Contenu connexe Similaire à End to End Security - Check Point Similaire à End to End Security - Check Point (20) End to End Security - Check Point2. 11/7/2018 2www.secdata.com
CHECK POINT – FROM THE CLOUD TO THE END POINT
• Check Point were established in 1993 and are key vendor for SecureData
• SecureData hold the highest accreditation – 4 Star Elite Partner
• Why Check Point ? It is important for organisation to protect all network entry points, Check Point
offer solutions to cover multiple areas. You can no longer focus on the traditional edge protection
model.
• SecureData have worked with Check Point for many years and are able to work with the whole
solution portfolio
3. 3©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
Edward Smart | Channel Manager UK
& all points in between
FROM THE CLOUD TO THE END POINT
4. 4©2018 Check Point Software Technologies Ltd.
THE ERA OF DIGITAL TRANSFORMATION
CONNECTING
TO THE CLOUD
AND MOBILE
5. 5©2018 Check Point Software Technologies Ltd.
#1 Taxi company
owns no cars
#1 Accommodation
company owns
no real estate
#1 media provider
creates no content
#1 fastest growing
TV network lays
no cables
#1 Valuable retailer
has no inventory
DISRUPTIVE BUSINESS MODELS
6. 6©2018 Check Point Software Technologies Ltd.
THE INFRASTRUCTURE IS CHANGING NOW
CLOUD
MOBILE
SERVER
IOT
VIRTUALISATION
7. 7©2018 Check Point Software Technologies Ltd.
FOR THE BAD ACTORS AS
WELL AS THE GOOD GUYS
CHANGES CREATE NEW
OPPORTUNITIES
8. 8©2018 Check Point Software Technologies Ltd.
Security is the biggest
barrier to IoT adoption
Security Concerns Continue
Amid Cloud Adoption
Cybersecurity Is Biggest Risk
of Autonomous Cars
ITPRO
InformationWeek
Bloomberg
“
”
“
“
”
”
9. 9©2018 Check Point Software Technologies Ltd.
WAS 2017 A CYBER-SECURITY
WAKE-UP CALL ?
WannaCry
Thousands of enterprises in over 99 countries
NotPetya
Completely shutting down an entire country and
impacting over 60 more
11. 11©2018 Check Point Software Technologies Ltd. 11©2018 Check Point Software Technologies Ltd.
Generations of Attacks and Protections
Gen I
Late 1980s –
PC attacks - standalone
Virus
Gen II
Mid 1990s –
Attacks from the internet
Networks
Gen III
Early 2000s -
Exploiting vulnerabilities
in applications
Applications
The Anti Virus
The Firewall
Intrusion
Prevention (IPS)
Gen IV
2010 -
Polymorphic Content
Payload
SandBoxing
and Anti-Bot
12. 12©2018 Check Point Software Technologies Ltd.
Where are we ?
1990 2000 2010 2015 2017
THREATS
PROTECTIONSNetworks
Gen II
Applications
Gen III
Payload
Gen IV
GRADE I
GRADE II
GRADE III
GRADE V
GRADE IV
Virus
Gen I
Enterprises
are between
Gen 2-3
2.8
Mega
Gen V
13. 13©2018 Check Point Software Technologies Ltd. 13©2018 Check Point Software Technologies Ltd.
2018 – GEN V OF ATTACKS
Large scale (across country and industry)
State-sponsored technologies
Multi-vector (network, cloud, mobile)
14. 14©2018 Check Point Software Technologies Ltd. 14©2018 Check Point Software Technologies Ltd.
GEN IV PROTECTION IS NO LONGER
ENOUGH!
Gen IV
PAYLOAD
SandBoxing
and Anti-Bot
2010 -
Polymorphic Content
WE NEED PREVENTION (NOT-JUST DETECTION)
COVERING OUR WEAKEST POINTS – CLOUD, MOBILE
REAL-TIME ACTION
15. 15©2018 Check Point Software Technologies Ltd.
PATCHWORK OF POINT
SOLUTIONS.
COMPLEX SOLUTIONS
WITH UNCERTAIN
SECURITY COVERAGE.
Most security
technologies today stay
• Looking for
yesterday’s signatures
• Detection instead
of prevention
ONE STEP
BEHIND
16. 16©2018 Check Point Software Technologies Ltd.
THE TRADITIONAL APPROACH
Virus > < Anti-Virus
Malicious Websites > < URL Filtering
Intrusion > < Intrusion Prevention
Botnet > < Anti-Bot
High Risk Applications > < Application Control
17. 17©2018 Check Point Software Technologies Ltd.
Introducing GEN 5 PROTECTION
Against MEGA ATTACKS
18. 18©2018 Check Point Software Technologies Ltd.
CONVERTING INTELLIGENCE INTO PROTECTION
ENFORCEMENT LAYER
THREAT PREVENTION
ENDPOINT
SECURITY
NETWORK SECURITY
GATEWAY
MOBILE
SECURITY
VIRTUAL
SYSTEMS
CLOUD
SECURITY
CONTROL LAYER
MANAGEMENT LAYER SINGLE MANAGEMENT
19. 19©2018 Check Point Software Technologies Ltd. 19©2018 Check Point Software Technologies Ltd.
WHAT INGREDIENTS DO WE NEED ?
20. 20©2018 Check Point Software Technologies Ltd.
SS7 ATTACK
PREVENTION
LARGE SCALE
MANAGEMENT
MOBILE MAN
IN THE MIDDLE
ATTACK
MEMORY
ANALYSIS
PUBLIC-CLOUD
AUTOPROVISION
THREAT
EXTRACTION
NETWORK
ENCRYPTION
REST APIs ORCHESTRATION
CPU LEVEL
SANDBOX
ADAPTIVE
CLOUD
SECURITY
CLOUD
SECURITY
AUTO-SCALE
21. 21©2018 Check Point Software Technologies Ltd. 21©2018 Check Point Software Technologies Ltd.
MAKING GEN V POSSIBLE
SS7 ATTACK
PREVENTION
LARGE SCALE
MANAGEMENT
MOBILE MAN
IN THE
MIDDLE
ATTACK
MEMORY
ANALYSIS
PUBLIC-CLOUD
AUTOPROVISION
THREAT
EXTRACTION
NETWORK
ENCRYPTION
REST APIs ORCHESTRATION
CPU LEVEL
SANDBOX
ADAPTIVE
CLOUD
SECURITY
CLOUD
SECURITY
AUTO-SCALE
22. ©2018 Check Point Software Technologies Ltd.
HOW DO WE MOVE
TO GEN V OF
SECURITY?
23. 23©2018 Check Point Software Technologies Ltd.
You Need a Small Army of Security Technologies
Machine
Learning
CPU-Level
Sandboxing
24. 24©2018 Check Point Software Technologies Ltd.
THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS,
CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL
OF THREAT PREVENTION.
THE CYBER SECURITY ARCHITECTURE OF THE FUTURE
25. 25©2018 Check Point Software Technologies Ltd.
ACROSS ALL NETWORKS, CLOUDS AND MOBILE
ONE SECURITY
PLATFORM
Leveraging unified
threat intelligence
& open interfaces
PREEMPTIVE
THREAT PREVENTION
Blocking the most
sophisticated attacks
before they happen
Single Management,
Modular Policy
Management & integrated
threat visibility
CONSOLIDATED
SYSTEM
T H E C Y B E R S E C U R I T Y A R C H I T E C T U R E O F T H E F U T U R E
26. 26©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
CLOUDGUARD
SAAS
PROTECTING ANY CLOUD,
ANY SERVICE, ANYWHERE
27. 27©2018 Check Point Software Technologies Ltd.
New Cloud Service Protects Enterprise SaaS Apps
28. 28©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
SAAS SECURITY IS
ONE CLICK AWAY
Identity
Protection
Protect
Sensitive Data
Zero-day threats
Protection
End-to-End
SaaS Security
29. 29©2018 Check Point Software Technologies Ltd.
Security Gateway
SAAS PROVIDERS
SECURITY STACK
Prevent
Account
Takeovers
Data Leak
Prevention
Reveal
Shadow IT
HOW IT WORKS
API & AD
…
CloudGuard SaaS
Documents
encryption
Zero-day
Threats
Protection
30. 30©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
THREAT PROTECTION
Prevent malware and zero-day
threats from getting into SaaS apps
Block phishing emails for
Office 365 and Gmail
31. 31©2018 Check Point Software Technologies Ltd.
AWARD-WINNING
THREAT PROTECTION
TECHNOLOGY
Threat Emulation
The only evasion resistant
CPU-Level sandbox
Threat Extraction
Proactive prevention
through file sanitation
Anti Phishing for Email
Advanced protection
of user emails
Anti-Virus
Protection against known
malware
32. 32©2018 Check Point Software Technologies Ltd.
API: New File
Detected
Quarantine
file
THREAT PREVENTION
FOR SAAS APPS
HOW IT WORKS
• Attackers shares or emails data
• Insider shares or emails sensitive data
• Detected content is quarantined, un-
shared or encrypted
• The solution is deployed as an add-
on to the SaaS application
Hacker
Shares / emails
malicious content
Scan
File
Found
malware
CloudGuard SaaS
Threat Prevention
33. 33©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
IDENTITY PROTECTION
ID-Guard technology identifies
imposturous access
Blocks unauthorized users and
devices, on mobile and PCs
34. 34©2018 Check Point Software Technologies Ltd.
Identity Server
ADFS, Azure AD, Okta
ACCOUNT TAKEOVER
HOW IT WORKS?
• Attacker uses phishing, password
spraying, or malware to steal
credentials
• Attacker authenticates against an
Identity Federation Service
Hacker
Accesses App
Stolen
credentials
35. 35©2018 Check Point Software Technologies Ltd.
Accesses
App
Accesses
App
Stolen ID
Hacker
Identify Device
• Only users and devices with ID-Guard
endpoint agent can login
• Malicious login prevented even if the
hacker has correct credentials
• No user involvement
PREVENT ACCOUNT
TAKEOVER WITH
CLOUDGUARD SAAS
IDENTITY PROTECTION
Identity Server
ADFS, Azure AD,
Okta
Employee
Identity Server
ADFS, Azure AD,
Okta
36. 36©2018 Check Point Software Technologies Ltd.
• Collects network fromThreat Cloud
and SaaS
• Prevents suspicious logins
Example: seen in two locations,
bad source IP reputation
Accesses app
Stolen
credentials
Hacker
Intelligence
PREVENT ACCOUNT
TAKEOVER WITH
CLOUDGUARD SAAS
IDENTITY PROTECTION
Network Only Mode
Identity Server
ADFS, Azure AD,
Okta
37. 37©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
DATA PROTECTION
Documents shared Email Chat
Block sharing of sensitive data
and files
Force encryption of sensitive data
38. 38©2018 Check Point Software Technologies Ltd.
API: New File
Detected
Unshare file
DATA PROTECTION
FOR SAAS APPS
HOW IT WORKS
• Attackers shares or emails data
• Insider shares or emails sensitive
data
• Detected content is quarantined,
un-shared or encrypted
• The solution is deployed as an
add-on to the SaaS application
Shares sensitive content
Scan
File
Found a
sensitive
financial report
CloudGuard SaaS
Employee
Data Leak
Prevention
39. 39©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
END-TO-END SECURITY
Sync policies between gateways,
mobile, and CloudGuard SaaS
Unify management across gateways,
endpoints, and Cloud
40. 40©2018 Check Point Software Technologies Ltd.
Shared intelligence and threat prevention
across networks, mobile, cloud
One unified system to fully block the
attack
CLOUDGUARD SAAS
END-TO-END SECURITY
• On premise security gateways
report employees behavior &
location
• IP reputation intelligence feeds
cross Check Point customers
• Mobile/PC endpoint suites detect
malware and OS exploits to
condition SaaS access
• Shadow IT reporting with Check
Point SmartEvent and AppControl
41. 41©2018 Check Point Software Technologies Ltd.
PROTECT A MULTITUDE OF SAAS APPS
WITHIN MINUTES
42. 42©2018 Check Point Software Technologies Ltd.
• Protects home-brewed SaaS apps
with advanced threat prevention
• RESTful threat prevention APIs
PROTECT YOUR APPS
WITH CLOUDGUARD API
CloudGuard SaaS
Malware
detected
Send file for
inspection
API call –
Scan file
Zero-Day Protection
43. 43©2018 Check Point Software Technologies Ltd.
CLOUDGUARD SAAS
SAAS SECURITY IS
ONE CLICK AWAY
Identity
Protection
Protect
Sensitive Data
Zero-day threats
Protection
End-to-End
SaaS Security
44. 44©2018 Check Point Software Technologies Ltd.
SUMMARY
SAAS ATTACKS ARE
HAPPENING AS WE SPEAK
CLOUD APPS ARE AT RISK
DUE TO ADVANCED
EXTERNAL THREATS, AND
ACCOUNT TAKEOVER
CLOUDGUARD SAAS – THE
ONLY PREVENTIVE SECURITY
SOLUTION FOR ALL CLOUD
APPLICATIONS
45. 45©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
CLOUDGUARD
IAAS
BROADEST SECURITY FOR
CLOUD-BASED DATA
CENTERS
46. 46©2018 Check Point Software Technologies Ltd.
COMPREHENSIVE SECURITY ARCHITECTURE
Headquarters
Remote Employees Branch
Private Cloud & SDN SAASPublic IAAS
47. 47©2018 Check Point Software Technologies Ltd.
CLOUD IS TAKING OVER THE WORLD
CLOUD DIVERSITY
67% OF ENTERPRISES ARE IN
HYBRID CLOUD MODEL.
MULTI CLOUD BECOMING THE
NORM
RightScale
SECURITY
40% OF ENTERPRISES RATE
CLOUD SECURITY AS
SIGNIFICANT CHALLENGE
RightScale 2017
48. 48©2018 Check Point Software Technologies Ltd.
Source: Gartner
RAPID ADOPTION OF CLOUD SERVICES
0
20
40
60
80
100
120
2016 2017 2018 2019 2020
Revenue(US$Billion)
Worldwide Cloud Services Revenue Forecast
Platform-as-a-Service
SaaS
Public Cloud
50. 50©2018 Check Point Software Technologies Ltd.
Traditional Security Not Designed for Cloud
Static workloads
Manually intensive
DevOps don't know Security
IT Security doesn't know Cloud
51. 51©2018 Check Point Software Technologies Ltd.
• Cloud applications are everywhere
Perimeter security is not enough – we need security
inside the cloud
• Cloud applications are elastic
Legacy security is static
• DevOps wants agile environment
Security is a showstopper
LEGACY SECURITY ARCHITECTURE NOT
DESIGNED FOR CLOUD
52. 52©2018 Check Point Software Technologies Ltd.
CLOUD = SHARED RESPONSIBILITY
Customer
responsible for
security in the
cloud
Customer Data
Platform, Applications, IAM
Operating System, Network and FW Configs
Client-side Data
Encryption & Data
Integrity Authentication
Server-side Encryption
(File System / Data)
Network Traffic
Protection (Encryption,
Integrity, Identity)
Cloud vendor
responsible for
security of the
cloud
Cloud Global
Infrastructure
Regions
Availability Zones
Edge Locations
Compute Storage Database Networking
53. 53©2018 Check Point Software Technologies Ltd.
NO Unified Management for all Clouds & Traditional Data Center
NO Threat Prevention in real time (L4-L7 protections)
NO Identity based authentication access to applications
NO URL Filtering
NO Threat Extraction and Zero-day Sandboxing
WHERE CLOUD NATIVE SECURITY FALLS SHORT
54. 54©2018 Check Point Software Technologies Ltd.
Lateral threat movements
Data breach due to misconfiguration
Abuse of cloud services
API hacking
Malicious insiders
THIS MIGHT EXPOSE YOU TO…
55. 55©2018 Check Point Software Technologies Ltd.
ADVANCED THREAT PREVENTION FOR CLOUD ENVIRONMENTS
INTRODUCING CHECK POINT CLOUDGUARD IAAS
IN AN AGILE AND AUTOMATED NATURE
56. 56©2018 Check Point Software Technologies Ltd.
ACI
Consistent security
policy and control
across ALL Public and
Private Clouds
57. 58©2018 Check Point Software Technologies Ltd.
CLOUDGUARD IAAS BUILDING BLOCKS
Centralized Management
Advanced Threat
Prevention
Cloud
Diversity
DevOps
Ready
Adaptive and
Automatic
59. 60©2018 Check Point Software Technologies Ltd.
• Agile - security architecture that enables DevOps innovation
• Efficient – automatically deploy, provision, & scale security in the Cloud
•
• Multi-Clouds – unified security architecture for all environments
CHECK POINT’S CLOUD SECURITY BLUEPRINT
60. 61©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
SANDBLAST AGENT
ENDPOINT SOLTUTION
ENDPOINT PROTECTION
REMOTE EMPLOYEES
61. 62©2018 Check Point Software Technologies Ltd.
Protecting employees’ endpoints while connecting
from remote locations & working from home
ENDPOINT PROTECTION
REMOTE EMPLOYEES
• Augments traditional AV at the endpoint
• Prevents evasive attacks
• Phishing via zero day sites
• Protection for web downloads
• Preventing reuse of corporate credentials
• Anti exploit protection during run time
• Breach containment
• Detect and quarantine infected devices
• Automated Forensics and remediation
• Dedicated Anti Ransomware solution
62. 63©2018 Check Point Software Technologies Ltd.
Browser Extension
Web downloads
Threat Extraction &
Threat Emulation
File-System Monitor
Any file copied or created
e.g. from USB, network shares, …
Threat Emulation
ZERO-DAY PROTECTION – IN TWO LAYERS
SANDBLAST SERVICE
Cloud or Appliance
[Restricted] ONLY for designated groups and individuals
63. 64©2018 Check Point Software Technologies Ltd.
ELIMINATE ZERO DAY MALWARE AT THE ENDPOINTZERODAYPROTECTIONDEMO
Web downloads
sent to SandBlast
cloud
Original file
emulated in the
background
Sanitized version
delivered
promptly
SANDBLAST SERVICE
Cloud or Appliance
WWWDOC
DOC
64. 65©2018 Check Point Software Technologies Ltd.
ANTI RANSOMWARE
Prevent the most EVASIVE and
ZERO-DAY ransomware variants
INCLUDED with SandBlast Agent
or as a STANDALONE solution
Safely RECOVER encrypted data
65. 66©2018 Check Point Software Technologies Ltd.
HOW
ANTI-RANSOMWARE
WORKS
BEHAVIORAL
ANALYSIS
Constantly
monitors for
ransomware
specific behaviors
DETECT
ENCRYPTION
Identifies
systematic
illegitimate file
encryption
DATA
SNAPSHOTS
Continuously
create short-term
file backups on
hidden partition on
the hard drive
ON GOING
RANSOMWARE
QUARANTINE
All elements of the
attack are
identified by
forensic analysis
and then
quarantined
DATA
RESTORATION
Encrypted files are
automatically
restored from
snapshots
UPON DETECTION
RANSOMWARE PROTECTION IS ON
66. 67©2018 Check Point Software Technologies Ltd.
Check Point SandBlast
Recommended for Security Effectiveness and Value
2017 NSS Breach Prevention Systems Test
©2016 Check Point Software Technologies Ltd.
100% Breach Prevention
System Combined Score
100% Protection against
Social Exploits
100% Protection against
Drive-By exploits
100% Protection against
HTTP Malware
100% Protection against
Email Malware
100% Protection against Off-
Line infections
0.0% False Positives &
99.2% Evasions
A Leading TCO: $14
Price/protected Mbps
67. 68©2018 Check Point Software Technologies Ltd.
©2016 Check Point Software Technologies Ltd.
NSS Security Value Map
Breach Prevention System (BPS) Test – 2017
68. 69©2018 Check Point Software Technologies Ltd.
©2016 Check Point Software Technologies Ltd.
Forrest Wave
Endpoint Security Suites – Q2 2018
69. 70©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
MOBILE
SECURITY
70. 71©2018 Check Point Software Technologies Ltd.
MOBILE – THE
WEAKEST LINK
IN OUR
ENTERPRISES
with jailbroken or
rooted devices
74%
89%
Experienced a
man-in-the-middle
attack over Wi-Fi
OF ALL
ORGANIZATIONS
ARE INFECTED WITH
MOBILE MALWARE
100%
Source: Check Point Mobile Threat Prevention | N=850 Check Point customers, each protecting more than 500 devices
71. 72©2018 Check Point Software Technologies Ltd.
DAMAGES
Tracking
Location
Stealing
Emails
Stealing
Contacts list
Microphone
Recordings
Taking
Photos
Stealing
Passwords
Hijacking
Messages
72. 73©2018 Check Point Software Technologies Ltd.
ZERO-DAY MALWARE
MitM ATTACKS OVER Wi-Fi
SECURE BROWSING
SMS ATTACKS
DEVICE SETTINGS
BLUETOOTH
INFECTED APPS
OS EXPLOITS
73. 74©2018 Check Point Software Technologies Ltd.
INDUSTRY’S WIDEST SET OF MOBILE INTEGRATIONS
NEW!
74. 75©2018 Check Point Software Technologies Ltd.
HOW IT WORKSHOW IT WORKS
Behavioral Risk Engine
Real-Time Intelligence
and Control
Check Point Protect App
75. 76©2018 Check Point Software Technologies Ltd. 76©2018 Check Point Software Technologies Ltd.
MOBILE
Threat Intelligence
ENDPOINT
HEADQUARTERS
LAN
BRANCH
Access Protection
Baseline Threat
Prevention
Advanced Threat
Prevention
Media
Encryption
Full Disk
Encryption
Advanced
Threat
Prevention
Inbound
Outbound
Access Control
Data
Protection
Multi Layered
Security
MGMT -
VPN
IDA
LAN
Network Protection
Device Protection
App Protection
Capsule
WorkSpace/Docs
Remote Access
Secure Business
data
Protect docs
everywhere
CLOUD
Infrastructure Applications
Advanced
Threat Prevention
Adaptive Security
Anti-Ransomware
Forensics
Threat Prevention
Access/Data Security
Access Control
Secure Media
Secure Documents
ENDPOINT
Identity Protection
Sensitive Data Protection
Zero-Day Threat Protection
End-to-end SaaS Security
Automation and
Orchestration
Multi-Cloud
Hybrid Cloud
Cross Cloud
Dynamic Policies
Access
Control
Advanced
Threat Prevention
Segmentation
76. 77©2018 Check Point Software Technologies Ltd.
EFFICIENT EVERYWHEREEFFECTIVE
THE SECURITY
YOU
DESERVE
77. 78©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd.
THANK YOU
78. 11/7/2018 79www.secdata.com
CHECK POINT – FROM THE CLOUD TO THE END POINT
• Attacks are constantly evolving
• Protection is required across multiple entry points to the organisation
• Check Point offer a complete portfolio to cover these areas
• Questions?