Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
Check Point Road Map
What do we know about it?
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
About authorValeri Loukine
• CCMA 0019
• Ex-Check Point
• Senior Security Consultant - Dimension Data
• Email: [email protected]
• Blog: http://checkpoint-master-architect.blogspot.com/
2
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
To discuss
• Last year promises
• New and already known products
• Appliances
• What else?
3
Wednesday, September 14, 2011
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
Before we even start
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Check Point Road Map
• Where to get it?
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Ideas
• Check Point site
• CPX
• Open press
• Local office
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
The answer is...
Nowhere
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Because
• Check Point site has nothing
• CPX materials - Road map is not published
• Open press - Zero information
• Local office - They do not know
Wednesday, September 14, 2011
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
Remember 2010?
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Promises
• Identity Control
• Application Control
• Gaia
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Products
• ABRA
• DLP
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
We talk today
about promises keptand future to come
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
3D Security
Enforcement!
Policy!
People!
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
3D Security
• Application Control
• Identity Control Awareness
• Visibility
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Application Control
Delivered
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Identity Control
Delivered as Awareness
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Also part of3D security
• ABRA
• DLP
• Mobile Access Blade
17
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Missing features
SSL inspection
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
SSL inspection
• Comes with R75.20
• Covers IPS, Application Control and DLP
• No SFTP for DLP
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
More on R75.20
• URL Filtering unified with Application Conrol
• DLP performance boost
• DLP Exchange client agent
• Multi Certificate for Mobile Access Blade (thanks, Gil!!!)
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
More on Identity Awareness
• IPSO
• API for all blades including IPS
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Visibility and control
• Event Analysis
• SmartWorkflow
• Provisioning
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Visibility and control
• Do you see any progress?
• I do not
Wednesday, September 14, 2011
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
Gaia
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
CPX 2010
25
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Actual situation
• Nothing ready is out yet.
• 1st and 2nd stages are merged
• Rumors - to be expected soon (EA September, delivery - end of the year)
Wednesday, September 14, 2011
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
VSX
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
No progress this year
• Still VSX R67 - R65 based
• Lot’s of missing functionality
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Why?
• VSX to be based on Gaia
• VSX to be part of the maintrain
• VSX to be based on the next version (R76? R80?)
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Dorit Dor on CPX
• VSX R67 with IPv6 Q3 2011
• VSX maintrain 2012 (no IPv6)
• VSX maintrain + IPv6 middle 2012
Wednesday, September 14, 2011
CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011CPUG 2011 Chur Switzerland (c) Valeri Loukine 2011
Appliances
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
HW rumors
• Check Point to expand appliance lines
• SG80-like with WiFi (End of Safe@?)
• Would it be Highest End?
Wednesday, September 14, 2011
(c) Valeri Loukine 2011CPUG 2011 Chur Switzerland
Final quote
• Gartner 2010:
Check Point remains secretive about its road map and longer- term strategies, sometimes leaving its customers guessing and vulnerable to replacement by competitors.
33
Wednesday, September 14, 2011CPUG 2010 Chur SwitzerlandCPUG 2010 Chur Switzerland
Questions And Answers
Wednesday, September 14, 2011
CPUG 2010 Chur SwitzerlandCPUG 2010 Chur Switzerland
Thank You For Your Time!
Wednesday, September 14, 2011