Securing the Next Generation Data Center

Similar documents
Check Point DDoS Protector Introduction

Check Point DDoS Protector Simple and Easy Mitigation

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Check Point Virtual Systems & Identity Awareness

Solutions Guide. F5 solutions for the emerging 5G landscape

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Appliance Comparison Chart

SAS and F5 integration at F5 Networks. Updates for Version 11.6

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III

Secure & Unified Identity

Appliance Comparison Chart

Data Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features

Cisco ASA 5500 Series IPS Solution

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

A Unified Threat Defense: The Need for Security Convergence

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Agenda. This Session: Azure Networking Basics, On-prem connectivity options DEMO Create VNET/Gateway Cost-estimation for VNET/Gateways

Cisco Firepower with Radware DDoS Mitigation

CloudStorm TM 100GE Application and Security Test Load Module

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

Chapter 9. Firewalls

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Cloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers

Sichere Applikations- dienste

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

Business Strategy Theatre

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal

Comprehensive datacenter protection

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Security for the Cloud Era

ISG-600 Cloud Gateway

The threat landscape is constantly

Pulse Secure Application Delivery

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Disclaimer CONFIDENTIAL 2

DDoS Detection&Mitigation: Radware Solution

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

USG2110 Unified Security Gateways

Look Who s Hiring! AWS Solution Architect AWS Cloud TAM

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

Corrigendum 3. Tender Number: 10/ dated

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Large FSI DDoS Protection Reference Architecture

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Securing Your Most Sensitive Data

Security

Reaping the Full Benefits of a Hybrid Network

Cisco Firepower NGFW. Anticipate, block, and respond to threats

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE

COMPUTER NETWORK SECURITY

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

Future-Proof Your Hardware Investment PRESENTED BY:

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

The DNS of Things. A. 2001:19b8:10 1:2::f5f5:1d Q. WHERE IS Peter Silva Sr. Technical Marketing

RETHINKING DATA CENTER SECURITY. Reed Shipley Field Systems Engineer, CISSP State / Local Government & Education

Securing the Software-Defined Data Center

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Networks

Securing the Modern Data Center with Trend Micro Deep Security

Data Sheet. DPtech Anti-DDoS Series. Overview. Series

Brocade and Sandvine. Detailed Insights for OTT Application Traffic KEY BENEFITS SOLUTIONS BRIEF BUSINESS CHALLENGE

Who s Protecting Your Keys? August 2018

Venusense UTM Introduction

Czas na nowe platformy sprzętowe F5! Dlaczego są to najbardziej programowalne urządzenia ADC na rynku

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Palo Alto Networks Stallion Spring Seminar -Tech Track. Peter Gustafsson, June 2010

ADC im Cloud - Zeitalter

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Firefly Perimeter ( vsrx ) Technical information 12.1 X47 D10.2. Tuncay Seyran

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

Advanced Techniques for DDoS Mitigation and Web Application Defense

Unlocking the Power of the Cloud

Simplify Your Network Security with All-In-One Unified Threat Management

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Huawei Next-Generation Network Security

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

Analysis of VPN Protocols

Quick Sales Guide. Security

NSG50/100/200 Nebula Cloud Managed Security Gateway

Brocade and Procera. Detailed Insights for OTT Application Traffic KEY BENEFITS SOLUTIONS BRIEF BUSINESS CHALLENGE

EFFECTIVE SERVICE PROVIDER DDOS PROTECTION THAT SAVES DOLLARS AND MAKES SENSE

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

Eudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Future-ready security for small and mid-size enterprises

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Check Point vsec for Microsoft Azure

SYMANTEC DATA CENTER SECURITY

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

SECURITY SERVICES SECURITY

PROTECTING YOUR NETWORK FROM THE INSIDE-OUT

Transcription:

Securing the Next Generation Data Center Petr Kadrmas SE Eastern Europe 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved.

Data Center Landscape Scale and Performance App Demands Big Data Consolidation and Density Virtualization Efficiency Hybrid Cloud Deployments Business Demands Cost 2

Data Center Security Concerns Access Control Compliance External Attacks Insider Attacks Data Protection 3

Data Center Security Requirements Segmentation and control Threat prevention High performance Management and visibility 4

Securing the Physical Environment Finance Database HR Web Web Database HW HW HW Private Cloud Internet Finance HR Sales Web HR Virtual Machine Hardware Public Cloud Demands Scalable, High Performance 5

The Check Point 21400, 21600 iances Firewall Throughput 110 Gbps* Maximum Connections 10 Million Optimized for low-latency High availability and serviceability Connection Setup 300,000 cps* SecurityPower 3300 SPU* Acceleration options Metallic & Optical Network Interfaces from 1 Gbps to 40 Gbps *With Acceleration Card 6

The Check Point 61000 Security System Firewall Throughput 200 Gbps Maximum Connections 70 Million Connection Setup 600,000 cps 61000 Security System Scales to 12 Security Gateway Modules SyncXL for High Availability Network security switch modules SecurityPower 14600 SPU 7

High Data Center Density Check Point Virtual Systems 12200 VS iance Consolidate up to 250 gateways 12400 VS iance 12600 VS iance Combines firewall, VPN, IPS, URLF, ication Control, AV, Antibot, Mobile Access 21400/21600 VS iance Density to secure more networks Powerful Security Consolidation 8

Advanced Threat Prevention Firewall Protection Provides: Granular access control Stateful Inspection User authentication Network Address Translation Firewall + IPS Protects Against: Granular access control Stateful Inspection User authentication Network Address Translation + Attacks on vulnerabilities Malware/worm infections Malicious P2P and IM apps Buffer overflow attacks 9

Securing VMs in the Data Center Finance Web Database Check Point Security Gateway Virtual Edition Database HR Web HW HW HW Private Cloud Internet Finance HR Sales Web HR Virtual Machine Hardware Check Point Security Gateway Virtual Edition Public Cloud 10

Security Gateway Virtual Edition (VE) Plug and Play Security for Virtual Machines Check Point Security Gateway Virtual Edition Best Virtual Security Gateway with the Software Blade Architecture Securing the Virtual Machines Software Blades Unified Management for Physical and Virtual 11

Consistent Security for Public Cloud Virtual iance for Amazon Web Services Public Cloud Data Center On Premise Data Center Full Protection Quick Deployment Unified Management 12

Unified View of the Data Center Web Policy and Management Consolidated Across the Data Center Database Database Check Point Security Gateway Virtual Edition Finance HR Web HW HW HW Private Cloud Finance HR Internet Public Cloud Sales Web HR Virtual Machine Hardware Check Point Security Gateway Virtual Edition 13

Multi-Layered DDoS Protections Network Flood Server Flood ication Low & Slow Attacks Behavioral High volume of network packets analysis Automatic and High rate of pre-defined new sessions signatures Web Behavioral / DNS connectionbased DNS HTTP and attacks Advanced Granular attack custom filters techniques Stateless and behavioral engines Protections against misuse of resources Challenge / response mitigation methods Create filters that block attacks and allow users 14

Check Point DDoS Protector Customized multi-layered DDoS protection Fast response time protect within seconds Flexible deployment options, Up to 12 Gbps throughput Integrated with Check Point security management DDoS Protector 15

Check Point Secures the LTE Network SE-GW. IPSec GW HSS MME Security GW GTP SG Internet S-GW P-GW GTP, SCTP and Diameter Security GW Data Roaming (GRX / IPX) 16

LTE Security from Check Point New attack vectors in LTE New IP based protocols and elements expose the LTE to more risks Check Point LTE Security The first and only vendor to offer Protocol Integrity, Statefull Inspection and Deep Packet Inspection for all new LTE Protocols Check Point & NSN Service NSN Certified Check Point LTE Security Solutions. Strong Collaboration with Check Point and Professional Service 17

Summary 21x00 iance, 61000 System, VSX, Acceleration, High Availability Virtual Edition, Virtual iance for Amazon Web Services Firewall, IPS, Software Blades Check Point DDoS Protector Check Point Secures New LTE Protocols All Managed by Unified Security Management 18

Thank You 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback