Check Point 3D Security

Transcription

1 Check Point 3D Security Combining Policies, People and Enforcement for Unbeatable Protection John Vecchi Head of WW Product Marketing 2011 Check Point Software Technologies Ltd. [Unrestricted] For everyone

2 On Data Center Consolidation Private Cloud 1 28% have one 30% plan one CIOs will virtualize 55% of production servers next year, up from 42% this year 2 1 Information Week, June Morgan Stanley, June

3 % Penetration Mobile Workforce Growth Enterprise Mobile Device Population Market penetration over time Mobile Population Anchored Desktop Group 2009/2010 3

4 On Data Loss 81% Percentage of companies breached who were not PCI compliant. Percentage of outbound that contains content which poses a legal, financial or regulatory risk. 20% 31% Percentage of customers who end their relationship with a company if they are affected by a breach. 4

5 On Data Proliferation 650% Estimated enterprise data growth in the next five years.* 5

6 On Complexity and Point-Product Sprawl Biggest IT Security Challenges Which of the following are the biggest information/network security challenges facing your company? Managing the complexity of security 51% Enforcing security policies 35% Preventing data breaches from outside attackers 29% Preventing data theft by employees or other insiders 23% The requirement to manage security complexity grows steadily each year. InformationWeek 2010 Survey of security decision makers 6

7 On Governance, Risk and Compliance Most Influential Factors On Security Program Which of the following factors have the greatest influence on your information security program? Industry and/or government compliance mandates 60% Our security group s assessment of threats and risks the company faces 42% Information security best practices 37% Threats and risks associated with business models or processes 26% Compliance has the greatest influence on information security costs. InformationWeek 2010 Survey of security decision makers 7

8 2011: Information Technology Trends INFRASTRUCTURE: CONSOLIDATION, VIRTUALIZATION, CLOUDIZATION MOBILITY DATA LOSS 8

9 The big question 9

10 Security is More than Disparate Point Products SECURITY = A COLLECTION OF SECURITY TECHNOLOGIES 10

11 Security is a Business Enabler SECURITY SHOULD BECOME A BUSINESS PROCESS PRESS TO SECURE 11

12 CHECK POINT TAKES SECURITY TO THE NEXT DIMENSION 12

13 INTRODUCING 2011 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties 13

14 Security as a business process Policy that focuses on business needs Security that involves people Consolidated into a single view 14

15 FIRST DEFINE THE PROCESS & POLICIES 15

16 Security as a Business Process Data Access Policy Awareness Program Change Management Mobile Access Policy Network Usage Policy Incident Handling Process Data Classification Exception Management Audit Program SECURITY POLICIES & PROCESS 16

17 Check Point 2011 TOOLS TO RUN THE SECURITY BUSINESS PROCESS THE SECURITY EXPERTISE NEEDED R75: the first version to focus on 3D Security! 17

18 Introducing 4 New Software Blades R75 Network Security Suite 18

19 EXAMPLE NETWORK ACCESS MANAGEMENT 19

20 Use Business Terminology? Using different IP addresses Using different devices Using different locations Using different applications 200,000 SECURITY LOGS Flickr/iklash 20

21 Business Terminology TURN DATA INTO SECURITY INFORMATION. SIMPLE, MEANINGFUL INSIGHTS 21

22 Check Point R75 in Action Identity Awareness Application Control People Vs. IP Address Policy based on business needs 22

23 3D HERE SECURITY: IS AN SECURITY THAT EXAMPLE INVOLVES PEOPLE 23

24 Today s Typical User Involvement NO EXPLANATION NO RESOLUTION 24

25 People Taking Part in Security EXPLANATION RESOLUTION 25

26 People are Part of Security with R75 Data Loss Prevention Alert An that you have just sent has been identified as containing sensitive information. An that you have just sent has been allowed based on DLP policy exception. Application Data Loss Prevention Usage Alert Alert You An are trying that you to use have Skype. just sent has been identified as containing sensitive information. Corporate application use policy does not allow the use of Skype. If An you require that Skype you have access just sent for has business, been allowed please based click on Explain DLP policy below. exception. For additional details, please refer to the Corporate Data Security Policy Corporate For additional Proper details, Use please Policy refer to the Corporate Data Security Policy USERS REMEDIATE EVENTS IN REAL-TIME! 26

27 3D SECURITY: GAIN CONTROL 27

28 Consolidate Security ALL LAYERS OF SECURITY ACT TOGETHER 28

29 3D Security: More Than Technology MOVE BEYOND TECHNOLOGY TO AN EFFECTIVE BUSINESS PROCESS STEP UP TO MULTI-DIMENSIONAL AND INTEGRATED SECURITY SOLUTIONS TAKE SECURITY TO THE NEXT LEVEL 29

30 INTRODUCING CHECK POINT R75 NETWORK SECURITY SUITE 30

31 Introducing 4 New Software Blades R75 Network Security Suite CHECK POINT R75 MAKES 3D SECURITY A REALITY BY COMBINING POLICIES, PEOPLE AND ENFORCEMENT 31

32 IP-Based Policy Challenges Access from Anywhere USERS NO LONGER BELONG TO SPECIFIC NETWORKS! 32

33 IP-Based Policy Challenges Several devices per person TOO MANY IP ADDRESSES AND NETWORKS TO MANAGE! 33

34 Granular security per user, user-group and machine SECURITY FOLLOWING THE USER! 34

35 INTRODUCING... CHECK POINT IDENTITY AWARENESS ACCURATE SECURITY INTUITIVE MANAGEMENT FULL INTEGRATION 35

36 Check Point UserCheck Technology EDUCATE AND ENGAGE END-USERS Application Usage Alert You are trying to access YouTube. Corporate application use policy limits YouTube access to business use only in order to save bandwidth. Please select and confirm your use-case: Educates users on risk and usage policies Makes control more practical Personal, Business, or Cancel 36

37 Application Detection and Usage Controls IDENTIFY, ALLOW, BLOCK OR LIMIT USAGE OF APPLICATIONS AT USER OR GROUP LEVEL 37

38 Introducing Check Point AppWiki WORLD S LARGEST APPLICATION CLASSIFICATION LIBRARY Over 4,500 applications Over 100,000 social-network widgets Grouped in over 80 categories (including Web 2.0, IM, P2P, Voice & Video, File Share) a p p w i k i. c h e c k p o i n t. c o m 38

39 Introducing Check Point Data Loss Prevention CHECK POINT COMBINES TECHNOLOGY AND PROCESSES TO MAKE DLP WORK John, Corporate Strategy Green World Strategy Plan 2010 Data Loss Prevention Alert An that you have just sent has been Let s review quarantined. the corporate strategy in our morning meeting. Reason: attached document contains confidential internal data PREVENT MOVE FROM DETECTION TO PREVENTION EDUCATE USERS ON CORPORATE DATA POLICIES The message is being held until further action. Send, Discard, or Review Issue ENFORCE DATA LOSS BUSINESS PROCESSES 39

40 Mobile Access Software Blade EASY ACCESS TO AND APPLICATIONS 40

41 SIMPLE FOR END-USER Tap Check Point Mobile Enter your password Gain secure access to your data! 41

42 360º Visibility into All Security Events 42

43 Granular Control of All Security Layers IPS Mobile Access DLP Application Control Granular Visibility SmartEvent Identity Awareness 43

44 Check Point 3D Next-Gen Firewall FW & VPN Software Blades IPS Software Blade Application Control Software Blade Identity Awareness Software Blade Antivirus & Anti-Malware Software Blade URL Filtering Software Blade DLP Software Blade Power-1 SmartEvent Software Blade Unified Event Analysis SmartWorkflow Software Blade Policy Change Management Smart-1 CHECK POINT UNIFIED SECURITY MANAGEMENT 44

45 Industry-Leading IPS CHECK POINT SETS A NEW STANDARD IN LATEST NSS GROUP IPS TEST The Check Point IPS Software Blade outperformed nearly every vendor in overall accuracy and blocking: 97.3% security effectiveness Multi-gigabit rated throughput of 2.4Gbps 100% anti-evasion coverage 45

46 Summary IT S TIME TO REDEFINE SECURITY MAKE SECURITY A BUSINESS PROCESS LEVERAGE THE LARGEST DEDICATED SECURITY PARTNER 46