Csa Summit 2017 - Un viaje seguro hacia la nube
-
Upload
csa-argentina -
Category
Technology
-
view
138 -
download
4
Transcript of Csa Summit 2017 - Un viaje seguro hacia la nube
1 ©2017 Check Point Software Technologies Ltd. ©2017 Check Point Software Technologies Ltd.
Lucas S. García | Security Engineer Ar Py Uy
UN VIAJE SEGURO HACIA LA NUBE
3 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
FROM DATA CENTER TO CLOUD
DATA CENTER
WHAT USED TO TAKE WEEKS TAKES MINUTES WITH CLOUD
CLOUD
4 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
THE CLOUD IS HERE
SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION
(Gartner)
ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017
(IDC)
GROWTH
40% OF IT BUDGETS WILL BE CLOUD-BASED BY 2018
(Forbes)
5 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
WHY CLOUD?
AGILITY
Fast to react
ELASTICITY
Fast to grow
6 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
CLOUD FUNDAMENTALS
Cloud is a shared environment
Cloud is a connected environment
Cloud is a dynamic environment
Therefore, cloud is vulnerable and exposed…
7 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
CLOUD SECURITY MUST BE ADAPTIVE
Legacy Security Cloud Security
Adding new application Add rule is a SHOWSTOPPER
Adaptive policy is an ENABLER
Security inside the cloud Network change is COMPLEX
SDN integration is AUTOMATIC
Application growth Replacing appliances is EXPENSIVE
Auto-Scale is EFFORTLESS
8 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
4 STEPS TO SECURE YOUR CLOUD
BUCKLE UP
9 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
STEP #1: CONTROL THE CLOUD PERIMETER
•Use advanced threat prevention at the cloud perimeter
•Securely connect your cloud with your on-premise environment
CLOUD
ON-PREMISE
10 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
STEP #2: SECURE THE CLOUD FROM THE INSIDE
•Micro-segment your cloud to control inside communication
•Prevent lateral threats movement between applications
App App
App App
11 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS
• Deploy unified security management for your hybrid cloud (On-Premise and Cloud)
• Ensure policy consistency
• Reduce operation cost
CLOUD
ON-PREMISE
12 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
STEP #4: AUTOMATE YOUR SECURITY
Security should be as elastic and dynamic as your cloud
• Auto-provisioned
• Auto-scaled
• Adaptive to changes
13 ©2017 Check Point Software Technologies Ltd.
TRAVEL TO THE CLOUD IN FIRST CLASS
[Protected] Non-confidential content 13 ©2017 Check Point Software Technologies Ltd.
14 ©2017 Check Point Software Technologies Ltd.
CHECK POINT CLOUD SECURITY PRINCIPLES
Utmost protection
Adaptive Security
Hybrid Infrastracture
15 ©2017 Check Point Software Technologies Ltd.
THE vSEC FAMILY
[Protected] Non-confidential content
ACI
Consistent security policy and control across ALL Private and Public Clouds
16 ©2017 Check Point Software Technologies Ltd.
vSEC ADVANCED PROTECTION
Access Rule
vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE
Next Generation Firewall
Application and Data Security
Advanced Threat Prevention
Forensic Analysis
Cloud Vendor
17 ©2017 Check Point Software Technologies Ltd.
CISCO ACI
[Protected] Non-confidential content
SECURITY INSIDE YOUR CLOUD
Securing the datacenter from the inside is now simple with SDN
Micro segment the datacenter with advanced protection between applications
App App
App App
18 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
ADAPTIVE SECURITY
vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve.
•Security that learns about application changes
•Auto-scaled virtual security
•Pay-as-you-grow for private and public cloud Telefonica:
“vSEC adaptive security is a game changer.”
19 ©2017 Check Point Software Technologies Ltd.
Check Point Access Policy
Rule From To Application Action
3 Finance_App1 (vCenter Object)
Database_Group
(NSX SecGroup) MSSQL Allow
4 HR_App2 (Open StackObject)
Finance_Group (ACI EndPoint Group)
CRM Allow
5 User_ID SAP_App (AWS Object)
SAP Allow
ADAPTIVE SECURITY
Reduce Firewall Tickets by 60%
20 ©2017 Check Point Software Technologies Ltd. [Protected] Non-confidential content
SUCCESS More than 1,000 customers purchased vSEC in 2016
20 ©2017 Check Point Software Technologies Ltd.
21 ©2017 Check Point Software Technologies Ltd.
XERO is a global online accounting firm servicing over 1M accounts in AWS
vSEC secures all their accounts in AWS
Allegiant makes leisure travel affordable
vSEC secures their new NSX-based Private Cloud
HAPPY CUSTOMERS
[Protected] Non-confidential content 21 ©2017 Check Point Software Technologies Ltd.
22 ©2017 Check Point Software Technologies Ltd.
THE CYBER SECURITY ARCHITECTURE OF THE FUTURE
THE F IRST CONSOLIDATED SECURITY ACROSS NETWORKS , CLOUD , AN D MOBILE , PROVIDING THE HIGHEST LEVEL OF THR EAT
PR EVENTION .
Introducing
23 ©2017 Check Point Software Technologies Ltd.
ONE SECURITY PLATFORM
PREEMPTIVE THREAT PREVENTION
CONSOLIDATED SYSTEM
MOBILE CLOUD THREAT PREVENTION
24 ©2017 Check Point Software Technologies Ltd.
TRAVEL TO THE CLOUD IN FIRST CLASS
[Protected] Non-confidential content 24 ©2017 Check Point Software Technologies Ltd.
Utmost Protection, Adaptive Security , Hybrid Infrastructure