Now: User, application , regardless of where I connect from
with User and Machine awareness, Check Point is introducing unique technologies that enable a seamless integration with eth corporate Active Directory in order to obtain a real time picture of actual users, user-groups and specific machines used within the corporate network. Provides complete user identification with seamless and agent-less Active Directory integrationWith this new dimension we can create new firewall policies ( but not only) that actively discriminate based on the identity of the user or the machine used.
Can create control from here, then 2)UserCheck slide, then 3) User/Machine awareness with AD integrationSo show 3 points first, then the examples.Providing example of Application control usage across all Software Blades, the most evident is the Firewall itself. Starting from our legacy rule based method, adding the new dimension of applications you can now classify polices with more details granularityClassification can be done not only on a application level but also on a application category levelFinally using both dimensions of user awareness and application awareness, you can easily add strong policies per application and per specific user group
The second dimension provides fine-grain internet application awareness to the Check Point security gateway. Check Point’s application control library scanning and detection of more than 4,500 distinct applications and over 50,000 social networking widgets across a wide range of categories including Instant Messaging, Peer-to-peer file sharing, Social Networking, Web 2.0, Voice-over-IP, Anonymizers, IPTV, Multimedia, Games, Virtual Worlds, and Unified Communication. These applications are classified in different levels of business and non-business categories enabling a strong and flexible choice of parameters for any given policy. The applications are organized into 150 categories including categories for communication, IM, entertainment, commercial, financial, computing, government and a lot more.
Ask - Before defining a policy, we want to better understand usage patterns
SystemsRequirementCheck Point Security Gateway from these versions R71.50 R75.20 with the FLOW_HF_SHREK hotfix (EA only)R75.40 iOS 5.0 and above on these devices: iPod touchiPadiPad 2 and iPad 3iPhone 3GsiPhone 4 and 4s.Android 4
Tablet Computer Stock Photo File #18993029
Out of the box (>270)Wide range of predefined data typesBest practicesUser custom data types
So where are we going with data protection?In 2011, we plan to go beyond protecting data in motion.By the end of the year, we’ll have a document security blade
Document security provides very granular protection So we can protect documents while we are using themControlling specific actions like edit and printAnd extending our UserCheck framework to prompt and educate users on protection policy.And because users can be involved in choosing the protection profile, they can follow the company policy to protect information that THEY know to be confidential.
So now, I can work securely within my most common business applications,And I can extend security beyond my network perimeter to allow me to share encrypted documents easily and securely with business partners and other users outside my company.And of course all actions on the protected document are being audited and rolled up into our common SmartEvent and SmartReporter
As users work from a wide verity of devices, it is important to allow them to access and consume protected documents from any device. The document security provides a fully transparent experience on PC machines that run the document security thin client, however, also providing a simple experience for people consuming protected documents on their iPhone, iPad and Android devices, via a dedicated application. Any document is also accessible via a simpler web-portal for access from any other device.
Now it becomes even better – with R75.20.
SSL Encryption – used to secure communication of sensitive informatione.g. online banking, shopping, webmail, even social networksMore and more traffic is transmitted in secure channelsEncrypted traffic should be subjected to the same security measures (as traffic in-the-clear)
Today we present Check Point’s Compliance blade which changes the way organizations manage compliance!
Gain granular visibility with SmartEvent
Slide 15: Unified Management reporting: Come PCI Audit time, you go print a report from your Firewall, one from your DLP, one from IDS, one from your SIEMS, one from your endpoint and bind it into a book and give it to your auditor and pray !!! The beauty of unified management is that when you fact that you have a unified view, you can create a single application to deal with auditing, compliance and reporting.