1 / 33

Check Point InterSpect ™ The Internal Security Gateway ™

Check Point InterSpect ™ The Internal Security Gateway ™. ISSA April 15 th , 2004. Today’s Challenge. Then: IT resources focused on network perimeter… Now: Dedicated IT resources focused on internal networks Many attacks are introduced inside the network

brock
Télécharger la présentation

Check Point InterSpect ™ The Internal Security Gateway ™

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Check Point InterSpect™The Internal Security Gateway™ ISSA April 15th, 2004

  2. Today’s Challenge • Then: IT resources focused on network perimeter… • Now: Dedicated IT resources focused on internal networks • Many attacks are introduced inside the network • Laptops/PDAs travel in and out of the network daily • Legitimate, authenticated users can be contagious • Effective patching takes time • Worms spread internally, very fast • Blaster • Slammer • No perfect solution • Point-products address some concerns, but not the “big picture”

  3. Currently Available TechnologiesDon’t Meet the Need

  4. Security Considerations:Internal vs. Perimeter Internal security introduces unique challenges and requires a dedicated solution

  5. Check Point InterSpectThe Industry’s First Internal Security Gateway • A complete security solution designed for deployment inside of networks Key Features • Intelligent Worm Defender™ • Network Zone Segmentation • Quarantine of Suspicious Computers • LAN Protocol Protection • Pre-emptive Attack Protection • Seamless Network Deployment and Management Interface

  6. LAN Deployment Locations In front of several workgroups In front of a single key workgroup Behind WAN Access routers In front of server farm uplinks WAN

  7. Comparing Related Technologies

  8. Intelligent Worm Defender™ Check Point InterSpect • Key Benefits • Blocks the spread of worms/attacks inside the network • Protects against fast moving (flash or blitz) worms • Applies Application Intelligence and Stateful Inspection technologies to internal network security

  9. Network Zone Segmentation Bridge Mode Floor switch Internet • Key Benefits • Prevents unauthorized access between zones • Contains attacks within sub-segment of network Finance IP 1 Router Floor switch IP 2 Perimeter Firewall R&D Floor switch QA Backbone switch InterSpect

  10. Quarantine of Suspicious Computers • Key Benefits • Isolates attacks and compromised devices • Restricts infected computers from contaminating other devices • Protects un-patched computers until patched Check Point InterSpect Unique to InterSpect • When user is quarantined, user and admin is notified via dynamic web page

  11. Microsoft RPC CIFS MS SQL DCOM Sun RPC DCE RPC HTTP And more! LAN Protocol Protection Unique to InterSpect Broadest and deepest protocol inspection capability via Application Intelligence: Internal networks use more, and different, protocols than perimeter networks Key Benefits • Protects and supports protocols and applications used inside the network • Ensures stability of internal networks

  12. Pre-emptive Attack Protection Key Benefits • Proactively and dynamically protects against known and unknown attacks via SmartDefense • Defends against vulnerabilities before they are exploited

  13. Seamless Network Deployment & Management Interface • Non-disruptive install into existing network infrastructure • Multiple in-line operating modes for flexible deployment • Bridge • Switch • Router • Monitor only capability • GUI tailored for internal network deployment • Key Benefits • Installs in minutes • Easy to use and manage • Won’t block legitimate traffic

  14. Easily Configurable Attack Protection Monitor only options Simple Quarantine set-up

  15. Exception List for Non-Disruptive Deployment e.g., Bypass exception allows homegrown applications to support non-standard use of protocols

  16. Performance for Internal Security • High performance is expected in the LAN • InterSpect enhancements for the LAN • 100% of inspection is done inside the kernel • InterSpect contains advanced streaming technologies • SecureXL is integrated into InterSpect • All inspection is accelerated

  17. Models and Pricing

  18. InterSpect Model Comparison All models include: SmartDashboard for InterSpect, SmartView Monitor for InterSpect, and SmartView Reporter for InterSpect

  19. Check Point Software Technologies Ltd.

  20. About Check Point • The most relied upon and trusted Internet security vendor • Security is all we do – and we do it better than anyone! • Used by 97 of the Fortune 100 • Established market leader in both firewall and VPN • 65% market share in enterprise VPN/firewall (IDC) • 36% market share in appliances running Check Point (Infonetics) • Customer-driven philosophy • Industry-leading technology partnerships • Strong and diversified channel partnerships • Open business model

  21. Stateful Inspection/ FireWall-1 VPN-1 SmartDefense OPSEC Next Generation Application Intelligence 2002 2001 2003 1993 1997 1998 1999 2000 1994 1995 1996 A History of Innovation Check Point: Always a step ahead of customer’s real-world challenges

  22. A Dynamic Internet Threat Environment • 97,812 Internet security incidents reported in 2002 (source: CERT) • Average company suffered losses of $475,000 due to Blaster worm (source: TruSecure) • More than half of the Top 20 Most Critical Internet Vulnerabilities are application-based (source: SANS/FBI)

  23. New Constituents; Partner Web Access; WLAN; Remote Employees Security Breach: Network Downtime, Lost Revenue, Damage to Corporate Reputation New, Dynamic Security Threats IT Budgets are Constrained Dedicated Security Resources are Limited Today’s Top Security Concerns Security: A Big Challenge!

  24. Why is Security Such a Big Challenge? • In a connected world everyone is a target • Attacks spread quickly • Multitude of distributed systems to protect and connect

  25. Web Internal Perimeter The World’s Most Intelligent Security SolutionsPerimeter – Internal – Web In-depth inspection SMART management Intelligent Security Solutions Worry-free protection

  26. In-depth inspection Web Internal Worry-free protection SMART management Perimeter Unique Technologies are the Foundation of Intelligent Security Core Technologies Intelligent Security Solutions

  27. In-depth INSPECTion Check Point INSPECT –Industry Leading Security Technology • Integrated Network & Application Protection • Type-Based Approach (not reliant on signatures) • Most Comprehensive & Adaptable • Programmable • Supports more than 150 applications • Fast! Introduced in 2003! StatefulInspection Application Intelligence Application (Layer 7) Presentation (Layer 6) Session (Layer 5) Transport (Layer 4) Network (Layer 3) Data Link (Layer 2) Physical (Layer 1)

  28. SMART Management Security Management Life Cycle Lowest Total Cost of Ownership - Automated administrative tasks save time and money - Centralized information database minimizes capital expenditures • Define Policy • Easy-to-use Graphical interface • Graphical policy visualization • Enforce Security • Stateful Inspection • Application Intelligence Security Management Life Cycle • Monitor & Report • Real-time monitoring • Instant status of all • security elements • Automatic reports • Analyze & Change • Detailed logging

  29. OPSEC Applications Security Enforcement Management Performance& Availability Certified for Seamless Interoperability! OPSEC - Best of Breed Applications • Industry-standard framework for integrating best-of-breed security technologies • Certified to ensure seamless interoperability • Authentication • Authorization • Application Service Support • Content Security • Intrusion Detection& Prevention • Wireless • Enterprise Management • Reporting & Monitoring • Security Assessment • High Availability & Load Balancing • Acceleration

  30. Strong, Broad Partnerships Over 1,900 channel partners in 86 countries • Value Added Solution Providers • Certified Support Partners • Authorized Training Centers • Global Solution Providers • Managed Service Providers • Check Point Service & Support

  31. Check Point Intelligent Security Solutions PerimeterSecurity Internal Security Web Security • Easy access • Unified front end • Integrated Authentication • Content Verification • Compartmentalizing the network • Contain threats • Desktop protection • Server protection • Data center security • Attack protection • Secure office connectivity • Remote employee access • Controllable Internet access Coming Soon!

  32. Complete Market Coverage Market Segments InterSpect Safe@Office VPN-1 Pro SMPSecurity Management Portal VPN-1 Edge VPN-1 GX Check Point Express VPN-1 VSX VPN-1 Pro SecureClient Small Business Medium Business Enterprise High-End Service Provider Data Center Cellular/ Mobile Infrastructure

  33. Stateful Inspection/ FireWall-1 VPN-1 SmartDefense OPSEC Next Generation Application Intelligence 2001 2003 2002 1993 1997 1998 1999 2000 1994 1995 1996 A Future of Innovation Deeper Broader Smarter Dedicated to staying one step ahead of customers real-world security challenges Deeper content analysis Broader deployments Smarter security management

More Related