Self-Checkpoint: An In-Memory Checkpoint Method Using Less ...
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security...
-
Upload
randolf-gordon -
Category
Documents
-
view
219 -
download
0
Transcript of ©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security...
©2003–2008 Check Point Software Technologies Ltd. All rights reserved.
TOTALSECURITY™
CheckPoint new security architecture and R70 highlights
2©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
What organizations wantWhat organizations want
total securitysecurity
flexible securitysecurity
simple securitysecurity
Total security across all enforcement points
The right protectionat the right investment
Ease of deploymentEase of management
3©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Introducing Check Point R70Introducing Check Point R70
with New Software Blade Architecture
4©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
What is a software blade?What is a software blade?
A software blade is a security building block
Independent Modular Centrally managed
5©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
How does it work?How does it work?
Select a container Select the blades Configure the system
6©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Two options to construct your solutionTwo options to construct your solution
Option 1:A La Carte
Option 2:Pre-Defined Systems*
SG1031 core
3 blades
SG4074 cores7 blades
SG8058 cores5 blades
*Examples
7©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Total SecurityComplete Security & Management PortfolioTotal SecurityComplete Security & Management Portfolio
Security Gateway Blades
Security Management Blades
8©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Customer BenefitsCustomer Benefits
Total security across all enforcement points Custom configuration for the right security at
the right investment Simple planning, fast deployment
Ease of consolidation– Add/activate blades easily into existing
infrastructure– Segregation of duties in a single system– Dedicate system resources per software blade
Simple migration and scaling
TOTALTOTALFLEXIBLEFLEXIBLESIMPLESIMPLESECURITYSECURITY
MIGRATION MIGRATION CONSOLIDATIONCONSOLIDATION
LOWER
TCOLOWER
TCO
9©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Check Point R70Check Point R70
Debut of Check Point Software Blade Architecture
NEW Check Point Security Gateway R70
IPS Blade: IPS Redefined
10©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Check Point Security Gateway R70The Evolution ContinuesCheck Point Security Gateway R70The Evolution Continues
Main-train release featuring Software Blade architecture
New IPS Software BladeNew IPS Software Blade
Improved Core Firewall Performance Improved Core Firewall Performance
New Provisioning Software Blade New Provisioning Software Blade
11©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Check Point IPS BladeCheck Point IPS Blade
Debut of Check Point Software Blade Architecture
NEW Check Point Security Gateway R70
IPS Software Blade: Next Generation Integrated Intrusion Prevention
12©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Check Point IPS BladeCheck Point IPS Blade
Check Point IPS Blade:• Complete intrusion prevention integrated
with firewall• Enterprise-class performance• Comprehensive and dynamic management
13©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
IPS Increases Threat ControlIPS Increases Threat Control
14©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
New Threat Control EngineNew Threat Control Engine
Utilizing multiple methods of detection and analysis for Utilizing multiple methods of detection and analysis for accurate and confident securityaccurate and confident security
• Pre-emptive and accurate detection via NEW! multi-method signature & behavioral prevention engine.
• Wide protection coverage for both server and client vulnerabilities.
• Protection profiles with attack severity, confidence, and performance settings to automatically set protections to Detect or Prevent.
• Open language for writing protections and protocol decoders.
• Application Identification for application policy enforcement.
15©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Complete Intrusion ProtectionComplete Intrusion Protection
Protection against server vulnerabilities
Protection against client & OS vulnerabilities
Protection against malware and worm infections
Block stealthy P2P and IM applications
Prevent buffer overflow attacks
Protection against network reconnaissance gathering
Only gateway with IPS across product line Only gateway with IPS across product line
16©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Performance
17©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
R70 Performance EnhancementsR70 Performance Enhancements
CoreXL
IPS Engine
Firewall
Deeper multi-core integration Multi-tier IPS filtering engine
– quickly filters ~90% of traffic
Filter attacks only on the relevant sections of the traffic– reduce overhead– Reduce false positives
Performance Improvements in Secure Platform OS
Netw
ork
Secure Platform
Netw
ork
IPS Engine
Firewall
…
18©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Ensure Total System PerformanceEnsure Total System Performance
Ensure firewall performance withload threshold safety-valve
Automatically activate protectionsbased on your criteria:
• Estimated performance impact• Severity level• Confidence level
19©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
New Threat Management RequirementsNew Threat Management Requirements
Manage High Volume of IPS Events
Manage in Real Time Manage across
multiple Security functions
Adapt to Constantly Evolving Threat Environment
20©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
IPS Software Blade Timeline View IPS Software Blade Timeline View
Easily isolate important information
Quickly go from high-level business view to detailed forensics Quickly go from high-level business view to detailed forensics
21©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
IPS Protection BrowserIPS Protection Browser
Easily Browse, Search, Set Protections• Easy navigation through protection list• Detailed protection description• Review attributes: Severity, Attack Confidence, Performance Impact, Release Data, Industry Reference• View and adjust protection settings – Prevent, Detect, Inactive• Keyword search: easily find Attack, Protection, Category, CVE…
22©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
‘Sandbox’ New Protections‘Sandbox’ New Protections
Gain confidence in protections:Automatically
‘sandbox’ new protections in ‘Detect Only’ mode untilyou are ready to put them
in Prevent mode.
23©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Extensive Graphs and ReportsExtensive Graphs and Reports
Meet Compliance and Management Information NeedsMeet Compliance and Management Information Needs
24©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties
Check Point R70 SummaryCheck Point R70 Summary
Debut of Check Point Software Blade Architecture
NEW Check Point Security Gateway R70
IPS Blade: Next Generation Intrusion Prevention
©2003–2008 Check Point Software Technologies Ltd. All rights reserved.
TOTALSECURITY™
Thank You!