20. More Security, Additional Power
About Check Point
The Security You Want
The Performance You Need
[Confidential] For designated groups and individuals
DLP
Software Blade
Application
Control
Software Blade
IPS
Software Blade
FW & VPN
Software Blades
URL Filtering
Software Blade
Antivirus
Software Blade
Identity
Awareness
Software Blade
Anti-Bot
Software Blade
Security Appliance
23. Top Design Principles
for Check Point Appliances
Best Security
Optimized for
Software Blades
24. Appliances From Check Point
PERFORMANCE New Features & Performance
SECURITY Consolidate Security
Optimized for Software Blades
SCALABILITY Any Business & Environment
Growing Security Threats
Sophisticated security solutions are required
Increased Demand for Network Performance
More Power and higher bandwidth
Simple, effective and Manageable
Consolidated and scalable security solutions
Network Architecture from existing brand
City Represents Enterprise, SMB, and Consumers
Global element
8
9
Threats have been growing exponentially every year and they are become more intelligent and sophisticated .
Networks need protection against all of these growing threats.
As security has evolved over the years, Check Point has evolved with it. We invented the stateful firewall technology and brought it to market. That became the foundation of all firewalls, traditional and next generation. We then added VPN to our firewall to secure data in transit.
As we saw on the horizon that additional security software would be needed to be integrated into the security gateways, we arrived at a very unique software blade architecture that allowed our customers to add more security technology to the same security gateway without any compromise to security performance. This allowed us to add in integrated access control technologies like application control and URL filtering to safeguard employees from risky sites.
We added data loss prevention to educate and remediate employees on how to safely and securely share corporate documents.
We also provide DDOS protection to ensure that this type of attack doesn’t impact organizations.
We also integrated a compliance blade to our gateways to help organizations easily adhere to regulations and leverage best practice recommendations.
And as companies move their data and services to public, hybrid and private clouds we’re there to protect them with high performance security appliances, cloud security and with security for virtual environments.
Our security now extends from corporate headquarters to remote mobile devices with unified policy management for network and mobile employees. And we offer our gateway appliance solutions to support the smallest of small businesses to the very largest of companies.
Threat intelligence comes from ThreatCloud.
In 2012, Check Point established ThreatCloud-- the first collaborative platform to fight cybercrime
TC translates threat intelligence into protections to address this very problem.
ThreatCloud is the biggest global network to fight cybercrime
As threats have evolved so has our technology. Where threats are concerned, we are all in this fight together. We have created the largest collaborative threat prevention cloud that collects input from 100’s of check point researchers, industry feeds and our own Check Point gateway sensors, the most extensive in geography and deployment. We call it ThreatCloud. Once it collects the intelligence, it translates it into real-time protections that are implemented in the Check Point gateways to stop threats.
We also have created an intelligence marketplace with TC IntelliStore that gives organizations more protection and access to unique intelligence feeds that may be relevant to their industry, geography or specific attack types.
Beyond protecting against the known threats, we have also innovated to build threat emulation technologies so that we can protect you against unknown malware. Today, IPS, Antivirus and Anti-Bot are effective technologies against known malware. But hackers create variants to evade signature-based detection.
To detect these unknown variants and to find zero-day attacks we run the malware in a virtual sandbox to detect and prevent these malicious files. As these unknowns are found and become known, we feed the information to our ThreatCloud and then update other gateways so that all of our customers have the most up to date protection.
In order to overcome the challenges we need more security functions and this requires much more power from the appliance
These are the design principles when designing Check Point appliances
The 13000 Appliances is a totally scalable platform with a nice variety of network interface options – up to 26 1GbE, 12 -10GbE or (coming soon!) 2 -40 GbE Ports
There’s no downtime with Integrated Redundancy and Serviceability --so you don’t have to take the appliance down to swap hard drives, fans or power supplies- they’re all hot-swappable.
And it’s very easy to manage with Lights Out Management, a nice graphical LCD display as well as console, management and USB ports.
Check Point offers a full line of security appliances delivering integrated security ranging from the small offices all the way up to the large data centers and high-end enterprises.
Here’s the performances specs of the 21000 with the Security Acceleration Module –you get the famous sub 5 micro seconds of latency perfect for financial institutions, 110Gbps of Firewall, 50Gbps of VPN, 60 million packets per second and a really significant number of connections per second – 300,000!
We are excited to raise the bar even further with the fastest security platform – the Check Point 61000
This slide provides an overview of the datacenter portfolio showing each appliances with its SPU performance.
As can be seen the 41000 and the 61000 provides significantly higher performance given their multi-blade architecture.
This slides provide a more detailed comparison between 61000 and 41000.
As can be seen typically the performance of the 41000 will be 1/3 of the 61000 given the amount of utilized blades (4 in 41000 v 12 in 61000).
This slide provides a comparison between the 61000 and the 41000.
As can be seen the 41000 allows between 1 to 4 Security blades (SGM260) while the 61000 allows between 1 to 12 Security blades (SGM260).
In the networking side, 41000 allows between 1 to 2 Switching blades (SSM160) while the 61000 allows between 1 to 4 Switching blades (SSM160)
Threat Emulation is provided as a cloud service.
Organizations can set up any gateway running R77 in their environment to inspect incoming files over email or web (HTTP & HTTPS). In case that the file is suspicious – the gateway will send the file to the Threat Emulation Cloud Service for emulation.
The cloud service allows the organization to use a global-quota of files that can be inspected, and any security gateway can send files for emulation. We are also introducing an Exchange Agent that can inspect incoming emails on the mail server, and will send files for emulation in the cloud. The exchange agent allows organizations that don’t have Check Point gateways (or not upgrading to R77) to inspect files.
With intensive security power, Virtual Systems also enable hardware consolidation.
High End Appliances supports up to 250 virtual systems.
SM = Security Management
MDSM = Multi-Domain Security Management
VSLS = Virtual System Load Sharing
Check Point Appliances support all S/W blades, and offers four pre-defined security packages including Next Generation Firewall, Threat Prevention, Data Protection and Secure-Web Gateway. These security packages allow for protection consolidation per appliance, delivering better performance to protect organizations against modern cyber-attacks.
High Performance hardware package simplifies the purchasing and licensing process, and includes the most typical configuration that customers buy.
1. A 4x10 GBE SFP+ NIC (Acceleration Ready in the 21000 Appliances)
2. 4x4x10 GBE SFP+ transceivers
3. Copper interfaces, depending upon the appliance model
4. And extended memory, also depend on the appliance model
The “SmartEvent Overview Pane” will give you:
A high-level view of your overall security status
Real-time synopsis of the security environment showing both events’ severity and number of actual events
Easy trending analysis and maximum visibility of out-of-ordinary events