CloudGuard IaaS Private Cloud Security

Securing Hybrid Clouds and SDDC

• Challenges organizations face when moving assets and data to the cloud
• Security best-practices for protecting cloud-based networks
• How Check Point seamlessly extends advanced and agile security to protect cloud environments

Advanced Security Seamlessly Delivered

Check Point CloudGuard IaaS private cloud security provides the same industry-leading threat protections safeguarding customer physical networks in a package optimized for the dynamic and automated nature of private cloud datacenters. Easily prevent the lateral spread of threats in software-defined datacenters (SDDCs) with multi-layered protections including:

• Firewall, IPS, Antivirus and Anti-Bot protect services from unauthorised access and attacks.
• Application Control prevents application layer denial of service attacks and protects your cloud services.
• IPsec VPN and Mobile Access provide secure connectivity into cloud resources.
• Data Loss Prevention protects sensitive data from theft or unintentional loss.
• SandBlast Zero-Day Protection provides the most comprehensive protection against malware and zero-day attacks.

Automated Security Provisioning

Check Point CloudGuard IaaS leverages the automation framework of private cloud solutions for the dynamic insertion, distribution and orchestration of advanced security within private cloud datacenters. This enhances native micro-segmentation capabilities to deliver advanced private cloud security services wherever needed. In the event of a breach of a single node or segment of the network, the threat is easily contained and isolated.

Centralized and Automated Security Management

Security management is simplified with centralized configuration and monitoring of all physical and virtual security instances. In private cloud datacenters, there is often a need to integrate different systems that manage the security workflow. Also, repetitive manual tasks must now be automated to streamline security operations. Check Point CloudGuard IaaS security management API allows for granular privilege controls, so that edit privileges can be scoped down to a specific rule or object within the policy, restricting what an automated task or integration can access and change. This ability to perform trusted connections provides private cloud security teams with the confidence to automate the entire security workflow and ensures the right level of protection is applied across each network segment.

Context-Aware Security Policies

Context sharing between Check Point CloudGuard IaaS and leading SDN controllers solutions ensures that security groups, end-point groups, VM identities and more are easily imported and reused within Check Point security policies. This reduces security policy creation time from minutes to seconds. What more, context-awareness is maintained so that any changes or new additions to the virtual infrastructure are automatically absorbed by Check Point CloudGuard. This makes it possible for private cloud security protections to be enforced on virtual applications regardless of where they are created or located.

Consolidated Logs and Reporting for Hybrid Cloud Environments

Virtual workload traffic is logged and can be easily viewed within the same dashboard as physical network logs. Security reports specific to virtual workload traffic as well as complete threat analysis can be generated to track private cloud security compliance across the entire distributed enterprise network - from physical and virtual environments to hybrid clouds.