to secure VMs from External and Internal threatsLet the same security Admin manage both physical andvirtual policy from a single consoleEnsure full security with zero downtown-time during VMVM live migrationLog and audit all Virtualization events and VM traffic ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 30 30
  31. 31. SummaryCheck Point Pioneers the Cloud Security Virtual Security Gateway For Multi- Tenant Cloud Environments Best Hypervisor security for Virtual Machines The only solution with unified management for Physical and Virtual ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 31 31
  32. 32. Thank You ©2011 Check Point Software Technologies Ltd. | [Highly Restricted] ONLY for designated individuals
  33. 33. Layer 2 security packet flow ESX Server 2.1.1.1 sends Pkt packet to 2.1.1.3 2.1.1.1 2.1.1.2 2.1.1.3 2.1.1.4 2.1.1.5 Pkt Agent Agent Agent Agent Agent VE Security API Pkt vSwitch Packet is not Packet intercepted in the the Packet continues inspectedAgent and forwarded to the was flow from where it again Gateway for intercepted inspection Packet passed firewall inspection and is sent back to the Agent ©2011 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 34 34
  34. 34. YOUR YEAR-ROUND IT RESOURCE – access to everything you’ll need to know
  35. 35. THE WHOLETECHNOLOGY STACKfrom start to finish
  36. 36. COMMENT & ANALYSISInsights, interviews and the latest thinking on technology solutions
  37. 37. VIDEOYour source of live information – all the presentations from our live events
  38. 38. TECHNOLOGY LIBRARY Over 3,000 whitepapers,case studies, product overviews and press releases from all the leading IT vendors
  39. 39. EVENTS, WEBINARS & PRESENTATIONS Missed the event? Download the presentations thatinterest you. Catch up with convenient webinars. Plan your next visit.
  40. 40. DirectoryA comprehensive A-Z listing providing in-depth company overviews
  41. 41. ALL FREE TO ACCESS 24/7
  42. 42. online.ipexpo.co.uk

×