Organisations move their workloads and applications to the cloud to maximise the underlying physical resources available, while enabling business agility and resiliency.
The nature of virtualisation introduces a new security risk—traffic that moves between virtual machines (VMs)within the cloud.
Precautions taken within the cloud are primarily designed to protect the entire cloud infrastructure, rather than the traffic that flows between VMs. Cloud providers are not responsible for securing customer traffic streams. This responsibility lies with the organisation that uses cloud resources under a concept known as the shared responsibility model.
Organisations that leverage the cloud for their IT operations must secure workload and application traffic at the VM level. This requires looking at both inter-cloud security, as the perimeter of an organisation’s cloud environment can change at any time when VMs are moved, as well as intra-cloud security, especially when attacks can propagate between VMs.
Check Point CloudGuard
Check Point CloudGuard extends traditional Threat Prevention in to Cloud Environments, protecting them against all variants of attacks including viruses, bots, application attacks and zero-day threats. With rapid deployment and autoscaling capabilities, CloudGuard protects the cloud against sophisticated attacks.
Check Point Threat Prevention Utilises 3 Layers of Protection.
- Next Generation Protection: Enable Firewall, VPN, Identity Awareness, Intrusion Prevention, Application Control, URL Filtering, Anti-Virus, Anti-Bot, Anti-Spam, Content Awareness, Network Policy Management, Logging and more security management features to protect your virtualised machines.
- Threat Prevention: Includes multi-layered protection from known, signature-based threats including Antivirus, Anti-Bot, IPS, App Control, URL Filtering and Identity Awareness.
- Threat Extraction: Protect against unknown threat using Threat Emulation and Threat Extraction. Any unknown data is extracted in flight and analysed for threats while a neutralised replication of the data is passed to the user, removing the potential for threats to occur.
Check Point constantly drive security innovation forward by leveraging deep threat intelligence to understand and overcome attackers. Check Point’s Threat Cloud logs information globally, so that when Sandblast uncovers an unknown Threat anywhere in the world, every Sandblast user is then protected against it.
Centralised Management through Check Point R80.20 allows Network Administrators to control access points through a single console, simultaneously without the need to queue tasks. SmartEvent correlates logs from all Check Point products, including CloudGuard, to identify suspicious activity, track trends and investigate events.
Why Customers buy Check Point CloudGuard
Universal Threat Detection
Check Point’s Threat Cloud connects intelligence feeds from every single Check Point user worldwide, to feeds from a huge range of partners, giving the industries deepest level of threat awareness and ensuring that your network is constantly updated.
Check Point CloudGuard can be deployed in minutes, simply choose the desired package and enable all relevant security protections to start protecting your public cloud environment.
Centralised Management across Cloud and On-Premise Infrastructures
Check Point CloudGuard is managed using your existing on-premise Check Point Unified Security Management solution. A consistent security policy is enforced for corporate assets across both your public cloud and on-premises infrastructures, all from a single console.
Dynamic and Automated Policy
CloudGuard integrates with all leading public cloud management solutions to absorb and leverage contextual information about the infrastructure. Cloud-defined elements such as asset tags, objects, security groups and more are updated in real-time, allowing CloudGuard to automatically adjust security policies to any changes in your dynamic cloud environment.
Consolidated Logs and Reporting for Hybrid Cloud Environments
CloudGuard public cloud security unifies threat visibility and enforcement across your cloud and on-premises infrastructures. CloudGuard also enhances forensic analysis by consolidating logging and reporting into a consistent event-level view, dramatically simplifying compliance and audits.