Beruflich Dokumente
Kultur Dokumente
Static workloads
Manually intensive
Hybrid Cloud
Private Cloud Public Cloud
Forensic Analysis
Forensics
Identity
Firewall IPS App Control Awareness VPN Multi-cloud
Public
Cloud
Hybrid
Cloud SDN
Private
Cloud
ACI
©2018 Check Point Software Technologies Ltd. 9
R80.10 & Cloudguard controler : THE REAL DIFFERENCE
API CLI
Connectors Automation
Orchestrati Scripts
on
CISCO ACI
Automating security
inside the Datacenter
©2018 Check Point Software Technologies Ltd. 12
Use Case : Shared Operations Private Cloud
Ordered layers for secure delegation
Managed by
Security
For control
Automation for Agility
Managed by A A A A A A
Devops
p p p p p p
p p p p p p
Automated A
p
p
A
p
p
A
p
p
A
p
p
A
p
p
A
p
p
DevOps and IT Security Easy to secure and connect Applications are protected
speaks the same language Multi-clouds application with the best security
Security
Firewall
Application
Control
URLF Visibility
Scalability
Anti-Virus
IPS
Threat
Emulation
Anti-Bot
Orchestration
©2018 Check Point Software Technologies Ltd. 17
CLOUD SECURITY BLUEPRINT - ARCHITECTURE
Northbound
Hub
Southbound Hub
VPN
Cloud
Northbound-HUB
CloudGuard IaaS
• Southbound security deployed Auto-Scale
CloudGuard
IaaS-1
….. CloudGuard
IaaS-N
in high-availability
• Supported Clouds
Load Balancer
SPOKE-1 SPOKE-2
Load Balancer
SPOKE-3 … SPOKE-N
WWW
• Azure Transit- vNET
• AWS Transit - VPC
CloudGuard IaaS
Cluster
Corporate
CloudGuard
IaaS - 1
CloudGuard
IaaS - 2
VPN
Southbound-HUB
Southbound-HUB
Azure Google
Northbound-HUB Northbound-HUB
….. …..
VPN
DB AAD SPOKE-3 WEB APP SPOKE-3
VPN VPN
Southbound-HUB Southbound-HUB
VPN
PROTECTION
Headquarters AT THE SPEED
Remote Employees Branch OF DEVOPS