SlideShare a Scribd company logo

Checkpoint Portfolio.pptx

Download as PPTX, PDF
M
MarioCruz664886

Productos Checkpoint

Technology
1 of 95
© Check Point Software Technologies Ltd. © Check Point SoftwareTechnologies Ltd. SOLUTION PORTFOLIO This is an interactive slide deck. Use Click to drill down Click on to go back to main slide
Where are we ? 2000 2010 2015 2017 THREA TS PROTECTIONS Networks Gen II Applications Gen III Payload Gen IV GRADE I GRADE II GRADE III GRADE V GRADE IV Virus 1990 Gen I Enterprises are between Gen 2-3 2.8 Mega Gen V
GEN 5 PROTECTION Against MEGA ATTACKS
4 © Check Point SoftwareTechnologies Ltd. WHAT INGREDIENTS DO WE NEED ?
Check Point Infinity Architecture Shared Threat Intelligence Consolidated Security Management MOBILE ENDPOINT Hybrid Cloud NETWORK Perimeter & Data centers Best Threat Prevention across entire enterprise CLOUD
NETWORK Shared Threat Intelligence Consolidated Security Management Multi & Hybrid Cloud Headquarters Branch Access Control Multi Layered Security Advanced Threat Prevention Data Protection Access Control Multi Layered Security Advanced Threat Prevention Wi-Fi, DSL, PPoE Ready MOBILE Network Protection Device Protection App Protection Capsule WorkSpace/Docs Remote Access Secure Business Data Protect Docs Everywhere ENDPOINT Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents CLOUD Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Identity Protection Sensitive Data Protection Zero-Day Threat Protection End-to-end SaaS Security Applications
THREAT EXTRACTION CPU-Level Detection Catches the most sophisticated malware before evasion techniques deploy O/S Level Emulation Stops zero-day and unknown malware in wide range of file formats Malware Malware Original Doc Safe Doc Threat Extraction Deliver safe version of content quickly SandBlast Network HOW IT WORKS
Hacker Threat Intelligence • • The content is inspected for potential threats using KNOWN signatures/URL reputation • Malicious download/Exploit are blocked SandBlast Network HOW IT WORKS
• For UNKNOWN attacks/browser exploits the content is sent for emulation in cloud or in designated local appliance • If the file identified as malicious, the mail is quarantined and the incident is reported to the administrator CPU Level Machine Learning Emulation Engine File/URL Reputation Push Forward Hacker Traps& Decoys SandBlast Network HOW IT WORKS Threat Intelligence
• In parallel, a sanitized copy is sent to the user without any embedded objects, macros, Java Script Code and sensitive hyperlink • Post Emulation, If identified as benign, per the user request, the original attachment will be delivered to the user A sanitized file is sent MTA SandBlast Network HOW IT WORKS Threat Intelligence
ELEMENTS IN NEED OF PROTECTION INCOMING MAIL BROWSING USERS EXPOSED SYSTEMS
SANDBLAST THREAT EMULATION SANDBLAS T THREAT EXTRACTION Detects and blocks unknown malware and Zero-day attacks Proactively delivers safe, reconstructed files to avoid delays
GET THE DATA NOT THE RISK Convert documents to PDF CONVERT MODE CLEAN MODE Retain file format, remove active content Fast delivery Preserve all text and visual content We recommend CONVERT MODE - for Word documents CLEAN MODE - for everything else DELIVER CLEAN ATTACHMENTS Threat Extraction for Documents Self-catered access to original files
SMTP MAIL TRANSFER AGENT SMTP ANTI-SPAM MAIL SERVER MTA next hop = GW SMTP WHY MTA? • Guaranteed prevention • Threat Extraction support • SMTP TLS support • User interaction • Excellent stability and performance • Configuration granularity • Mail queue visibility and control • Continued improvements in R80.20 MTA next hop = Mail Server SMTP CHECK POINT GATEWAY
WHERE TO DEPLOY YOUR MTA? ANTI-SPAM PERIMETER GW Mail Server DEDICATED GATEWAY OR PERIMETER GATEWAY Don’t impact perimeter gateway Reuse existing gateway ANTI-SPAM MT A GW Mail Server
ELEMENTS IN NEED OF PROTECTION INCOMING MAIL BROWSING USERS EXPOSED SYSTEMS
Evasion-resistant sandbox detection of malicious flash PUSH-FORWARD Threat Emulation dynamically drives Adobe Flash execution, forcing detonation if it’s malicious
NETWORK PROTECTIONS IPS ANTI-VIRUS THREAT EMULATION THREAT EXTRACTION* * Coming in R80.20 BROWSING THREATS MALICIOUS DOWNLOADS BROWSER EXPLOITS CREDENTIAL THEFT ANTI-VIRUS THREAT EMULATION THREAT EXTRACTION ANTI-EXPLOIT ZERO PHISHING ANTI-RANSOMWARE ENDPOINT PROTECTIONS GA TEWA Y PROTECTING BROWSING USERS SANDBLAST NETWORK SA U N S D E B R LA S ST AGENT A TT ACKER
WHAT IF A SYSTEM IS COMPROMISED? ANTI BOT Identify and contain infections
ANTI-BOT C&C INFECTED HOST ATTACKER GATEWAY C&C Anti-Bot prevents C&C communications LOG What about roaming users? Use Anti-Bot and Forensics with SandBlast Agent
ANTI-BOT: PINPOINT INFECTED HOSTS INFECTED HOST ATTACKER GATEWAY C&C when behind a proxy PROXY C&C PROBLEM Source IP = Proxy IP: 10.100.0.123 Blocked by Anti-Bot G GE ET T / /iin nd de ex x. .h ht tm mll H HT TT TP P/ /1 1. .1 1 HOST: www.example.com X-- F- O -- R -W --A -- R -D -- E -D : X -F ... HTTP REQUEST WITH XFF Correct IP written to log SOLUTION Turn on XFF PRIVACY CONCERNS? The gateway can wipe the internal IP .
ANTI-BOT: PINPOINT INFECTED HOSTS when behind a DNS Server INFECTED HOST ATTACKER GATEWAY DNS QUERY IP: 10.100.0.123 Blocked by Anti-Bot PROBLEM Source IP = DNS Server DNS Server SOLUTION Turn on DNS TRAP DNS QUERY Resolve C&C domain 1 DNS response with predefined IP 2 Communication attempt with the predefined IP is pinpointed to the infected host 3
Threat Intelligence Endpoint Blades SandBlast Mobile Anti-Bot Anti-Virus Application Control URL Filtering Threat Emulation IPS Collaboration Industry Feeds - URLs, Hashes, Domains - Virus Total indicators - Cyber Threat Alliance Data Mining - Campaign hunting Threat Intelligence Sensors Malware research Event Analysis Analysts Community CERTS AI 400 researchers & Analysts
© Check Point SoftwareTechnologies Ltd. CloudGuard
ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENT Check Point CloudGuard
CloudGuard • New name for all our cloud security solutions including vSEC • Introduction of new SaaS/CASB offering • Introduction of Alibaba Cloud and Oracle Cloud offerings
ACI SD N Public Cloud Private Cloud Hybrid Cloud CloudGuard Family
© Check Point Software Technologies Ltd. CloudGuard for SaaS
CLOUDGUARD SAAS SAAS SECURITY IS ONE CLICK AWAY Identity Protection Protect Sensitive Data Zero-day threats Protection End-to-End SaaS Security
Security Gateway SAAS PROVIDERS SECURITY STACK Prevent Account T akeovers Data Leak Prevention Reveal Shadow IT HOW IT WORKS API & AD … CloudGuard SaaS Documents encryption Zero-day Threats Protection
Accesses App Accesses App Stolen ID Hacker Identify Device • Only users and devices with ID- Guard endpoint agent can login • Malicious login prevented even if the hacker has correct credentials • No user involvement PREVENT ACCOUNT TAKEOVER WITH CLOUDGUARD SAAS IDENTITY PROTECTION Identity Server ADFS, AzureAD, Okta Employee Identity Server ADFS, AzureAD, Okta
• Collects network intelligence from on premise devices, Threat Cloud and SaaS • Prevents suspicious logins Example: seen in two locations, bad source IP reputation Accesses app Stolen credentials Hacker Intelligence PREVENT ACCOUNT TAKEOVER WITH CLOUDGUARD SAAS IDENTITY PROTECTION Agentless Mode Identity Server ADFS, AzureAD, Okta
© Check Point SoftwareTechnologies Ltd. CloudGuard for IaaS
ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENTS CHECK POINT CLOUDGUARD IAAS IN AN AGILE AND AUTOMATED NATURE
CLOUD = SHARED RESPONSIBILITY Customer responsible for security in the cloud Customer Data Platform, Applications, IAM Operating System, Network and FW Configs Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System / Data) Network Traffic Protection (Encryption, Integrity, Identity) Cloud vendor responsible for security of the cloud Cloud Global Infrastructure Regions Availability Zones Edge Locations Compute Storage Database Networking
CloudGuard IaaS • All the Advanced Threat Prevention features of Check Point Security R81 Management • For all these clouds ACI Gateways and plus: Automation and Orchestration Cross Environment Dynamic Policies Adaptive Security
CloudGuard IaaS Advanced Protection Basic Firewall / Access Rule Firewall IPS App Control DLP Zero-Day Anti-bot Forensics Filtering Antivirus Threat Emulation Threat Extraction Multi-cloud VPN Identity Awareness Anti-Spam
CloudGuard Deployment Automation Auto-scale Cluster/HA Single Gateway Hybrid Cloud
THE HUB & SPOKE ARCHITECTURE (TRANSIT) Cloud Northbound HUB Southbound HUB SPOKE 1 SPOKE 2 SPOKE N …. WWW VPN • Advanced threat protection on perimeter • North-South & East-West security is controlled by security admin • Inside spoke security controlled by DevOps
MULTI & HYBRID CLOUD ENVIRONMENTS Southbound-HUB Southbound-HUB VPN WEB APP SPOKE-3 VPN DB AAD SPOKE-3 VPN WEB APP SPOKE-3 Southbound-HUB Azure Northbound-HUB ….. AWS Northbound-HUB ….. Google Northbound-HUB ….. VPN WWW
CLOUDGUARD ADAPTIVE SECURITY Check Point Access Policy Rule From To Application Action 3 Web_SecurityGroup Object DB_VM Object MSSQL Allow 4 CRM_SecurityGroup Object SAP_SecurityGroup Object CRM Allow 5 AWS_VPC Object Azure_VNET Object ADFS Allow Drag & Drop dynamic policy with cloud objects
© Check Point SoftwareTechnologies Ltd. CloudGuard for SDN
CloudGuard for VMware NSX Hardware Hypervisor vm vm ESXi ESXi Security Management Server Hardware vSphere API NSX vSphere API NetX API vCente r Hypervisor vm vm CloudGuar d CloudGuar d
© Check Point SoftwareTechnologies Ltd. CloudGuard for SDDC
72 © Check Point SoftwareTechnologies Ltd. CloudGuard Virtual Edition (VE) VMware ESXi CloudGuard Virtual Edition can be deployed as a security gateway to provide perimeter protection, segmentation, and inter-VM protection using standard routing configurations. Supported hypervisors
© Check Point SoftwareTechnologies Ltd. CLOUDGUARD ECOSYSTEM
CloudGuard Ecosystem
© Check Point Software Technologies Ltd. MOBILITY
MOBILE THREAT DEFENSE (MTD) Android Antivirus Apps Analysis / Emulation Network Threats (MiTM,…) OS Vulnerability Research MOBILE CONTENT MANAGEMENT (MCM) Document Repositories MOBILE APPLICATION MANAGEMENT (MAM) MOBILE INFORMATION PROTECTION Secure Container Dual Persona REMOTE ACCESS (Secure) Email Proxy Per-App VPN VDI / VMI Full-Device VPN / Profile MOBILE DEVICE MANAGEMENT (MDM) Documents Lifecycle Enterprise Apps / Store Apps White/Black - Listing Apps White/Black - Listing App Profile Management Device “Fleet” Management GEO-Location T racking Device Profiles (Settings) App Distribution HARMONY MOBILE CAPSULE VPN CAPSULE DOCS CAPSULE WORKSPACE CAPSULE WORKSPACE SSL VPN Native Containment
MOBILE SECURITY BUILDING BLOCKS Zero-Day Malware Infected Apps Wi-Fi Attacks SMS Attacks Bluetooth Attacks OS Exploits Device Settings SANDBLAST MOBILE Mobile Device Management
MOBILE SECURITY BUILDING BLOCKS O-Day Malware Infected Apps Wi-Fi Attacks SMS Attacks Bluetooth Attacks OS Exploits Device Settings SANDBLAS T MOBILE Mobile Device Management
HOW IT WORKS APP ANALYSIS (INFECTED APPS) CLOUD-BASED BEHAVIORAL RISK ENGINE ON DEVICE DETECTION OS EXPLOITS (JAILBREAK/ROOT) NETWORK ATTACKS (WIFI, BLUETOOTH) SMS ATTACKS REAL-TIME INTELLIGENCE, MONITORING AND CONTROL
MOBILE THREAT DEFENSE (MTD) Android Antivirus Apps Analysis / Emulation Network Threats (MiTM,…) OS Vulnerability Research MOBILE CONTENT MANAGEMENT (MCM) Document Repositories MOBILE APPLICATION MANAGEMENT (MAM) MOBILE INFORMATION PROTECTION Secure Container Dual Persona REMOTE ACCESS (Secure) Email Proxy Per-App VPN VDI / VMI Full-Device VPN / Profile MOBILE DEVICE MANAGEMENT (MDM) Documents Lifecycle Enterprise Apps / Store Apps White/Black - Listing Apps White/Black - Listing App Profile Management Device “Fleet” Management GEO-Location T racking Device Profiles (Settings) App Distribution HARMONY MOBILE CAPSULE VPN CAPSULE DOCS CAPSULE WORKSPACE CAPSULE WORKSPACE SSL VPN Native Containment
CAPSULE WORKSPACE | Architecture overview Corporate Servers Check Point Firewall with Mobile Access Blade Management Console Internet Mobile Device Wireless Networks MOBILE
CAPSULE WORKSPACE | Simplify mobile security • Manage corporate data, not devices • A PIN unlocks a single app so you can ̶ Access email/calendar/PIM/Intranet securely ̶ Launch security-wrapped business apps ̶ Keep data encrypted at rest and in motion ̶ Track and require higher levels of access to docs ̶ Extend consistent security to iOS and Android ̶ Wipe corporate data on lost or stolen devices ̶ Capsule Workspace is integrated with Check Point Mobile Threat Prevention
Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents ENDPOINT
Identify and block unknown and zero- day threats Deliver clean documents in seconds Safeguard credentials from theft Accelerate understanding for better response Keeping endpoints safe from cyber extortion ADVANCED THREAT PREVENTION TECHNOLOGIES THREAT EMULA TION THREAT EXTRACTION ZERO PHISHING FORENSICS ANTI RANSOMWARE
SANDBLAS T SERVICE Web downloads sent to remote SandBlast 1 Sanitized version delivered promptly 2 Original file emulated in the background 3 How SandBlast Agent Works
Lookalike Characters Image Only Site Multiple T op-Level Domain Lookalike Favicon IP Reputation URL Similarity Title Similarity Visual Similarity Text Similarity Domain Reputation PHISHING SCORE: 95% User access to new site triggers review 1 Evaluation based on reputation and advanced heuristics 2 Verdict issued in seconds 3 Beware! Probable Phishing Attack How Zero-Phishing Works
Corporate Credentials With so many credentials to remember… Users often re-use the same password Corporate Password Exposed How Credential Protection Works Preventing Reuse of Corporate Credentials
How Forensics Works FORENSICS data continuously collected from various OS sensors 1 Report generation automatically triggered upon detection of network events or 3rd party AV 2 Digested incident report sent to SmartEvent 4 Processes Registry Network Files Advanced algorithms analyze raw forensics data 3
How Anti-Ransomware Works ONGOING UPON DETECTION BEHAVIORAL ANALYSIS Constantly monitor for ransomware specific behaviors DA T A SNAPSHOTS Continuously create short- term file backups QUARANTINE Stop and quarantine all elements of the attack RESTORE Restore encrypted files from snapshots ANALYZE Initiate forensic analysis to analyze attack details RANSOMWARE PROTECTION IS ON
ADVANCED THREAT PREVENTION TECHNOLOGIES THREAT EMULA TION THREAT EXTRACTION ZERO PHISHING FORENSICS ANTI RANSOMWARE BASELINE THREAT PREVENTION TECHNOLOGIES ACCESS CONTROL ANTI VIRUS ANTI BOT
Secure Remote Mobile Access to corporate resources Security verification Compliance with regulatory requirements How Access Control Works Industry first Desktop Firewall and Application Control Secure endpoint access, data in transit and verify compliance
 Lockdown infected machines • Block C&C communications • Prevent data exfiltration  Identify compromised hosts • Inside and outside the network • Pinpoint when inside the network  Detect the C&C Channel – and we know the host is infected  Block the C&C Channel – and we contain the malware Communications Blocked ANTI-BOT How Anti-Bot Works C&C Communications
How Full Disk Encryption Works Windows and Apple Pre-Boot Authentication
Business Data Segregation Seamless Experience Automatic data encryption and seamless access to authorized users Policy based automatic segregation End User Education Engage and educate users with UserCheck Non Business Data (E:) Business Data – Encrypted (F:) How Media Encryption Works Transparent security for information on storage drives
Ensure that only authorized devices/ports can be used Get the benefit of a flexible blacklisting/whitelisting approach Use discovered devices for policy fine-tuning How Port Protection Works
Share Select the authorized users and groups Classify Classify and set permissions according to your needs Encrypt Data Protect your documents with a single click Automatic protection for seamless user experience User Education and Engagement using UserCheck How Capsule Docs Works
© Check Point Software Technologies Ltd. SECURITY MANAGEMENT
NETWORK Shared Threat Intelligence Consolidated Security Management Hybrid Cloud n Headquarters Branch Access Control Access Control Data Protection Multi Layered Security Advanced Threat Preventio Multi Layered Security Wi-Fi, DSL, PPoE Ready Advanced Threat Prevention MOBILE Capsule WorkSpace/Docs App Protection Re Network Protection Sec Device Protection Prot mote Access ure Business Data ect Docs Everywhere ENDPOINT Access/Data Security Threat Prevention Access Control Anti-Ransomware Secure Media Forensics Secure Documents CLOUD Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Applications Advanced Zero-DThrayeatThrPereventioat P r o t e n c t i o n Adaptive Security Sensitive Data Protection Automation and End-O to r- che end stS ra a ta io S nSecurity Cross Environment IdenDytitynamProitcecPtoionlicies SmartEvent Compliance Unified Policy
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Manage everywhere - all aspects of security on both physical, virtual and cloud based environments. • Manage everything from users to data to applications • Manage efficiently - All access points are now controlled in one place
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Inline O r d e r e d Inline • Optimizing rule matching process - Only packets matching the Parent Rule will be checked against the rules of the Inline Layer • Reuse Layers in multiple Policies or multiple times in the same policy Ordered • Each layer performs one or more specific security actions • The layers will be matched top-down
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Concurrent Administrators can work simultaneously on the same rulebase without conflict • Workflow and Auditing - All actions are monitored, logged and can be reviewed accordingly. • Granular admin delegation – dedicated policies for specific admins
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Provisioning of security - segmenting security into multiple virtual domains Centralized management - manage security on a global level while ensuring separation of data for each of the protected business entities Granular, role-based administration - • access policy admin • Content inspection admin • SIEM/Helpdesk operator
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Unified Policy & Single Console Events Collaboration • Logging, monitoring, event correlation & reporting in a single view. • Filter, search and report in seconds • Predefined graphical reports and customizable event views • 3rd party plug-n-play support of SIEM solutions Logs Reports
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Examines environment’s Security Gateways, Blades, Policies and configuration Settings in real- time to avoid human-error according to industry (Retail, Healthcare, Financial etc..) • Compared with Check Point extensive database of regulatory standards and security best practices to ensure security at the highest level.
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Automate daily Tasks and workflows to improve productivity e.g. • Policy installation and synchronization • using an orchestration tool deploy a new rulebase and objects). • Integrate deployment of Check Point Gateways with cloud templates Integrate Check Point products with other solutions (virtualization servers, ticketing systems etc…)
Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console IPS Firewall Antivirus Threat Extraction Threat Emulation Anti-bot
Security Gateways Designed for Gen V Cyber Security Next Generation Threat Prevention Technologies Advanced Network Security IPS Threat Emulation Threat Extraction Antivirus Anti-Bot Anti- Spam Firewall App Control URL Filtering DLP VPN Security & Threat Management Forensics Single Management Full Threat Visibility Reporting Compliance Identity Aware BRANCH PRIVATE CLOUD ACI HEADQUARTERS SCADA SYSTEMS MANAGEMENT CLOUD IaaS NETWORK Access Control Advanced Threat Prevention Segmentation SMALL OFFICE
FULL RANGE OF MOST ADVANCED THREAT PREVENTION Activate Advanced Threat Prevention Inspect encrypted (SSL) traffic Stronger and Future Proof !
Prevents Exploits of Known Vulnerabilities Enforce Protocol Specifications Detect Protocol Anomalies Signature based Engine How IPS Works
Hash based signature Engines Malware Feeds Blocks Access to Malware Sites How Antivirus Works Block Download of Known Malware
Stops traffic to remote operators Multi-tier PREVENT Bot Damage IDENTIFY Bot Infected Devices Reputation Patterns SP AM How Anti-Bot Works Identify and Isolate Infected Hosts to Prevent Bot Damage
Preconfigured tags/categories Allow, block or limit usage User identification How Application Control Works Granular Control Using Over 7,700 Pre-defined Applications
How URL Filtering Works Allow, Block or Limit Web Access Based on Time or Bandwidth
Granular Visibility of Users, Groups and Machines How Identity Awareness Works BRANCH CLOUD IaaS PRIVATE CLOUD ACI HEADQUARTERS RADIUS TERMINAL SERVER {REST} API KERBEROS AD QUERY IDENTITY AGENT REMOTE ACCESS CLIENTS IDENTITY COLLECTOR CISCO ISE TRUSTSEC Network IDENTITY SOURCES IDENTITY POLICY ENFORCEMENT
Involve Users Prevent Data Loss Open MultiSpect Detection Language 600+ data types 800+ file formats How DLP Works Inspect Sensitive Data Leaving Organizations in Real Time Detect Proprietary Documents
Virtual Systems Max Efficiency with Hardware Virtualization Consolidate Up To 250 Gateways To Secure Multiple Network Segments Unique Virtual System Load Sharing (VSLS) For Unmatched Availability
Multiple Security Group More And More Hardware Efficiency Support Up To 8 Segregated Installations On Separate Blades - Same Chassis Each Security Group Runs An Independent SMO With Its Own Software Version And Configuration Each Security Group Can Run Up To 250 Virtual Systems: 2,000 VSs in Total
© Check Point Software Technologies Ltd. ICS/SCADA
Over 800 SCADA commands in Application Control Security for ICS/SCADA Systems
MOBILE Cybersecurity Ecosystem Shared Threat Intelligence MANAGEMENT NETWORK CLOUD

Recommended

Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedCheck Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedMoti Sagey מוטי שגיא
 
Panda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri redusePanda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri reduseIDG Romania
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome KitLuca Simonelli
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 RadwareINFOTIME
 
Evaluating Network and Security Devices
Evaluating Network and Security DevicesEvaluating Network and Security Devices
Evaluating Network and Security Devicesponealmickelson
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 

Recommended

Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedCheck Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedMoti Sagey מוטי שגיא
 
Panda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri redusePanda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri reduseIDG Romania
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome KitLuca Simonelli
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 RadwareINFOTIME
 
Evaluating Network and Security Devices
Evaluating Network and Security DevicesEvaluating Network and Security Devices
Evaluating Network and Security Devicesponealmickelson
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosHaltdos
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
IT security solutions
IT security solutionsIT security solutions
IT security solutionsMechsoft Technologies LLC
 
Turning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceTurning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceDean Iacovelli
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint OverviewLeonardo Antichi
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAmazon Web Services
 
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...Alexander Kravchenko
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
IT security for busines
IT security for businesIT security for busines
IT security for businesAdi Saputra
 
Steve Porter : cloud Computing Security
Steve Porter : cloud Computing SecuritySteve Porter : cloud Computing Security
Steve Porter : cloud Computing SecurityGurbir Singh
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS ProtectionMarketingArrowECS_CZ
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAmazon Web Services
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Netdruid Presentation
Netdruid PresentationNetdruid Presentation
Netdruid Presentationnikhilpatil49
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

More Related Content

Similar to Checkpoint Portfolio.pptx

DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosHaltdos
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Turning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceTurning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceDean Iacovelli
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAmazon Web Services
 
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...Alexander Kravchenko
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
IT security for busines
IT security for businesIT security for busines
IT security for businesAdi Saputra
 
Steve Porter : cloud Computing Security
Steve Porter : cloud Computing SecuritySteve Porter : cloud Computing Security
Steve Porter : cloud Computing SecurityGurbir Singh
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAmazon Web Services
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Netdruid Presentation
Netdruid PresentationNetdruid Presentation
Netdruid Presentationnikhilpatil49
 

Similar to Checkpoint Portfolio.pptx (20)

DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentation
 
IT security solutions
IT security solutionsIT security solutions
IT security solutions
 
Turning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceTurning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conference
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
 
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
CHECK POINT 3100 NEXT GENERATION SECURITY GATEWAY FOR THE BRANCH AND SMALL OF...
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
IT security for busines
IT security for businesIT security for busines
IT security for busines
 
Steve Porter : cloud Computing Security
Steve Porter : cloud Computing SecuritySteve Porter : cloud Computing Security
Steve Porter : cloud Computing Security
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - Intel
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015
 
Netdruid Presentation
Netdruid PresentationNetdruid Presentation
Netdruid Presentation
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Checkpoint Portfolio.pptx

  • 1. © Check Point Software Technologies Ltd. © Check Point SoftwareTechnologies Ltd. SOLUTION PORTFOLIO This is an interactive slide deck. Use Click to drill down Click on to go back to main slide
  • 2. Where are we ? 2000 2010 2015 2017 THREA TS PROTECTIONS Networks Gen II Applications Gen III Payload Gen IV GRADE I GRADE II GRADE III GRADE V GRADE IV Virus 1990 Gen I Enterprises are between Gen 2-3 2.8 Mega Gen V
  • 4. 4 © Check Point SoftwareTechnologies Ltd. WHAT INGREDIENTS DO WE NEED ?
  • 5.
  • 6. Check Point Infinity Architecture Shared Threat Intelligence Consolidated Security Management MOBILE ENDPOINT Hybrid Cloud NETWORK Perimeter & Data centers Best Threat Prevention across entire enterprise CLOUD
  • 7. NETWORK Shared Threat Intelligence Consolidated Security Management Multi & Hybrid Cloud Headquarters Branch Access Control Multi Layered Security Advanced Threat Prevention Data Protection Access Control Multi Layered Security Advanced Threat Prevention Wi-Fi, DSL, PPoE Ready MOBILE Network Protection Device Protection App Protection Capsule WorkSpace/Docs Remote Access Secure Business Data Protect Docs Everywhere ENDPOINT Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents CLOUD Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Identity Protection Sensitive Data Protection Zero-Day Threat Protection End-to-end SaaS Security Applications
  • 8. THREAT EXTRACTION CPU-Level Detection Catches the most sophisticated malware before evasion techniques deploy O/S Level Emulation Stops zero-day and unknown malware in wide range of file formats Malware Malware Original Doc Safe Doc Threat Extraction Deliver safe version of content quickly SandBlast Network HOW IT WORKS
  • 9. Hacker Threat Intelligence • • The content is inspected for potential threats using KNOWN signatures/URL reputation • Malicious download/Exploit are blocked SandBlast Network HOW IT WORKS
  • 10. • For UNKNOWN attacks/browser exploits the content is sent for emulation in cloud or in designated local appliance • If the file identified as malicious, the mail is quarantined and the incident is reported to the administrator CPU Level Machine Learning Emulation Engine File/URL Reputation Push Forward Hacker Traps& Decoys SandBlast Network HOW IT WORKS Threat Intelligence
  • 11. • In parallel, a sanitized copy is sent to the user without any embedded objects, macros, Java Script Code and sensitive hyperlink • Post Emulation, If identified as benign, per the user request, the original attachment will be delivered to the user A sanitized file is sent MTA SandBlast Network HOW IT WORKS Threat Intelligence
  • 12. ELEMENTS IN NEED OF PROTECTION INCOMING MAIL BROWSING USERS EXPOSED SYSTEMS
  • 13. SANDBLAST THREAT EMULATION SANDBLAS T THREAT EXTRACTION Detects and blocks unknown malware and Zero-day attacks Proactively delivers safe, reconstructed files to avoid delays
  • 14. GET THE DATA NOT THE RISK Convert documents to PDF CONVERT MODE CLEAN MODE Retain file format, remove active content Fast delivery Preserve all text and visual content We recommend CONVERT MODE - for Word documents CLEAN MODE - for everything else DELIVER CLEAN ATTACHMENTS Threat Extraction for Documents Self-catered access to original files
  • 15. SMTP MAIL TRANSFER AGENT SMTP ANTI-SPAM MAIL SERVER MTA next hop = GW SMTP WHY MTA? • Guaranteed prevention • Threat Extraction support • SMTP TLS support • User interaction • Excellent stability and performance • Configuration granularity • Mail queue visibility and control • Continued improvements in R80.20 MTA next hop = Mail Server SMTP CHECK POINT GATEWAY
  • 16. WHERE TO DEPLOY YOUR MTA? ANTI-SPAM PERIMETER GW Mail Server DEDICATED GATEWAY OR PERIMETER GATEWAY Don’t impact perimeter gateway Reuse existing gateway ANTI-SPAM MT A GW Mail Server
  • 17. ELEMENTS IN NEED OF PROTECTION INCOMING MAIL BROWSING USERS EXPOSED SYSTEMS
  • 18. Evasion-resistant sandbox detection of malicious flash PUSH-FORWARD Threat Emulation dynamically drives Adobe Flash execution, forcing detonation if it’s malicious
  • 19. NETWORK PROTECTIONS IPS ANTI-VIRUS THREAT EMULATION THREAT EXTRACTION* * Coming in R80.20 BROWSING THREATS MALICIOUS DOWNLOADS BROWSER EXPLOITS CREDENTIAL THEFT ANTI-VIRUS THREAT EMULATION THREAT EXTRACTION ANTI-EXPLOIT ZERO PHISHING ANTI-RANSOMWARE ENDPOINT PROTECTIONS GA TEWA Y PROTECTING BROWSING USERS SANDBLAST NETWORK SA U N S D E B R LA S ST AGENT A TT ACKER
  • 20. WHAT IF A SYSTEM IS COMPROMISED? ANTI BOT Identify and contain infections
  • 22. ANTI-BOT: PINPOINT INFECTED HOSTS INFECTED HOST ATTACKER GATEWAY C&C when behind a proxy PROXY C&C PROBLEM Source IP = Proxy IP: 10.100.0.123 Blocked by Anti-Bot G GE ET T / /iin nd de ex x. .h ht tm mll H HT TT TP P/ /1 1. .1 1 HOST: www.example.com X-- F- O -- R -W --A -- R -D -- E -D : X -F ... HTTP REQUEST WITH XFF Correct IP written to log SOLUTION Turn on XFF PRIVACY CONCERNS? The gateway can wipe the internal IP .
  • 23. ANTI-BOT: PINPOINT INFECTED HOSTS when behind a DNS Server INFECTED HOST ATTACKER GATEWAY DNS QUERY IP: 10.100.0.123 Blocked by Anti-Bot PROBLEM Source IP = DNS Server DNS Server SOLUTION Turn on DNS TRAP DNS QUERY Resolve C&C domain 1 DNS response with predefined IP 2 Communication attempt with the predefined IP is pinpointed to the infected host 3
  • 24. Threat Intelligence Endpoint Blades SandBlast Mobile Anti-Bot Anti-Virus Application Control URL Filtering Threat Emulation IPS Collaboration Industry Feeds - URLs, Hashes, Domains - Virus Total indicators - Cyber Threat Alliance Data Mining - Campaign hunting Threat Intelligence Sensors Malware research Event Analysis Analysts Community CERTS AI 400 researchers & Analysts
  • 25. © Check Point SoftwareTechnologies Ltd. CloudGuard
  • 26. ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENT Check Point CloudGuard
  • 27. CloudGuard • New name for all our cloud security solutions including vSEC • Introduction of new SaaS/CASB offering • Introduction of Alibaba Cloud and Oracle Cloud offerings
  • 29. © Check Point Software Technologies Ltd. CloudGuard for SaaS
  • 30. CLOUDGUARD SAAS SAAS SECURITY IS ONE CLICK AWAY Identity Protection Protect Sensitive Data Zero-day threats Protection End-to-End SaaS Security
  • 31. Security Gateway SAAS PROVIDERS SECURITY STACK Prevent Account T akeovers Data Leak Prevention Reveal Shadow IT HOW IT WORKS API & AD … CloudGuard SaaS Documents encryption Zero-day Threats Protection
  • 32. Accesses App Accesses App Stolen ID Hacker Identify Device • Only users and devices with ID- Guard endpoint agent can login • Malicious login prevented even if the hacker has correct credentials • No user involvement PREVENT ACCOUNT TAKEOVER WITH CLOUDGUARD SAAS IDENTITY PROTECTION Identity Server ADFS, AzureAD, Okta Employee Identity Server ADFS, AzureAD, Okta
  • 33. • Collects network intelligence from on premise devices, Threat Cloud and SaaS • Prevents suspicious logins Example: seen in two locations, bad source IP reputation Accesses app Stolen credentials Hacker Intelligence PREVENT ACCOUNT TAKEOVER WITH CLOUDGUARD SAAS IDENTITY PROTECTION Agentless Mode Identity Server ADFS, AzureAD, Okta
  • 34. © Check Point SoftwareTechnologies Ltd. CloudGuard for IaaS
  • 35. ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENTS CHECK POINT CLOUDGUARD IAAS IN AN AGILE AND AUTOMATED NATURE
  • 36. CLOUD = SHARED RESPONSIBILITY Customer responsible for security in the cloud Customer Data Platform, Applications, IAM Operating System, Network and FW Configs Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System / Data) Network Traffic Protection (Encryption, Integrity, Identity) Cloud vendor responsible for security of the cloud Cloud Global Infrastructure Regions Availability Zones Edge Locations Compute Storage Database Networking
  • 37. CloudGuard IaaS • All the Advanced Threat Prevention features of Check Point Security R81 Management • For all these clouds ACI Gateways and plus: Automation and Orchestration Cross Environment Dynamic Policies Adaptive Security
  • 38. CloudGuard IaaS Advanced Protection Basic Firewall / Access Rule Firewall IPS App Control DLP Zero-Day Anti-bot Forensics Filtering Antivirus Threat Emulation Threat Extraction Multi-cloud VPN Identity Awareness Anti-Spam
  • 40. THE HUB & SPOKE ARCHITECTURE (TRANSIT) Cloud Northbound HUB Southbound HUB SPOKE 1 SPOKE 2 SPOKE N …. WWW VPN • Advanced threat protection on perimeter • North-South & East-West security is controlled by security admin • Inside spoke security controlled by DevOps
  • 41. MULTI & HYBRID CLOUD ENVIRONMENTS Southbound-HUB Southbound-HUB VPN WEB APP SPOKE-3 VPN DB AAD SPOKE-3 VPN WEB APP SPOKE-3 Southbound-HUB Azure Northbound-HUB ….. AWS Northbound-HUB ….. Google Northbound-HUB ….. VPN WWW
  • 42. CLOUDGUARD ADAPTIVE SECURITY Check Point Access Policy Rule From To Application Action 3 Web_SecurityGroup Object DB_VM Object MSSQL Allow 4 CRM_SecurityGroup Object SAP_SecurityGroup Object CRM Allow 5 AWS_VPC Object Azure_VNET Object ADFS Allow Drag & Drop dynamic policy with cloud objects
  • 43. © Check Point SoftwareTechnologies Ltd. CloudGuard for SDN
  • 44. CloudGuard for VMware NSX Hardware Hypervisor vm vm ESXi ESXi Security Management Server Hardware vSphere API NSX vSphere API NetX API vCente r Hypervisor vm vm CloudGuar d CloudGuar d
  • 45. © Check Point SoftwareTechnologies Ltd. CloudGuard for SDDC
  • 46. 72 © Check Point SoftwareTechnologies Ltd. CloudGuard Virtual Edition (VE) VMware ESXi CloudGuard Virtual Edition can be deployed as a security gateway to provide perimeter protection, segmentation, and inter-VM protection using standard routing configurations. Supported hypervisors
  • 47. © Check Point SoftwareTechnologies Ltd. CLOUDGUARD ECOSYSTEM
  • 49. © Check Point Software Technologies Ltd. MOBILITY
  • 50. MOBILE THREAT DEFENSE (MTD) Android Antivirus Apps Analysis / Emulation Network Threats (MiTM,…) OS Vulnerability Research MOBILE CONTENT MANAGEMENT (MCM) Document Repositories MOBILE APPLICATION MANAGEMENT (MAM) MOBILE INFORMATION PROTECTION Secure Container Dual Persona REMOTE ACCESS (Secure) Email Proxy Per-App VPN VDI / VMI Full-Device VPN / Profile MOBILE DEVICE MANAGEMENT (MDM) Documents Lifecycle Enterprise Apps / Store Apps White/Black - Listing Apps White/Black - Listing App Profile Management Device “Fleet” Management GEO-Location T racking Device Profiles (Settings) App Distribution HARMONY MOBILE CAPSULE VPN CAPSULE DOCS CAPSULE WORKSPACE CAPSULE WORKSPACE SSL VPN Native Containment
  • 53. HOW IT WORKS APP ANALYSIS (INFECTED APPS) CLOUD-BASED BEHAVIORAL RISK ENGINE ON DEVICE DETECTION OS EXPLOITS (JAILBREAK/ROOT) NETWORK ATTACKS (WIFI, BLUETOOTH) SMS ATTACKS REAL-TIME INTELLIGENCE, MONITORING AND CONTROL
  • 54.
  • 55. MOBILE THREAT DEFENSE (MTD) Android Antivirus Apps Analysis / Emulation Network Threats (MiTM,…) OS Vulnerability Research MOBILE CONTENT MANAGEMENT (MCM) Document Repositories MOBILE APPLICATION MANAGEMENT (MAM) MOBILE INFORMATION PROTECTION Secure Container Dual Persona REMOTE ACCESS (Secure) Email Proxy Per-App VPN VDI / VMI Full-Device VPN / Profile MOBILE DEVICE MANAGEMENT (MDM) Documents Lifecycle Enterprise Apps / Store Apps White/Black - Listing Apps White/Black - Listing App Profile Management Device “Fleet” Management GEO-Location T racking Device Profiles (Settings) App Distribution HARMONY MOBILE CAPSULE VPN CAPSULE DOCS CAPSULE WORKSPACE CAPSULE WORKSPACE SSL VPN Native Containment
  • 56. CAPSULE WORKSPACE | Architecture overview Corporate Servers Check Point Firewall with Mobile Access Blade Management Console Internet Mobile Device Wireless Networks MOBILE
  • 57. CAPSULE WORKSPACE | Simplify mobile security • Manage corporate data, not devices • A PIN unlocks a single app so you can ̶ Access email/calendar/PIM/Intranet securely ̶ Launch security-wrapped business apps ̶ Keep data encrypted at rest and in motion ̶ Track and require higher levels of access to docs ̶ Extend consistent security to iOS and Android ̶ Wipe corporate data on lost or stolen devices ̶ Capsule Workspace is integrated with Check Point Mobile Threat Prevention
  • 58. Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents ENDPOINT
  • 59. Identify and block unknown and zero- day threats Deliver clean documents in seconds Safeguard credentials from theft Accelerate understanding for better response Keeping endpoints safe from cyber extortion ADVANCED THREAT PREVENTION TECHNOLOGIES THREAT EMULA TION THREAT EXTRACTION ZERO PHISHING FORENSICS ANTI RANSOMWARE
  • 60. SANDBLAS T SERVICE Web downloads sent to remote SandBlast 1 Sanitized version delivered promptly 2 Original file emulated in the background 3 How SandBlast Agent Works
  • 61. Lookalike Characters Image Only Site Multiple T op-Level Domain Lookalike Favicon IP Reputation URL Similarity Title Similarity Visual Similarity Text Similarity Domain Reputation PHISHING SCORE: 95% User access to new site triggers review 1 Evaluation based on reputation and advanced heuristics 2 Verdict issued in seconds 3 Beware! Probable Phishing Attack How Zero-Phishing Works
  • 62. Corporate Credentials With so many credentials to remember… Users often re-use the same password Corporate Password Exposed How Credential Protection Works Preventing Reuse of Corporate Credentials
  • 63. How Forensics Works FORENSICS data continuously collected from various OS sensors 1 Report generation automatically triggered upon detection of network events or 3rd party AV 2 Digested incident report sent to SmartEvent 4 Processes Registry Network Files Advanced algorithms analyze raw forensics data 3
  • 64. How Anti-Ransomware Works ONGOING UPON DETECTION BEHAVIORAL ANALYSIS Constantly monitor for ransomware specific behaviors DA T A SNAPSHOTS Continuously create short- term file backups QUARANTINE Stop and quarantine all elements of the attack RESTORE Restore encrypted files from snapshots ANALYZE Initiate forensic analysis to analyze attack details RANSOMWARE PROTECTION IS ON
  • 65. ADVANCED THREAT PREVENTION TECHNOLOGIES THREAT EMULA TION THREAT EXTRACTION ZERO PHISHING FORENSICS ANTI RANSOMWARE BASELINE THREAT PREVENTION TECHNOLOGIES ACCESS CONTROL ANTI VIRUS ANTI BOT
  • 66. Secure Remote Mobile Access to corporate resources Security verification Compliance with regulatory requirements How Access Control Works Industry first Desktop Firewall and Application Control Secure endpoint access, data in transit and verify compliance
  • 67.  Lockdown infected machines • Block C&C communications • Prevent data exfiltration  Identify compromised hosts • Inside and outside the network • Pinpoint when inside the network  Detect the C&C Channel – and we know the host is infected  Block the C&C Channel – and we contain the malware Communications Blocked ANTI-BOT How Anti-Bot Works C&C Communications
  • 68. How Full Disk Encryption Works Windows and Apple Pre-Boot Authentication
  • 69. Business Data Segregation Seamless Experience Automatic data encryption and seamless access to authorized users Policy based automatic segregation End User Education Engage and educate users with UserCheck Non Business Data (E:) Business Data – Encrypted (F:) How Media Encryption Works Transparent security for information on storage drives
  • 70. Ensure that only authorized devices/ports can be used Get the benefit of a flexible blacklisting/whitelisting approach Use discovered devices for policy fine-tuning How Port Protection Works
  • 71. Share Select the authorized users and groups Classify Classify and set permissions according to your needs Encrypt Data Protect your documents with a single click Automatic protection for seamless user experience User Education and Engagement using UserCheck How Capsule Docs Works
  • 72. © Check Point Software Technologies Ltd. SECURITY MANAGEMENT
  • 73. NETWORK Shared Threat Intelligence Consolidated Security Management Hybrid Cloud n Headquarters Branch Access Control Access Control Data Protection Multi Layered Security Advanced Threat Preventio Multi Layered Security Wi-Fi, DSL, PPoE Ready Advanced Threat Prevention MOBILE Capsule WorkSpace/Docs App Protection Re Network Protection Sec Device Protection Prot mote Access ure Business Data ect Docs Everywhere ENDPOINT Access/Data Security Threat Prevention Access Control Anti-Ransomware Secure Media Forensics Secure Documents CLOUD Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Applications Advanced Zero-DThrayeatThrPereventioat P r o t e n c t i o n Adaptive Security Sensitive Data Protection Automation and End-O to r- che end stS ra a ta io S nSecurity Cross Environment IdenDytitynamProitcecPtoionlicies SmartEvent Compliance Unified Policy
  • 74. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Manage everywhere - all aspects of security on both physical, virtual and cloud based environments. • Manage everything from users to data to applications • Manage efficiently - All access points are now controlled in one place
  • 75. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Inline O r d e r e d Inline • Optimizing rule matching process - Only packets matching the Parent Rule will be checked against the rules of the Inline Layer • Reuse Layers in multiple Policies or multiple times in the same policy Ordered • Each layer performs one or more specific security actions • The layers will be matched top-down
  • 76. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Concurrent Administrators can work simultaneously on the same rulebase without conflict • Workflow and Auditing - All actions are monitored, logged and can be reviewed accordingly. • Granular admin delegation – dedicated policies for specific admins
  • 77. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Provisioning of security - segmenting security into multiple virtual domains Centralized management - manage security on a global level while ensuring separation of data for each of the protected business entities Granular, role-based administration - • access policy admin • Content inspection admin • SIEM/Helpdesk operator
  • 78. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Unified Policy & Single Console Events Collaboration • Logging, monitoring, event correlation & reporting in a single view. • Filter, search and report in seconds • Predefined graphical reports and customizable event views • 3rd party plug-n-play support of SIEM solutions Logs Reports
  • 79. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console • Examines environment’s Security Gateways, Blades, Policies and configuration Settings in real- time to avoid human-error according to industry (Retail, Healthcare, Financial etc..) • Compared with Check Point extensive database of regulatory standards and security best practices to ensure security at the highest level.
  • 80. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console Automate daily Tasks and workflows to improve productivity e.g. • Policy installation and synchronization • using an orchestration tool deploy a new rulebase and objects). • Integrate deployment of Check Point Gateways with cloud templates Integrate Check Point products with other solutions (virtualization servers, ticketing systems etc…)
  • 81. Consolidated Security Integration Compliance SIEM/SOC Scalability Layered Policy Delegation Collaboration Unified Policy & Single Console IPS Firewall Antivirus Threat Extraction Threat Emulation Anti-bot
  • 82. Security Gateways Designed for Gen V Cyber Security Next Generation Threat Prevention Technologies Advanced Network Security IPS Threat Emulation Threat Extraction Antivirus Anti-Bot Anti- Spam Firewall App Control URL Filtering DLP VPN Security & Threat Management Forensics Single Management Full Threat Visibility Reporting Compliance Identity Aware BRANCH PRIVATE CLOUD ACI HEADQUARTERS SCADA SYSTEMS MANAGEMENT CLOUD IaaS NETWORK Access Control Advanced Threat Prevention Segmentation SMALL OFFICE
  • 83. FULL RANGE OF MOST ADVANCED THREAT PREVENTION Activate Advanced Threat Prevention Inspect encrypted (SSL) traffic Stronger and Future Proof !
  • 84. Prevents Exploits of Known Vulnerabilities Enforce Protocol Specifications Detect Protocol Anomalies Signature based Engine How IPS Works
  • 85. Hash based signature Engines Malware Feeds Blocks Access to Malware Sites How Antivirus Works Block Download of Known Malware
  • 86. Stops traffic to remote operators Multi-tier PREVENT Bot Damage IDENTIFY Bot Infected Devices Reputation Patterns SP AM How Anti-Bot Works Identify and Isolate Infected Hosts to Prevent Bot Damage
  • 87. Preconfigured tags/categories Allow, block or limit usage User identification How Application Control Works Granular Control Using Over 7,700 Pre-defined Applications
  • 88. How URL Filtering Works Allow, Block or Limit Web Access Based on Time or Bandwidth
  • 89. Granular Visibility of Users, Groups and Machines How Identity Awareness Works BRANCH CLOUD IaaS PRIVATE CLOUD ACI HEADQUARTERS RADIUS TERMINAL SERVER {REST} API KERBEROS AD QUERY IDENTITY AGENT REMOTE ACCESS CLIENTS IDENTITY COLLECTOR CISCO ISE TRUSTSEC Network IDENTITY SOURCES IDENTITY POLICY ENFORCEMENT
  • 90. Involve Users Prevent Data Loss Open MultiSpect Detection Language 600+ data types 800+ file formats How DLP Works Inspect Sensitive Data Leaving Organizations in Real Time Detect Proprietary Documents
  • 91. Virtual Systems Max Efficiency with Hardware Virtualization Consolidate Up To 250 Gateways To Secure Multiple Network Segments Unique Virtual System Load Sharing (VSLS) For Unmatched Availability
  • 92. Multiple Security Group More And More Hardware Efficiency Support Up To 8 Segregated Installations On Separate Blades - Same Chassis Each Security Group Runs An Independent SMO With Its Own Software Version And Configuration Each Security Group Can Run Up To 250 Virtual Systems: 2,000 VSs in Total
  • 93. © Check Point Software Technologies Ltd. ICS/SCADA
  • 94. Over 800 SCADA commands in Application Control Security for ICS/SCADA Systems