The data center circa 1936. Fort Know was built in 1936, stores about 5000 tons of US gold reserves.It has complex layered defenses: video, guards, massive vault doors, fortress structure, complete with minefieldsHardened perimeter (layered), very controlled access, high value assets in one locationIt is quite the impressive structure for protecting valuablesSo what does Fort Know have to do with data centers?Think about the data center it holds the valuable assets of a corporation, Fort Know held valuable assets of the USABoth pursue a multi-layered security approachBut Fort Knox was designed to lock things away securely away from everyone, protected.Today the data center has quite the opposite trend as it is becoming arguably more open to support the business.
Check Point Product Architecture IPS / FW – access control i.e. looking at port, source and destination. Ex. Block FTP, allow http, etc.Identity Awareness – looks at IP address & user – if there is one it assigns an identity, if not it moves up the stackSSL – Decrypt packet so content inspection can be doneContent Inspection – DLP, AV, Anti-Bot, Anti Spam, IPS, App Control URLF
PAN is vulnerable to cache poisoning. As an example a SIP session could initially be blocked accurately but by taking advantage of the cache poisoning vulnerability, a SIP session could bypass a PAN gateway.The vulnerability could be exploited as follows:Ports are open with firewall policyOpening a Session Initiation Protocol typically used with VoIP communications is correctly blockedGenerate http traffic which causes the cache to hit it threshold – meaning traffic is going through the cacheGenerate another SIP connection and it’s allowed Background: A Session Initiation Protocol (SIP) connection is a Voice over Internet Protocol (VoIP) service. A SIP connectiontypically uses the same Internet access that is used for data. Users should be aware that a SIP connection can be used as a channel for attacking the company's internal networks, similar to Web and Email attacks.
Check Point provides a simple, intuitive search. Searches are entered in the system using basic English.Check Point yields results quickly, bringing instant visibility to potentially related events.
Check Point makes policy creation simple.Security policies are easily viewed within tabs and policy creation is a simple, 1-step process.A Check Point customer recently told us, “With Fortinet, we had 2000 rules combined. When we went to Check Point were able to consolidate them to 230 rules. For us, the way we had it sitting in middle of our network, It was frustrating that you had to write a policy 6 different times. You couldn’t drag drop objects – had to do it manually” Major U.S. Financial Institution