Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Introducing Check Point Endpoint Security J E (John)

Published byHarry Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Introducing Check Point Endpoint Security J E (John)"— Presentation transcript:

1 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Introducing Check Point Endpoint Security J E (John) Rowzee SE EMEA jrowzee@checkpoint.com

2 2 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Agenda  Endpoint Security Pains  Check Point Endpoint Security 7.0  Check Point NAC  Endpoint Security Roadmap

3 3 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security Pains

4 4 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security Challenges Malware: viruses, worms, spyware, zero-day System downtime, remediation costs, stolen passwords Secure Access: ensure control, confidentiality Out-of-compliance endpoints, eavesdropping, unmanaged PCs Data Loss: lost/stolen endpoint devices Breach exposure, damaged reputation, compliance issues Management: multiple agents, consoles Increased costs, time consuming, slow system performance

5 5 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Check Point Endpoint Security 7.0

6 6 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7.0 FunctionsEnable … Rapid Deployment & Integration … Central Administration & Enforcement … Automated Client and Security Updates Endpoint ProtectionAccess Control Management Stop … Viruses … Keystroke Loggers … Trojan Horses … Network Infections … Hacker Intrusions … Unsafe Connections Enforce … AV, Patches, FW … Application Policy … Remote & LAN … Employee & Guest … Wired & Wireless … Silent Remediation

7 7 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Components Stateful PC Firewall Application Controls Antivirus CP FW Integration Client Restrict Rules 802.1x Integration VPN Integration Central Policy Management & Enforcement Deployment & Integration Automated Updates Anti-spyware Secure Remediation Endpoint Protection Network Access Control Management Intrusion Prevention

8 8 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Unified Endpoint and Network Security Management  Centrally monitor and report on endpoint events alongside network security events  Discover and monitor security incidents more quickly and effectively  Improve security audit support by unifying, standardizing, and automating reporting  Shared management server, log-in, console, log viewing and event management Unified with Check Point SMART Management Unique Unified with Check Point SMART Management

9 9 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Single Management Console All functions can be managed across the enterprise by a single console Streamlines deployments Management server installs in minutes Client software can be pushed out without involving on-site IT staff or end users Unique Integrated with Check Point SMART management Reduce Endpoint Administration Time & Cost

10 10 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management  Integrated Logs  Integrated Analysis  Integrated Log-In  Integrated Monitoring  Integrated Reports  Integrated Install

11 11 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management – Integrated Install with SmartCenter and P- 1  P-1 with one CMA  Integrated login  Single Hardware or Distributed

12 12 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management – Unified monitoring (SmartView Monitor)

13 13 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management – Unified logging (SmartView Tracker)

14 14 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management – Unified Reporting (Eventia Reporter)

15 15 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 Management – Unified Event Correlation (Eventia Analyzer)

16 16 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Single Management Console Easily enforce endpoint security policy Ensures endpoints are updated with latest antivirus, critical patches, service packs, and more Compatible with 3 rd party antivirus Facilitates remediation for out-of-compliance endpoints Improve Policy Compliance

17 17 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Program Advisor  Goals –Eliminate administrative burden –Speed policy decision making –Provide higher security at a lower cost  Advisory Services –Known good - Application Authenticity Service –Known bad - Malware Identification Service –Over 1,400,000 Applications in Program Advisor Database –Best Practices Policy »Based on expert analysis of millions of installations of Zone Alarm Unique

18 18 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Antivirus  Leading antivirus protections and controls in a single client and management solution –On access scan policies, treatments –Assign to groups; users, machines –Set access controls –Stage DAT files for testing –Notifications via email to Admins –Perform actions on infected endpoints automatically  3rd party antivirus compliance still supported  Co-exist with existing AV Check Point Confidential : subject to change without notice

19 19 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Anti-Spyware  Central Management –Scheduled scans –Easy-to-manage categories –Exception lists –Comprehensive reporting  Client module: –Spyware detection –Disablement –Quarantining –Removal

20 20 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Secure Remote Access Secure remote VPN access through VPN-1 ® Eliminates duplicate management tasks associated with multiple endpoint clients Only endpoint security solution that includes integrated remote access VPN client Integrated VPN Client Market-leading VPN client Flexible connectivity options / multiple authentication schemes Intuitive for end-users – reduces low priority helpdesk calls

21 21 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security 7 with VPN  Endpoint Security 7 and SecureClient Combined –Single installer –Unified GUI –Integrity Protection Capabilities –SecureClient Connection capabilities  Firewall Managed from ES 7 server  Enforcement checks ES 7 server  VPN from SecureClient Check Point Confidential : subject to change without notice

22 22 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Simplified Management Server Setup  Simplified fail-over –Active-passive configuration with no external software or hardware, detected automatically by clients –Reduces administration and costs  No external database required –Embedded data store up to 20k concurrent users out of the box. 30k-40k users with customization to customer environment –Simple and fast backup/restore built into admin console  Simplified administrator interface –Create and deploy essential policies faster –Minimum effort, setup and steps  Corporate network awareness –Keep LAN policy if server unreachable, remote office

23 23 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Check Point Endpoint Security 7.0 NAC

24 24 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. How Gateway (Firewall) Enforcement works Corporate Network Internet HR Database Finance Database R65 Firewall Perimeter Firewall LDAP Directory Web Server Pool ES 7 Server 1. Client Initiates connection to HR Resource 2. Gateway checks for Integrity Agent 3. ES 7.0 Server checks for policy for AD\jsmith 4. Gateway implements compliant user firewall rules 5. User has access to HR database but can not even ping Finance servers (invisible to end user)

25 25 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Auto-Remediation  Specify enforcement rules in policy  When end users are out of compliance: –Securely pull the package from sandbox –Run installation on end point automatically (Integrity context)  Process can be completely silent  No end user confusion  No uncertainty about updates  Reporting enhancements

26 26 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Cooperative enforcement  No single solution alone can successfully mitigate a malicious host from harming the network - A joint effort is needed.  Check Point integrates the different building blocks of network access control into a cooperative enforcement architecture.  Intel vPro™ (Centrino Pro) enables VPN-1 to block a malicious host on multiple levels preventing it from any possibility to infect the network. –VPN-1 blocks the first attack or violation on the GW level. –VPN-1 instructs the AMT™ component on the host to block further traffic from/to the host. This is done by installing a configurable, restrictive access policy on the host itself.  Any security violation can trigger AMT block action

27 27 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Summary  With Check Point NAC you maximize the value of your investment with Check Point’s network and endpoint products  Check Point NAC allows you to enter NAC gradually  Unified Internal and external (VPN) NAC  802.1x, inline enforcement and client enforcement  Q1CY2008 –Expanded identity and compliance aware firewall –Integrated guest management system –Easy deployment with minimal impact on users and network

28 28 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Check Point Endpoint Security OnDemand

29 29 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security OnDemand  Protecting the Enterprise on Unmanaged Endpoints and SSL VPN Anti-Spyware Data Protection Policy Enforcement  Terminates spyware  Signature & heuristics  Automatic updates  Cache cleaning  Encrypted store  Uses native components  No file handles  SecureWorkspace for more security  Custom rules  Pre-defined AV Rules  Restrict non-compliant endpoints  Custom remediation

30 30 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security OnDemand Webserver* Portal* Corporate Web-Mail ActiveX or Java 1.Spyware Detect/Disable (all purpose) 2.Are-You-There for Integrity Client (SSL-VPN, Intranet/Extranet) 3.AntiVirus/ACE-Rules (Intranet/Extranet) ERP/CRM Solutions… Intranet / Extranet * Web-Server & Portal can be the same server Internet

31 31 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Secured Applications Secured Documents User Help and Information

32 32 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Endpoint Security Roadmap

33 33 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. End Point Security Roadmap Jan 08 Mid Term Long Term Next Release Endpoint Security client with Data Security Endpoint Security client with Data Security Full SMART Integration Endpoint Security & VPN Robust management SecureClient and FW One endpoint suite with anti-virus Endpoint Security client with Data Security Build the best of breed endpoint data security components Full enterprise platform coverage Single client UI Unified Endpoint Security Unified Security Architecture for shared management framework Further NAC integration Leverage Check Point management tools

34 34 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Summary

35 35 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Highest-rated Components Rated Highest of 6 Endpoint Products Best Remote Access IPSec VPN solution Common Criteria EAL 4 certified Leader in Gartner Mobile Data Protection Magic Quadrant 7 years in a row 15 years firewall leadership Over 200 million VPN clients installed Over 80 million PCs protected

36 36 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Check Point Endpoint Security  Single client, single management console –Easy deployment and lower TCO  Most comprehensive endpoint security solution –Only solution with integrated VPN and data security  Highest-rated, best of breed components –Industry-leading, award-winning technologies  Single client, single management console –Easy deployment and lower TCO  Most comprehensive endpoint security solution –Only solution with integrated VPN and data security  Highest-rated, best of breed components –Industry-leading, award-winning technologies

37 37 ©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Questions ?

Download ppt "©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential. Introducing Check Point Endpoint Security J E (John)"

Similar presentations

Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:

Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.

© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Information Security in Real Business

Information Security in Real Business
Wireless Network Security

Wireless Network Security
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
All Rights Reserved © Alcatel-Lucent 2010 1 | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.

Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Similar presentations

Ads by Google