Embed Size (px)
Citation preview
![Page 1: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/1.jpg)
©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties
Cloud Computing
Philippe RondelDirecteur [email protected]
![Page 2: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/2.jpg)
22©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Agenda
1 Introduction
2
3 Conséquences du Cloud
Sécurisation du Cloud
![Page 3: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/3.jpg)
33©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Agenda
Introduction
2
3 Conséquences du Cloud
Sécurisation du Cloud
![Page 4: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/4.jpg)
44©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Global Security Leader
100% Security
100% Security
► 100% focus on security
► 1,500 security experts
► 66,000 Check Point certified professionals worldwide
► From Firewall-1 to Software Blades
► 100% focus on security
► 1,500 security experts
► 66,000 Check Point certified professionals worldwide
► From Firewall-1 to Software Blades
LeaderLeader
► Global firewall/VPN leader and mobile data encryption leader
► 170,000 protected businesses
► 60 million users
► 100% of Fortune 100
► Global firewall/VPN leader and mobile data encryption leader
► 170,000 protected businesses
► 60 million users
► 100% of Fortune 100
Global Footprint
Global Footprint
► 2,300 employees, HQ in Israel and USA, 80 offices in 30 countries
► 3,000 partners in 88 countries
► 250 stocking locations worldwide
► 120 authorized training centers
► 2,300 employees, HQ in Israel and USA, 80 offices in 30 countries
► 3,000 partners in 88 countries
► 250 stocking locations worldwide
► 120 authorized training centers
![Page 5: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/5.jpg)
55©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
More Security in the Network:Firewall Evolution
1994The Firewall and
Stateful Inspection
1997OPSEC
1999Integrated
VPN
2006UTM
Content Services
2002SmartDefense and
Application Intelligence
2009SoftwareBlades
2010Content, Application and
User-Based Policies
2002SmartDefense and
Application Intelligence
SoftwareBlades —Revolutionary Architecture
for Security
Application and User-Based Policies
►In-depth Application Inspection with over 50,000 Widgets and Applications Supported
►User-Based Policies
►Gateway content Expansion--DLP
![Page 6: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/6.jpg)
66©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Agenda
1 Introduction
3 Conséquences du Cloud
Sécurisation du Cloud
![Page 7: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/7.jpg)
©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties
Pour les fournisseurs de Clouds Fournir la sécurité par client
![Page 8: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/8.jpg)
88©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Cloud Services
� Cloud Signifie Agilité
� Agilité dans le provisioning
� Agilité dans le changement et l’évolutivité
� Le moins possible de hardware dédié
![Page 9: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/9.jpg)
99©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Sécurisation délivrée par les fournisseurs de Clouds
� Les technologies de virtualisation répondent àces besoins du Cloud.
La Sécuritévirtualisée sur une passerelle dédiée
La Sécuritémutualisée dans
un environnement virtualisé
VSX Security Gateway VE
![Page 10: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/10.jpg)
1010©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
1iere Option: VSX – passerelle mutualisée
![Page 11: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/11.jpg)
1111©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Qu’est ce que VSX ?
Une passerelle de sécuritévirtualisée permettant la création
de multiple instances de Firewallsucture consolidation
Combine les technologies firewall, VPN, et IPS aux
technologies réseaux virtualisés dans une plateforme évolutive
Un très large choix de déploiement: du logiciel jusqu’au appliances et les chassis multi-
bladesppliances
VPN-1 Power VSX R65 Software
VSX-1 3070
VSX-1 9070
IAS Bladed Hardware
![Page 12: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/12.jpg)
1212©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Du Physique au Virtuel…
VPN-1/FireWall-1® Module
VPN-1/FireWall-1 Module in Bridge Mode
IP Router
Switch
Network Cable
Physique Virtuel
Virtual Cable (warp link)
Virtual Switch
Virtual Router
Virtual System in Bridge Mode
Virtual System
![Page 13: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/13.jpg)
1313©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Integration de la s écurit é dans les infrastrucures virtualisées
![Page 14: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/14.jpg)
1414©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Security Gateway Virtual Edition (VE)
Meileure passerelle de sécurité virtuelle avec l’architecture Software Blade
Meileure passerelle de sécurité virtuelle avec l’architecture Software Blade
Check Point Fournit une sCheck Point Fournit une s éécurity Plug and Play curity Plug and Play pour les Clouds Privpour les Clouds Priv éés et Publicss et Publics
A partir de$2,000
A partir de$2,000
Software
Blades
Check Point Security Gateway
Virtual Edition
![Page 15: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/15.jpg)
1515©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Security Gateway VE – Hypervisor Mode
VM 3VM 1 VM 2 VM 5VM 42.1.1.1
vSwitch
VM 3VM 1 VM 2
VE
Ext
Ext
Service Console
VM 3VM 1 VM 2 VM 5VM 4VM 3VM 1 VM 2
Agent Agent Agent Agent Agent
ESX/ESXi
![Page 16: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/16.jpg)
1616©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Security Gateway VE – Hypervisor Mode
►Integration dans l’Hyperviseur grace àVmSafe
►Firewall + IPS
►Audit des changements de l’ESX/ESXi
►Supporte de manière transparente les déplacements de VMs
VMVMVE
Hypervisor ConnectorHypervisor
![Page 17: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/17.jpg)
©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties
Pour les clients de clouds IaaSapporter la même sécuritédans ces environnements
![Page 18: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/18.jpg)
1818©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Sécurisation apportée dans un environnement mutualisé: VE
Active Passive
![Page 19: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/19.jpg)
1919©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Virtualisation de bout-en-bout
� Vous n’avez plus besoin de possédez une infrastructure en propre:� Ni Datacenter� Ni Réseau� Ni Postes de travail
� pour créer un SI sécurisé (segmentation réseau, authentification, prévention IPS & DLP etc…)
![Page 20: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/20.jpg)
2020©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Virtualisation de bout-en-bout
Internet
![Page 21: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/21.jpg)
2121©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Agenda
1 Introduction
2
Conséquences du Cloud
Sécurisation du Cloud
![Page 22: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/22.jpg)
2222©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Accès Internet au plus prêt des utilisateurs
� Les utilisateurs n’accèdent plus aux ressources de l’entreprises mais aux services sur Internet.
� L’architecture à base d’accès Internet centralisé ne correspond plus.
� Les accès à Internet locaux deviennent nécessaires et moins onéreux que du WAN.
![Page 23: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/23.jpg)
2323©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Besoin de Contrôle des applications
� Les utilisateurs ne s’adressent plus systématiquement à leur DSI pour de nouveaux services.
� La DSI et donc le RSSI ne maîtrisent plus ce que font leurs utilisateurs.
� Le contrôle applicatif est nécessaire pour reprendre le contrôle et n’autoriser que ce qui a été validé.
![Page 24: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/24.jpg)
2424©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Application Control
Plus de 4,500 applications
Plus de 50,000 network widgets
Groupés en plus de 150 catégories
http://appwiki.checkpoint.com
![Page 25: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/25.jpg)
2525©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties |
Les Passerelles XTM
� Pour apporter des accès internet au plus prêt des utilisateurs, il faut apporter toutes les briques de sécurité sur les sites distants.
� L’architecture Software Blade sur les appliances UTM-1, administrées centralement, permet de fournir la sécurité maximale à coût optimum.
![Page 26: Cloud Computingx [Lecture seule] - Westcon-Comstorfr.security.westcon.com/documents/39449/presentation_cloud_compu… · Cloud Computing Philippe Rondel ... Les technologies de virtualisation](https://reader030.pdfslide.net/reader030/viewer/2022022612/5b9ba45909d3f291158d9dac/html5/page/26.jpg)
©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties
Merci !
Philippe RondelDirecteur [email protected]
![CHILD CLIENTS: AN ONGOING ETHICAL DILEMMA …lsuc.on.ca/media/eleventh_colloquium_burns.pdf · Rondel v. Worsley, [1966] 3 W.L.R. 950, at 962-63 (C.A.), [1969], 1 A. C.191, at 227](https://img.pdfslide.net/doc/110x75/5b5caac17f8b9ad2198ce34c/child-clients-an-ongoing-ethical-dilemma-lsuconcamediaeleventhcolloquiumburnspdf.jpg)
![United Kingdom House of Lords Decisions - Forsiden - … · United Kingdom House of Lords Decisions ... In Rondel v Worsley [1969] 1 AC 191,](https://img.pdfslide.net/doc/110x75/5aee06c07f8b9a662590c351/united-kingdom-house-of-lords-decisions-forsiden-kingdom-house-of-lords.jpg)
![Rondel v Worsley [1969] Ac 191 - HL](https://img.pdfslide.net/doc/110x75/5465483daf795974338b4e16/rondel-v-worsley-1969-ac-191-hl.jpg)
