1 ©2017 Check Point Software Technologies Ltd. ©2017 Check Point Software Technologies Ltd.

Lucas S. García | Security Engineer Ar Py Uy

garcial@checkpoint.com

UN VIAJE SEGURO HACIA LA NUBE

2 ©2017 Check Point Software Technologies Ltd.

WELCOME TO THE CLOUD

3 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

FROM DATA CENTER TO CLOUD

DATA CENTER

WHAT USED TO TAKE WEEKS TAKES MINUTES WITH CLOUD

CLOUD

4 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

THE CLOUD IS HERE

SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION

(Gartner)

ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017

(IDC)

GROWTH

40% OF IT BUDGETS WILL BE CLOUD-BASED BY 2018

(Forbes)

5 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

WHY CLOUD?

AGILITY

Fast to react

ELASTICITY

Fast to grow

6 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

CLOUD FUNDAMENTALS

Cloud is a shared environment

Cloud is a connected environment

Cloud is a dynamic environment

Therefore, cloud is vulnerable and exposed…

7 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

CLOUD SECURITY MUST BE ADAPTIVE

Legacy Security Cloud Security

Adding new application Add rule is a SHOWSTOPPER

Adaptive policy is an ENABLER

Security inside the cloud Network change is COMPLEX

SDN integration is AUTOMATIC

Application growth Replacing appliances is EXPENSIVE

Auto-Scale is EFFORTLESS

8 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

4 STEPS TO SECURE YOUR CLOUD

BUCKLE UP

9 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

STEP #1: CONTROL THE CLOUD PERIMETER

•Use advanced threat prevention at the cloud perimeter

•Securely connect your cloud with your on-premise environment

CLOUD

ON-PREMISE

10 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

STEP #2: SECURE THE CLOUD FROM THE INSIDE

•Micro-segment your cloud to control inside communication

•Prevent lateral threats movement between applications

App App

App App

11 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS

• Deploy unified security management for your hybrid cloud (On-Premise and Cloud)

• Ensure policy consistency

• Reduce operation cost

CLOUD

ON-PREMISE

12 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

STEP #4: AUTOMATE YOUR SECURITY

Security should be as elastic and dynamic as your cloud

• Auto-provisioned

• Auto-scaled

• Adaptive to changes

13 ©2017 Check Point Software Technologies Ltd.

TRAVEL TO THE CLOUD IN FIRST CLASS

[Protected] Non-confidential content 13 ©2017 Check Point Software Technologies Ltd.

14 ©2017 Check Point Software Technologies Ltd.

CHECK POINT CLOUD SECURITY PRINCIPLES

Utmost protection

Adaptive Security

Hybrid Infrastracture

15 ©2017 Check Point Software Technologies Ltd.

THE vSEC FAMILY

[Protected] Non-confidential content

ACI

Consistent security policy and control across ALL Private and Public Clouds

16 ©2017 Check Point Software Technologies Ltd.

vSEC ADVANCED PROTECTION

Access Rule

vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE

Next Generation Firewall

Application and Data Security

Advanced Threat Prevention

Forensic Analysis

Cloud Vendor

17 ©2017 Check Point Software Technologies Ltd.

CISCO ACI

[Protected] Non-confidential content

SECURITY INSIDE YOUR CLOUD

Securing the datacenter from the inside is now simple with SDN

Micro segment the datacenter with advanced protection between applications

App App

App App

18 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

ADAPTIVE SECURITY

vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve.

•Security that learns about application changes

•Auto-scaled virtual security

•Pay-as-you-grow for private and public cloud Telefonica:

“vSEC adaptive security is a game changer.”

19 ©2017 Check Point Software Technologies Ltd.

Check Point Access Policy

Rule From To Application Action

3 Finance_App1 (vCenter Object)

Database_Group

(NSX SecGroup) MSSQL Allow

4 HR_App2 (Open StackObject)

Finance_Group (ACI EndPoint Group)

CRM Allow

5 User_ID SAP_App (AWS Object)

SAP Allow

ADAPTIVE SECURITY

Reduce Firewall Tickets by 60%

20 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content

SUCCESS More than 1,000 customers purchased vSEC in 2016

20 ©2017 Check Point Software Technologies Ltd.

21 ©2017 Check Point Software Technologies Ltd.

XERO is a global online accounting firm servicing over 1M accounts in AWS

vSEC secures all their accounts in AWS

Allegiant makes leisure travel affordable

vSEC secures their new NSX-based Private Cloud

HAPPY CUSTOMERS

[Protected] Non-confidential content 21 ©2017 Check Point Software Technologies Ltd.

22 ©2017 Check Point Software Technologies Ltd.

THE CYBER SECURITY ARCHITECTURE OF THE FUTURE

THE F IRST CONSOLIDATED SECURITY ACROSS NETWORKS , CLOUD , AN D MOBILE , PROVIDING THE HIGHEST LEVEL OF THR EAT

PR EVENTION .

Introducing

23 ©2017 Check Point Software Technologies Ltd.

ONE SECURITY PLATFORM

PREEMPTIVE THREAT PREVENTION

CONSOLIDATED SYSTEM

MOBILE CLOUD THREAT PREVENTION

24 ©2017 Check Point Software Technologies Ltd.

TRAVEL TO THE CLOUD IN FIRST CLASS

[Protected] Non-confidential content 24 ©2017 Check Point Software Technologies Ltd.

Utmost Protection, Adaptive Security , Hybrid Infrastructure

25 ©2017 Check Point Software Technologies Ltd. ©2017 Check Point Software Technologies Ltd.

THANK YOU

Itai Greenberg | Head of Cloud Security BU