Upload
csa-argentina
View
321
Download
0
Embed Size (px)
Citation preview
©2015 Check Point Software
Technologies Ltd. ©2015 Check Point Software
Technologies Ltd.
[Protected] Non-confidential
content
WE ARECHECK POINTWE SECURETHE FUTURE
©2015 Check Point Software Technologies Ltd. 4
TODAYONE ATTACK CAN SHUT
DOWN AN ENTIRE
COUNTRY’S POWER GRID,
DISRUPT TRANSPORTATION
SYSTEMS, OR STEAL
THE PERSONAL
INFORMATION OF MILLIONS.
©2015 Check Point Software Technologies Ltd. 6
2014WORLD’S BIGGEST
DATA BREACHES
EBAY
145MCustomers
at Risk
SONY
48KEmployees
Exposed
HOME
DEPOT
56MCustomers
at Risk
JP MORGAN
CHASE
76MCustomers
at Risk
TARGET
70MCustomers
at Risk
JAPAN
AIRLINES
750KCustomers at Risk
DOMINOS
PIZZA FRANCE
600KCustomers at Risk
APPLE
275KCustomers at Risk
©2015 Check Point Software Technologies Ltd. 7
ATTACKS ARE CONSTANTLY
EVOLVINGINCREASE OF
CYBER THREATS
OVER THE
PREVIOUS YEAR
125% MORESOCIAL MEDIA PHISHING SITES
42% MORETARGETED CYBER ATTACKS
58% MOREMOBILE MALWARE FAMILIES
WEB-BASED ATTACKS
30% MORE
©2015 Check Point Software Technologies Ltd. 8
BY 2020:
1 BillionSMART METERS
100 MillionSMART LIGHT BULBS
7 ManufacturersWILL HAVE
DRIVERLESS CARS
USE SMART WEARABLES(CLOTHING AND WATCHES)
50% of Consumers
©2015 Check Point Software Technologies Ltd. 9
Will have access to every part of our work and daily lives: how we commute, how we operate, how we feel, what we seek
HACKERS
©2015 Check Point Software Technologies Ltd. 11
WE PROVIDEPROTECTIONSAGAINST NEW THREATS EVERY DAY
10,000,000Bad-Reputation
Events
700,000Malware
Connections
Events
30,000Malware
Files Events
©2015 Check Point Software Technologies Ltd. 12
WE OFFER THE ARCHITECTURETHE MOST ADVANCED MANAGEMENT AND
REAL TIME PROTECTION
SOFTWAREDEFINEDPROTECTION
©2015 Check Point Software Technologies Ltd. 13©2015 Check Point Software Technologies Ltd. 13[Protected] Non-confidential content
SDPManagement layer
Control Layer
Enforcement Layer
SOFTWARE-DEFINED PROTECTION
Cloud
Phone
Internet
of Things
Network Home
Appliances
©2015 Check Point Software Technologies Ltd. 14©2015 Check Point Software Technologies Ltd. 14[Protected] Non-confidential content
BUILT ON A COMPREHENSIVE ARCHITECTURE
ENFORCEMENT LAYERInspects traffic and enforces protection in well-defined segments
CONTROL LAYERDelivers real-time protections to the enforcement points
MANAGEMENT LAYERIntegrates security with business process
©2015 Check Point Software Technologies Ltd. 15©2015 Check Point Software Technologies Ltd. [Protected] Non-confidential content
Lucas S. GarcíaSecurity Engineer | AR PY UY
CHECK POINT vSEC
Security for the Modern Datacenter
©2015 Check Point Software Technologies Ltd. 16[Protected] Non-confidential content
HACKERS TARGET THE DATACENTER
©2015 Check Point Software Technologies Ltd. 17
BIG INSURANCE COMPANY BEEN HACKED
Hacker breached few of the 37 company’s affiliates
Gain unauthorized access to databaseDec2013
January 2015
13 months later, first affiliate found it has been breached
Effecting 11 M people records
May-Sep 2015
More affiliates companies found they has been breached
Effecting over 100M people & employees records
©2015 Check Point Software Technologies Ltd. 18[Restricted] ONLY for designated groups and individuals
KNOWN DATACENTER SECURITY INCIDENTS
Many universities in the US been breached “..Attack originated in China gained access to servers..”
Big bank datacenter been hacked“…million accounts were stolen from bank’s databases..”
Hacking dating service datacenter“…33 million accounts, passwords, credit cards, addresses were published..”
©2015 Check Point Software Technologies Ltd. 19[Protected] Non-confidential content
ENTERPRISE MOVE FROM VIRTUAL DATACENTER TO HYBRID CLOUD*
Hybrid Cloud =Private Cloud & Public IaaS
©2015 Check Point Software Technologies Ltd. 20[Restricted] ONLY for designated groups and individuals
DATA CENTER EVOLUTION
VIRTUAL DATA CENTER THE HYBRID CLOUD
• Manual operation
• Perpetual licensing
• Automation & Orchestration
• Pay as you go licensing
©2015 Check Point Software Technologies Ltd. 21[Restricted] ONLY for designated groups and individuals
THE NEW CLOUD ENVIROMENT
Cloud Management
One place to orchestrate and
automate all applications
Hypervisor
The virtual compute
SDN
Central place to control
the entire networks
©2015 Check Point Software Technologies Ltd. 23
• Perimeter Gateway doesn’t protect traffic inside the data center
• Lack of security between applications
• Threats attack low-priority service and then move to critical systems
Modern threats can spread laterally inside the data center,
moving from one application to another
CHALLENGE #1:
LATERAL THREATS
©2015 Check Point Software Technologies Ltd. 24
• New applications provisioned rapidly
• Virtual-app movement
• Change IP address
• Unpatched dormant VMs that wakes up
Traditional static security fail to protect dynamic datacenter
CHALLENGE #2:
DYNAMIC CHANGES
©2015 Check Point Software Technologies Ltd. 25
Complex to manage different security products
in a multi-clouds environment?
CHALLENGE #3:
COMPLEX ENVIRONMENT
©2015 Check Point Software Technologies Ltd. 27[Restricted] ONLY for designated groups and individuals
vSEC ELEMENTS:
vSEC GATEWAYSecure traffic between applications
in the hybrid cloud
vSEC CONTROLLERAutomated security
with unified management
©2015 Check Point Software Technologies Ltd. 28
vSEC GATEWAY
Use vSEC Gateway to prevent lateral threat movement between
applications inside the datacenter
©2015 Check Point Software Technologies Ltd. 29
vSEC CONTROLLERTO AUTOMATE YOUR SECURITY
vSEC Controller
Check Point Smart Center
©2015 Check Point Software Technologies Ltd. 30
UNIFIED MANAGEMENTUNIFIED VISIBILITY
Unified security management and threat visibility
across virtual, physical & public cloud gateways
©2015 Check Point Software Technologies Ltd. 31
DELEGATE SECURITY CHANGES
*Available in R80
Use security policy that is easily correlated to micro-segmented environment
R80 Sub-Policies The only NGTP solution with
policy designed for micro-
segmented environment
©2015 Check Point Software Technologies Ltd. 33
VMWARE NSXNetwork and Security Extention
Key Benefits
Combine virtual systems to Security Groups
Control traffic that is passing between virtual systems
Apply Tags to virtual systems and declare a security state
Hardware
Hypervisor
vm vm
Web Server
vm vm
DB Server Isolated
DBDBWebWeb
vmInfected
[Protected] Non-confidential content
©2015 Check Point Software Technologies Ltd. 34
SDDC Demo Environment
[Protected] Non-confidential content
NSX Security Groups
Check Point
Anti-Bot Blade
©2015 Check Point Software Technologies Ltd. 35
SDDC Demo Environment
[Protected] Non-confidential content
NSX Configuration:
Tag infected VM’s «Infected»
Check Point Security Policy
NSX Configuration:
«Infected» VM’s belong to «IsolatedSecurity Group»
©2015 Check Point Software Technologies Ltd. 36
SDDC Demo Environment
[Protected] Non-confidential content
LOG
WEB_Serveris infected!
MOID of WEB_Server = abcd-efgh
WEB_Server = MOID abcd-efgh
Need to Tag MOID «Infected»
Infected
37©2015 Check Point Software Technologies Ltd. 37
Investigative Best Practices
with Threat Prevention
38©2015 Check Point Software Technologies Ltd.
Early detection and rapid response is essential!
Organizations today are facing unprecedented growth in the diversity and
number of security threats from advanced and sophisticated malware.
Introduction
To help stay ahead of modern malware,
39©2015 Check Point Software Technologies Ltd.
Investigate if a host is truly infected with malware
Introduction
Providing easy-to-use tools and guidelines for implementing
malware investigation process, using the Threat Prevention
Software Blades.
Identify the malware type and potential damages
Remediate infected computers
Using this guide you will be able to:
Detect suspicious behavior that might indicate additional infected
computers
Remediate infected computers
40©2015 Check Point Software Technologies Ltd.
Advanced Threat Prevention
Anti-Virus
Anti-Bot
Threat Emulation
Block access to malware-infested websites
Block downloads of known malware
Fight targeted attacks that
use unknown malware
Identify and Prevent
bot communications
IPS
Stop attacks exploiting known vulnerabilities
41©2015 Check Point Software Technologies Ltd.
Incident Handling Process
Identify
Investigate
Track
Monitor Threat Prevention events to identify suspicious hosts
Conclude if the host is infected and with what type of malware and its behavior
Track infected computers’ activity to identify additional infected computers
RemediateRecover infected machines
Investigate
Track
Identify
Remediate
Prepare
Optimizing configuration based on network topology
Prepare
©2015 Check Point Software Technologies Ltd. 43[Restricted] ONLY for designated groups and individuals
SUMMARY:
Security Automation
Unified Security Control
&Visibility
Advanced Security for
Hybrid Cloud
SECURITY THAT TAKES YOUR MODERN DATACENTER
ONE STEP AHEAD