More Related Content
Similar to Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013 (20)
More from Clouditalia Telecomunicazioni (19)
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
- 1. ©2013 Check Point Software Technologies Ltd.
“Sicuri nel Cloud”.
A complete multi-layer approach.
Paolo Marraffa
Channel Manager
pmarraffa@checkpoint.com
- 2. 2©2013 Check Point Software Technologies Ltd.
3D Security - Check Point Multi-Layer Threat Prevention
Agenda
Check Point Security Report 2013
CHECK POINT: Your Trusted Security Partner
Security Management & 3D Security Analysis
- 3. 3©2013 Check Point Software Technologies Ltd.
Security Focus and Leadership
► $1.34 Billion (Revenue)
2012 revenue, 15.17% CAGR 2006-2012
Software Blades strategy fueling growth
► 100% (Security)
Pure focus on security
All of Fortune 500 are Check Point customers
► Network Security Leader
Top Ranked NGFW by NSS Labs, Gartner, SC Magazine
“Leader” in Gartner Enterprise Firewall for 16th year
Who should you trust to secure your business?
- 4. 4©2013 Check Point Software Technologies Ltd.
Award Winning Security Products
Best IPS/IDS Product
Reader Trust
Award
20132013
Best IPS/IDS Product
Reader Trust
Award
2013
Leader, Magic
Quadrant Enterprise
Network Firewall
2004–20132004–2013
Leader, Magic
Quadrant Enterprise
Network Firewall
2004–2013
Leader, Magic
Quadrant Mobile
Data Protection
2001–20122001–2012
Leader, Magic
Quadrant Mobile
Data Protection
2001–2012
NGFW Earns
“Recommend”
Rating from NSS
20132013
NGFW Earns
“Recommend”
Rating from NSS
2013
IPS Earns
“Recommend”
Rating from NSS
20122012
IPS Earns
“Recommend”
Rating from NSS
2012
Leader, Magic
Quadrant - UTM
2010–20122010–2012
Leader, Magic
Quadrant - UTM
2010–2012
Computing Security
Awards Security
Company of the Year
20122012
Computing Security
Awards Security
Company of the Year
2012
Network Security
Vendor of the Year
20122012
Network Security
Vendor of the Year
2012
Firewall Earns
“Recommend”
Rating from NSS
2013
Best Firewall
Reader Trust
Award
20132013
Best Firewall
Reader Trust
Award
2013
- 5. 5©2013 Check Point Software Technologies Ltd.
World-Class Global Support
Award-winning, world-
class support
Always-on 24x7 coverage
Best-in-class electronic
support tools
Worldwide material
inventory
Online support in 150
countries and 1,000
metropolitan areas
Dallas
TAC
Tel Aviv
TAC
Tokyo
TAC
Ottawa
TAC
Stockholm
Endpoint Escalation
- 7. 7©2013 Check Point Software Technologies Ltd.
Multiple sources of data
SensorNet
3D
Reports
Threat
Cloud
- 8. 8©2013 Check Point Software Technologies Ltd.
A comprehensive survey
888 companies
1,494 gateways
120,000 Monitoring hours
112,000,000 security events
- 9. 9©2013 Check Point Software Technologies Ltd.
40%
40%
20%
39%
14%10%
7%
4%
26%
A comprehensive survey
% of companies
Americas
EMEA
APAC
Industrial
Finance
Government
Telco
Consulting
Other
By geography By sector
- 10. 10©2013 Check Point Software Technologies Ltd.
We will talk about 3 issues…
Threats
to the
organization
Risky
enterprise
applications
Data loss
incidents in
the network
- 11. 11©2013 Check Point Software Technologies Ltd.
The 3 Steps of Modern Attacks
Social
engineering
Identify target
Gather information
Launch attack
Malware
injection
Attack arrives
User clicks
Exploit executes
Malware installed
Computer controlled
Waits for instruction
Remote
control
- 13. 13©2013 Check Point Software Technologies Ltd.
2012: the year of hacktivism
Arab Spring
Political freedom
Foxcon
Working conditions
Justice Department
Anti-corruption
Vatican
Unhealthy transmitters
UN ITU
Internet deep packet inspection
- 15. 15©2013 Check Point Software Technologies Ltd.
The majority of companies are infected
100% = 888 companies
63% of organizations are infected
with bots
63%
- 16. 16©2013 Check Point Software Technologies Ltd.
Once in … always on
Communicating
with command
& control every
21minutes
- 18. 18©2013 Check Point Software Technologies Ltd.
Exploit kits are easy to buy
Rental costs
One day – 50$
Up to 1 month – 500$
3 month – 700$
Rental costs
One day – 50$
Up to 1 month – 500$
3 month – 700$
Available
online
- 19. 19©2013 Check Point Software Technologies Ltd.
But there is more than Bots, right?
Malware
INSIDE
How does malware
get to my network?
- 20. 20©2013 Check Point Software Technologies Ltd.
75% of organizations, a host accesses
a malicious website
Source: Check Point 2013 Security Report
In
75%
- 22. 22©2013 Check Point Software Technologies Ltd.
Downloading malware all the time
53%of organizations saw
malware downloads
- 23. 23©2013 Check Point Software Technologies Ltd.
…and again
Threats
to the
organization
Risky
enterprise
applications
Data loss
incidents in
the network
- 25. 25©2013 Check Point Software Technologies Ltd.
What are risky applications?
Bypassing security or
hiding identity
Do harm without
the user knowing it
P2P file sharing
Anonymizers
File sharing / storage
Social networks
- 26. 26©2013 Check Point Software Technologies Ltd.
The risk of anonymizers
Bypasses security
infrastructure
Used by botnets to
communicate
Hide criminal,
illegal activity
- 27. 27©2013 Check Point Software Technologies Ltd.
Anonymizers inside the corporation
47%
of organizations
had users of
Anonymizers
(80% were not aware that
their employees use
Anonymizers)
100% = 888 companies
- 28. 28©2013 Check Point Software Technologies Ltd.
The risk of P2P Applications
Downloading the
latest “MasterChef”
episode right now…
Pirated content liability
Malware downloads
“Back door” network access
- 29. 29©2013 Check Point Software Technologies Ltd.
P2P inside the corporation
100% = 888 companies
61% of organizations, a P2P file
sharing application is used
61%
55%EMEA
%APAC72
62%Americas
- 30. 30©2013 Check Point Software Technologies Ltd.
Main takeaways…
61% of organizations had a P2P
file sharing app in use
47% of organizations had users of
anonymizers
- 31. 31©2013 Check Point Software Technologies Ltd.
…last but not least!
Threats
to the
organization
Risky
enterprise
applications
Data loss
incidents in
the network
- 33. 33©2013 Check Point Software Technologies Ltd.
How common is it?
54%
of organizations
experienced data
loss
- 34. 34©2013 Check Point Software Technologies Ltd.
PCI compliance can be improved
Of financial organizations sent credit
card data outside the organization
- 35. 35©2013 Check Point Software Technologies Ltd.
We have all had this problem
Error 552: sorry, that message exceeds
my maximum message size limit
Dropbox?
YouSendIt?
Windows Live?
- 36. 36©2013 Check Point Software Technologies Ltd.
Storing and Sharing applications
80%
of organizations
use file storage
and sharing
applications
100% = 888 companies
- 37. 37©2013 Check Point Software Technologies Ltd.
Top sharing and storage apps
70
51
25
22
13
10
Dropbox
Windows Live
Curl
YouSendIt
Sugarsync
PutLocker
% of organizations
But sharing is not
always caring…
- 38. 38©2013 Check Point Software Technologies Ltd.
We talked about three issues
Threats
to the
organization
Risky
enterprise
applications
Data loss
incidents in
the network
- 39. 39©2013 Check Point Software Technologies Ltd.
BLOCKING external threats
FW AVIPS
AntiBot
URLF
Emulation
- 40. 40©2013 Check Point Software Technologies Ltd.
ENABLING secure application use
URLFiltering
Antivirus
ApplicationControl
Endpoint
- 41. 41©2013 Check Point Software Technologies Ltd.
PREVENTING data loss
DocumentSecurity
DLP
Data
EndPoint/Encryption
ApplicationControl
Usercheck
- 42. 42©2013 Check Point Software Technologies Ltd.
MANAGING incidents and protections
SmartEvent
SmartLog
SmartDashboard
- 43. 43©2013 Check Point Software Technologies Ltd.
Enforcement
Multi-layer controls for strong and effective
security
Different People – Different needs
Involve & Engage users in the security
process
People
Practical and relevant to your business and
daily operations
Policies
The Secret on How to Be #1 NGFW:
3D Security framework
- 44. 44©2013 Check Point Software Technologies Ltd.
Check Point Security Solutions
IAS and
Open server
2012 Appliances
All
Deployments
All
Platforms
All
Protections Software Blades
- 45. 45©2013 Check Point Software Technologies Ltd.
What is a Software Blade?
It’s a Security Building Block That Is:
Independent Modular
Centrally
Managed
- 46. 46©2013 Check Point Software Technologies Ltd.
Check Point Software Blades
Integrated
End-to-End
Security
Flexible and
Simple
Protect Existing
Investment
The Architecture That Revolutionizes
the Way You Do IT Security
Independent
Modular
Centrally
Managed
- 47. 47©2013 Check Point Software Technologies Ltd.
Easy Deployment
Application Control
Identify and control usage of
thousands of applications based on
user and machine identity.
One-click activation of software blades
From the central management console
- 48. 48©2013 Check Point Software Technologies Ltd.
Check Point Security Appliance Line
Ultra High-End
Datacenter Grade
Enterprise Grade
Small Office /
Desktop
SECURITY FOR
ENTIRE RANGE
12000 Appliances
4000 Appliances
2200 Appliance
61000 System and
21000 Appliances
- 49. 49©2013 Check Point Software Technologies Ltd.
Virtualized Security Scenarios
Office in a Box
Use Security Gateway Virtual Edition (VE) with
firewall, IPS, VPN and other Software Blades to
secure your office networks and assets
VE
Hypervisor
Enterprise Security Gateways
Consolidate your Security Gateways deployment
into a virtualized environment
VE
Hypervisor
VE VE
Secure the Virtual Environment
Use Security Gateway Virtual Edition to apply,
for example, granular firewall, IPS and AV policies
for inter-VM traffic
Hypervisor
Hypervisor Connector
VE
- 50. 50©2013 Check Point Software Technologies Ltd.
Highest Ranked Security
For Firewall, Next Gen Firewall and IPS
Profile based
Central Management
Simplified Web based
Local Management
New Check Point 1100 Appliance
10x1GbE
Port density
Wireless Access
Secured Wireless Access & Guest Access
Offering BIG SECURITY for small branchesOffering BIG SECURITY for small branches
- 51. 51©2013 Check Point Software Technologies Ltd.
New Check Point 600 SMB Appliance
Small Size. BIG Security.Small Size. BIG Security.
- 52. 52©2013 Check Point Software Technologies Ltd.
Security Policy
Configuration and updates
…and Cloud-based Management Service…and Cloud-based Management Service
- 53. 53©2013 Check Point Software Technologies Ltd.
More Security, Additional Power
The Security You Want
The Performance You Need
DLP
Application
ControlIPS
URL
Filtering
Identity
Awareness
Anti-Spam
& Email
Security
Software Blades
Anti-Bot
Threat
Emulation
Antivirus &
Anti-
Malware
Firewall &
VPN
- 54. 54©2013 Check Point Software Technologies Ltd.
What about your Security Spending?
Source: ISC(2), 2013
According to 12,396 security professionals,
spending on security during 2013 will:
- 55. 55©2013 Check Point Software Technologies Ltd.
Security Consolidation =
Tighter control
Comprehensive
visibility
Easier to manage
Cost effective
Better Security
- 56. 56©2013 Check Point Software Technologies Ltd.
Today’s Security Needs
Discover and block threats in real time
Secure use of Web 2.0 tools and data
Comprehensive understanding of security events
Look beyond IP – define security by user identity
- 57. 57©2013 Check Point Software Technologies Ltd.
Define Security by user identity
Granular security
per user,
Security following the user !
user-group and machine
- 58. 58©2013 Check Point Software Technologies Ltd.
Multi Layered Threat Prevention - IPS
Protect Against Exploit of Vulnerabilities in:
Word, Excel, PDF, Browsers, Operating Systems...
Stop attacks
exploiting
vulnerabilities
- 59. 59©2013 Check Point Software Technologies Ltd.
Block Malware File Download and
Access to Malware Containing Sites
Block Malware
Download
Multi Layered Threat Prevention - AV
- 60. 60©2013 Check Point Software Technologies Ltd.
Post Infection Solution to
Stop Data Theft and Targeted APT Attacks
Discover and stop
Bot Attacks
Multi Layered Threat Prevention –
Anti-BOT
- 61. 61©2013 Check Point Software Technologies Ltd.
Check Point Anti-Bot Software Blade
Prevent bot
damages
Discover
infected
machines
Integrated
Threat
Prevention
Anti-Bot
Software Blade
Command
and Control
- 62. 62©2013 Check Point Software Technologies Ltd.
Prevent exploit of
known vulnerabilities
Block download of
known malware
Unknown Threats
Block Bot
Communication
Real Time Security Collaboration
Powered by ThreatCloud
IPS
Anti-Bot
Antivirus
? Fighting Unknown
Threats
?
?
Threat
Emulation
…and what about Zero-Day attacks?
- 63. 63©2013 Check Point Software Technologies Ltd.
Check Point Threat Emulation SW Blade
Fight Against
Unknown Threats !
Stop Targeted Zero-day Attacks
- 64. 64©2013 Check Point Software Technologies Ltd.
Threat Emulation – Step by Step
Security
Gateway
Internet
Download file
sent to Threat
Emulation
File Inspected
in virtual
sandbox
New malware
signature sent
to ThreatCloud
New attack
discovered
Malware is
blocked on
the gateway
Monitor unexpected behavior:
Network activity
File system & registry
changes
Process activity
- 65. 65©2013 Check Point Software Technologies Ltd.
Multi Layered Threat Prevention –
ThreatCloud™
Powering Threat Prevention Software Blades
with Real-time Security Intelligence
Global collaboration
to fight new threats
- 66. 66©2013 Check Point Software Technologies Ltd.
Check Point DDoS Protector™
Customized multi-layered DDoS protection
Protects against attacks within seconds
Integrated security management and expert support
- 68. 68©2013 Check Point Software Technologies Ltd.
Control all aspects of Web (2.0)
Websites Applications
Facebook Chat
Granularity
beyond URLs
Not URL-based
www.hackthissite.orgwww.hackthissite.org
www.fantasyfootball.comwww.fantasyfootball.com Application Control
www.poker.comwww.poker.com
www.playboy.comwww.playboy.com
URL Filtering
- 69. 69©2013 Check Point Software Technologies Ltd.
Application Control Software Blade
Application Control Software Blade
appwiki.checkpoint.com
Detect and Control
Over 4,900 Applications
Over 240,000 Social Network Widgets
Over 130 Categories
User-defined applications
User and user-group granularity
- 70. 70©2013 Check Point Software Technologies Ltd.
URL Filtering Software Blade
URL Filtering Software Blade
Over 200 million URLs
Constantly updated
Cloud-based categorization
User-defined Sites/Categories
User and user-group granularity
- 71. 71©2013 Check Point Software Technologies Ltd.
Unified URL Filtering and AppControl
Websites ‒
URL Filtering
Applications ‒
Application
Control
User Check
Actions
User/Group
Granularity!
- 72. 72©2013 Check Point Software Technologies Ltd.
Check Point UserCheck™ Technology
Understand usage needs,
while enforcing policy
Makes Web
control more
practical
Asks users to
confirm usage in
real-time
Ask
http://www.youtube.com
Need to watch product demo
http://www.youtube.com
Internet Access Policy
John Smith,
According to the company policy, access to
YouTube is intended for work-related use only.
This is work related. Reason below:
Need to watch product demo
Cancel OK
- 73. 73©2013 Check Point Software Technologies Ltd.
Mobile Access Software Blade
Secure communication
to the organization
Unified management
and reporting
Simply connect from any
mobile device
Simple and Secure Corporate Access
From Mobile Devices
- 74. 74©2013 Check Point Software Technologies Ltd.
Flexible, Secure Connectivity from
Any Mobile Device
Business
Mobile Device:
Web portal to business applications
Best for: Intranet, Outlook Web Access (OWA),
SharePoint, Wiki
Mobile Device:
Secure communication running local apps
Best for: Expense reports, remote IT server management,
CRM, HR, remote desktop, file server access
Laptop:
Simple portal interface from browser for
internal Web access
Best for: Intranet, Outlook Web Access (OWA),
SharePoint, Wiki
- 75. 75©2013 Check Point Software Technologies Ltd.
Check Point Mobile for iOS and
Android
Check Point
Mobile
Portal for business Web apps
Single sign on
Encrypted communication
Secure Business Mail
Doc Security & Sandbox protection
- 76. 76©2013 Check Point Software Technologies Ltd.
Secure
access from
smartphones
Secure
access from
PC & Mac
Check Point Mobile Access
Secure
Mail
VPN App
Web Portal
for Business
Applications
VPN Client
Mobile Access
Software Blade on a
Check Point Gateway
- 77. 77©2013 Check Point Software Technologies Ltd.
Check Point Security Management
• Better Operational efficiency
• Greater Security consistency
• Higher visibility
- 78. 78©2013 Check Point Software Technologies Ltd.
Check Point Simplified 1-Step
Policy Creation
Check Point Provides 1-Step Policy Creation
- 80. 80©2013 Check Point Software Technologies Ltd.
Check Point SmartLog - Simple Log
Searches
Simple Log Analysis with 360o Visibility
Check Point
SmartLog provides
simple, intuitive
search
Check Point split-second search results provide
instant visibility into billions of log records
John Smith yesterday
u1
- 81. Slide 80
u1 Need to fix product name Etude on this slide in two places.
username; 28/09/2012
- 82. 81©2013 Check Point Software Technologies Ltd.
Granular Control of All Security Layers
GranularVisibility
Mobile
Access
Identity
Awareness
DLP
IPSec VPN
SmartEvent
Threat
Emulation
IPS
Anti-Bot
Antivirus
Anti-Spam
& Email
Security
Application
Control
URLF
Web
Security
- 83. 82©2013 Check Point Software Technologies Ltd.
SmartEvent
Unified view of all security events
Geo-location views and analysis of security events
Historical views with timeline analysis
Correlations and forensics activities
Reports
…and more!
SmartEvent
Translates Security
Information into Action!
Complemented by SmartEvent for Overall Security
Analysis and Forensics
- 84. 83©2013 Check Point Software Technologies Ltd.
Consolidated Visibility: SmartEvent
Unified event analysis with 360° visibility across Software Blades
High-level view with drill down to policy
- 85. 84©2013 Check Point Software Technologies Ltd.
…not just the right logs!
Translate Security Information into Action!
- 86. 85©2013 Check Point Software Technologies Ltd.
Compliance
Compliance Software Blade
Check Point Presents:Check Point Presents:
The first integrated and fully automated
security and compliance monitoring
The first integrated and fully automated
security and compliance monitoring
- 88. 87©2013 Check Point Software Technologies Ltd.
360° Visibility of compliance status
Detailed Compliance Analysis
- 91. 90©2013 Check Point Software Technologies Ltd.
Real-Time Assessment
of major regulations across Check Point Software Blades
Regulatory Compliance Monitoring
- 92. 91©2013 Check Point Software Technologies Ltd.
ISO
27001
PCI-
DSS
GLBA
NIST
800-41
HIPAA
ISO
27002
Cobit
4.1
Complex Regulatory RequirementsFrom Regulations to Security Best Practices
- 98. ©2013 Check Point Software Technologies Ltd.
Thank you!
Paolo Marraffa
Channel Manager
pmarraffa@checkpoint.com
Mob: +39 334 8879772