Presentation is loading. Please wait.

Presentation is loading. Please wait.

Threat Management Server Eusebio Nieva Director Técnico Check Point España y Portugal.

Published byCory Lane Modified over 8 years ago

Similar presentations

Presentation on theme: "Threat Management Server Eusebio Nieva Director Técnico Check Point España y Portugal."— Presentation transcript:

1 Threat Management Server Eusebio Nieva Director Técnico Check Point España y Portugal

2 WE BELIEVE ONLY IN THE BEST SECURITY WE ARE THE STANDARD BY WHICH ALL SECURITY SOLUTIONS ARE MEASURED [Restricted] ONLY for designated groups and individuals

3 *Source: http://www.forbes.com THREATS BECOME A COMMODITY [Restricted] ONLY for designated groups and individuals

4 ©2016 Check Point Software Technologies Ltd. 4 9 hours Check Point Palo Alto 4 days Fortinet 5 days Heartbleed Shellshock Poodle-TLS Venom 22 hours Check Point 18 hours Check Point 30 hours Check Point Palo Alto 29 days Fortinet 14 days Palo Alto 56 days Fortinet 10 days Palo Alto 10 days Fortinet 9 days But once known, we’re the fastest to react

5 [Restricted] ONLY for designated groups and individuals

6 Malware that has not previously been seen can often get past traditional technology WHAT YOU DON’T KNOW… …ZERO-DAY How do you protect against [Restricted] ONLY for designated groups and individuals ©2015 Check Point Software Technologies Ltd. Malwares can infect internal networks through USB flash drives, spread across network and connect to C&C through infected hosts Let’s disconnect… WHAT I CAN’T SEE WON’T HURT ME The Internet is full of scary stuff! ?

7 Case Study: Stuxnet (offline network) Infection via USB Communication with C&C Infecting another host and operator [Restricted] ONLY for designated groups and individuals

8 ©2015 Check Point Software Technologies Ltd. CAN YOU REALLY KEEP UP? Offline updates… [Restricted] ONLY for designated groups and individuals

9 Download Center Check Point Cloud Services Overview [Restricted] ONLY for designated groups and individuals Anti-BotAnti-VirusApplication Control URL Filtering IPSThreat Emulation Sources of threat data Anti-BotURL Filtering Anti-Malware & Forensics CPUSE Software Updates

10 Check Point Cloud-based Services [Restricted] ONLY for designated groups and individuals CPUSE IPS and Application Control Updates ThreatCloud – Advanced Threat Prevention Cloud enables operational efficiencies, security Smart, fast, safe gateway software updates Automation for multi-domain environments Real-time threat intelligence

11 The Offline Challenge [Restricted] ONLY for designated groups and individuals How to harness Cloud… While keeping off the Internet?

12 ©2015 Check Point Software Technologies Ltd. THE ANSWER: PRIVATE THREATCLOUD [Restricted] ONLY for designated groups and individuals

13 On-premises Private ThreatCloud Check Point Cloud Private ThreatCloud Delta updates Packages Software updates Updates MDM Packages, queries logs Indicators files AV/AB APCL, URLF, IPS Packages Sub-cloud [Restricted] ONLY for designated groups and individuals

14 Sample Use Cases [Restricted] ONLY for designated groups and individuals Customers with offline networks Managed Security Service Providers Security Aggregation Points All use cases share a need for private cloud Govt., Defense, ICS, regulated industries Distribution of custom threat intelligence Endpoints, SDDC micro-segmentation, IoT

15 Self-contained ThreatCloud Appliance Gaia OS w. onboard software blades for self protection Managed by Check Point Management Server – Existing MDM; dedicated management; or standalone Plus: CLI / APIs [Restricted] ONLY for designated groups and individuals CLI RESTful APIs Management Monitoring MDM AppDB

16 Stateless Load Sharing / HA Load Balancing Download Agent Public ThreatCloud [Restricted] ONLY for designated groups and individuals ThreatCloud Appliances Management (Active, Standby) ThreatCloud clients GatewaysEndpointsManagementSandBlast Each appliance rated to serve up to 1,000 clients (constrained by license)

17 Guaranteed one-way cloud updates [Restricted] ONLY for designated groups and individuals

18 Download Agent Options (On-board) [Restricted] ONLY for designated groups and individuals On-board Download Agent Public ThreatCloud Load Balancing GatewaysEndpointsManagement All queries are local to the environment SandBlast

19 Download Agent Options (DMZ) [Restricted] ONLY for designated groups and individuals Security Gateway enforces uni-directionality Public ThreatCloud Load Balancing DMZ All queries are local to the environment GatewaysEndpointsManagementSandBlast

20 Download Agent Options (Data Diode) [Restricted] ONLY for designated groups and individuals Public ThreatCloud Load Balancing All queries are local to the environment Diodes enforce uni-directionality GatewaysEndpointsManagementSandBlast

21 Download Agent Options (Manual) Public ThreatCloud Load Balancing All queries are local to the environment Sneakernet GatewaysEndpointsManagementSandBlast [Restricted] ONLY for designated groups and individuals

22 Roadmap [Restricted] ONLY for designated groups and individuals

23 ©2015 Check Point Software Technologies Ltd. A MULTI-TENANT CONTENT DISTRIBUTION NETWORK FOR SECURITY DATA, SERVING ENFORCEMENT POINTS WITH REAL-TIME DATA IN SUPPORT OF SECURITY AUTOMATION What is ThreatCloud? [Restricted] ONLY for designated groups and individuals

24 Roadmap Expanded data services – Custom threat indicators and signatures – Automated indicator generators (SandBlast, Forensics) – Intellistore feeds – Intelligence sharing (STIX/TAXII) – ThreatWiki and other metadata (e.g. intelligence reports) Additional cloud client types – Sub-clouds – Dedicated threat prevention appliances Feedback mechanisms – Anonymized indicator match statistics and analytics – Controlled sharing (upstream, peer to peer) [Restricted] ONLY for designated groups and individuals

25 Sub-clouds [Restricted] ONLY for designated groups and individuals Download Agent Threat Management Server

26 Sandblast Cloud Front-end Emulator Monitoring Average processing time Average emulation time POD Monitoring # Of connections #Of open sessions Collector and queue manager Emulators Public ThreatCloud Updates [Restricted] ONLY for designated groups and individuals

27 Summary

28 [Restricted] ONLY for designated groups and individuals Threat prevention requires online access Online updates reduce admin overhead Private ThreatCloud lets you enjoy Cloud If you’re not up to date, you’re vulnerable Especially in multi-management networks While keeping your network off the ‘Net

29 [Restricted] ONLY for designated groups and individuals

Download ppt "Threat Management Server Eusebio Nieva Director Técnico Check Point España y Portugal."

Similar presentations

TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Windows Defender Next Generation Anti-malware

Windows Defender Next Generation Anti-malware
Security Observations & Ideas from the field

Security Observations & Ideas from the field
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
The Evolution of the Kaspersky Lab Approach to Corporate Security Petr Merkulov, Chief Product Officer, Kaspersky Lab Kaspersky Lab Cyber Conference, Cancun,

The Evolution of the Kaspersky Lab Approach to Corporate Security Petr Merkulov, Chief Product Officer, Kaspersky Lab Kaspersky Lab Cyber Conference, Cancun,
WCL209. GA3/23GA3/23 Manage & Secure PCs Anywhere All you need is an internet connection The Best Windows Experience Standardize your OS on the latest.

WCL209. GA3/23GA3/23 Manage & Secure PCs Anywhere All you need is an internet connection The Best Windows Experience Standardize your OS on the latest.
©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.

©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.

Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

Similar presentations

Ads by Google