Contenu connexe Similaire à Csa Summit 2017 - Un viaje seguro hacia la nube (20) Plus de CSA Argentina (20) Csa Summit 2017 - Un viaje seguro hacia la nube1. 1©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd.
Lucas S. García | Security Engineer Ar Py Uy
garcial@checkpoint.com
UN VIAJE SEGURO HACIA LA NUBE
3. 3©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
FROM DATA CENTER TO CLOUD
DATA CENTER
WHAT USED TO TAKE WEEKS TAKES MINUTES WITH CLOUD
CLOUD
4. 4©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
THE CLOUD IS HERE
SECURITY
SECURITY IS THE MAIN
INHIBITOR FOR CLOUD
ADOPTION
(Gartner)
ADOPTION
80% OF ENTERPRISES ARE
COMMITTED TO CLOUD
STRATEGY BY 2017
(IDC)
GROWTH
40% OF IT BUDGETS
WILL BE CLOUD-
BASED BY 2018
(Forbes)
5. 5©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
WHY CLOUD?
AGILITY
Fast to react
ELASTICITY
Fasttogrow
6. 6©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
CLOUD FUNDAMENTALS
Cloud is a shared environment
Cloud is a connected environment
Cloud is a dynamic environment
Therefore, cloud is vulnerable and exposed…
7. 7©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
CLOUD SECURITY MUST BE ADAPTIVE
Legacy Security Cloud Security
Adding new application Add rule is a
SHOWSTOPPER
Adaptive policy is an
ENABLER
Security inside the cloud Network change is
COMPLEX
SDN integration is
AUTOMATIC
Application growth Replacing appliances is
EXPENSIVE
Auto-Scale is
EFFORTLESS
8. 8©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
4 STEPS TO SECURE YOUR CLOUD
BUCKLE UP
9. 9©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
STEP #1: CONTROL THE CLOUD PERIMETER
•Use advanced threat prevention
at the cloud perimeter
•Securely connect your cloud with
your on-premise environment
CLOUD
ON-PREMISE
10. 10©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
STEP #2: SECURE THE CLOUD FROM THE INSIDE
•Micro-segment your cloud to
control inside communication
•Prevent lateral threats
movement between applications
App App
App App
11. 11©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
STEP #3: MANAGE CONSISTENT SECURITY
FOR HYBRID ENVIRONMENTS
• Deploy unified security management for
your hybrid cloud (On-Premise and Cloud)
• Ensure policy consistency
• Reduce operation cost
CLOUD
ON-PREMISE
12. 12©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
STEP #4: AUTOMATE YOUR SECURITY
Security should be as elastic
and dynamic as your cloud
• Auto-provisioned
• Auto-scaled
• Adaptive to changes
13. 13©2017 Check Point Software Technologies Ltd.
TRAVEL TO THE CLOUD IN FIRST CLASS
[Protected] Non-confidentialcontent 13©2017 Check Point Software Technologies Ltd.
14. 14©2017 Check Point Software Technologies Ltd.
CHECK POINT CLOUD SECURITY PRINCIPLES
Utmost protection
Adaptive Security
Hybrid Infrastracture
15. 15©2017 Check Point Software Technologies Ltd.
THE vSEC FAMILY
[Protected] Non-confidentialcontent
ACI
Consistent security policy
and control across ALL
Private and Public Clouds
16. 16©2017 Check Point Software Technologies Ltd.
vSEC ADVANCED PROTECTION
Access Rule
vSEC PROTECTS YOUR DATA AND APPLICATIONS
WITH THE INDUSTRY’S BEST THREATS CATCH-RATE
Next Generation Firewall
Application and Data Security
Advanced Threat Prevention
Forensic Analysis
Cloud
Vendor
17. 17©2017 Check Point Software Technologies Ltd.
CISCO ACI
[Protected] Non-confidentialcontent
SECURITY INSIDE YOUR CLOUD
Securing the datacenter
from the inside is now
simple with SDN
Micro segment the
datacenter with advanced
protection between
applications
App App
App App
18. 18©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
ADAPTIVE SECURITY
vSEC Adaptive Security instantly protects new
applications and keeps them secure as they evolve.
•Security that learns about application changes
•Auto-scaled virtual security
•Pay-as-you-grow for private and public cloud
Telefonica:
“vSEC adaptive security is a game changer.”
19. 19©2017 Check Point Software Technologies Ltd.
Check Point Access Policy
Rule From To Application Action
3 Finance_App1
(vCenter Object)
Database_Group
(NSX SecGroup)
MSSQL Allow
4 HR_App2
(Open StackObject)
Finance_Group
(ACI EndPoint Group)
CRM Allow
5 User_ID SAP_App
(AWS Object)
SAP Allow
ADAPTIVE SECURITY
Reduce Firewall Tickets by 60%
20. 20©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent
SUCCESS
More than 1,000 customers purchased vSEC in 2016
20©2017 Check Point Software Technologies Ltd.
21. 21©2017 Check Point Software Technologies Ltd.
XERO is a global online accounting firm
servicing over 1M accounts in AWS
vSEC secures all their accounts in AWS
Allegiant makes leisure
travel affordable
vSEC secures their new
NSX-based Private Cloud
HAPPY CUSTOMERS
[Protected] Non-confidentialcontent 21©2017 Check Point Software Technologies Ltd.
22. 22©2017 Check Point Software Technologies Ltd.
THE CYBER SECURITY ARCHITECTURE OF THE FUTURE
THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD,
AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT
PREVENTION.
Introducing
23. 23©2017 Check Point Software Technologies Ltd.
ONE SECURITY
PLATFORM
PREEMPTIVE
THREAT PREVENTION
CONSOLIDATED
SYSTEM
MOBILE CLOUD THREAT PREVENTION
24. 24©2017 Check Point Software Technologies Ltd.
TRAVEL TO THE CLOUD IN FIRST CLASS
[Protected] Non-confidentialcontent 24©2017 Check Point Software Technologies Ltd.
Utmost Protection, Adaptive Security , Hybrid Infrastructure
25. 25©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd.
THANK YOU
Itai Greenberg | Head of Cloud Security BU