©2015 check point software technologies ltd. 1 *texas, oklahoma, arkansas hank johnson | area...

©2015 Check Point Software Technologies Ltd. 1©2015 Check Point Software Technologies Ltd.

*Texas, Oklahoma, Arkansas

Hank Johnson | Area Manager Oscar Grider Sales RepresentativeStephen Systems Engineer

SECURITY OBSERVATIONS & IDEAS FROM THE FIELD

©2015 Check Point Software Technologies Ltd. 2

What’s driving Security Spending ?

Upgrade of existing, aged equipment

Consolidation of multiple point products

Consolidation + New Security Features

Compliance

Redefinition of the Enterprise to include LocationsMobile

A Good Offense is the Best Defense Advanced Threat Protection = Known & Unknown Reporting & Forensics = More Data & Visibility


Security Trends

** Redefine the Enterprise: Remote sites & Mobile

**Client Execs involved at a new level **

Security Readiness

Data : Dashboard , Detail & Forensics

Product Enterprise Security Strategies

Monitor / React Proactive / Trend

User Involvement


Let’s get serious – Shall We?


Security has been underfunded…

By other valid IT & Business Priorities including:

IP Telephony / Unified Communications Storage & Server Virtualization ;Converged Computing SAP , Oracle, other applications SF.com & other CRM systems Cloud & Hybrid Data Center Initiatives

Impact to Security: Most are in Catch Up Mode Security is “MainStream” Key issues:

Personnel / Organizational Structure Policy ( Social media, Document Retention, Breach planning ) Strategy ( Current State to Future State )

©2015 Check Point Software Technologies Ltd. 6 [Restricted] ONLY for designated groups and individuals

Self Assessment

Start Here


Client Assessments: Work to be Done

1st Key Question:

“Where am I today?”

Follow up questions:

• Desired Future State

• First Priority

• What’s possible today

• Where do I start


High Level Security Planning Framework - 4 things

Infrastructure

Threat

Mobility

Management & Visibility


Fewer Suppliers & Maintenance contracts

More control & reporting

DLPSoftware Blade

Application Control

Software BladeIPS

Software BladeFirewall and VPNSoftware Blades

URL FilteringSoftware Blade

Antivirus & Anti-Malware

Software Blade

Identity Awareness

Software BladeAnti-Bot

Software Blade

InfrastructureConsolidation is real but you own Architecture


User Access

Internet Applications Usage

Sensitive Data

Mobile Access

Network Threat Prevention

Granular Control of All Security Layers

Gran

ular V

isibility

Identity Awareness

DLP

Mobile Access

SmartEvent

IPS

Anti-Bot

Antivirus

Application Control

URLF


Check Point

Research

IndustryFeeds

Sensors & Sites

Priority: Keep System Software Current


One of the most dynamic areas of Security

Threat Prevention


Known ( IPS / IDS / URL / App )

Unknown ( SandBox / Zero Day / APT )

Email & Mobile

Reporting / Context / Forensics / Trending


Polymorphic Malware

APTs

Mobility

We Spend Time and Budget On..

While Positioning for Future Challenges

TODAY’S INFRASTRUCTURE

FUTURE ATTACK VECTORS

Firewall

VPN

IPS

Anti-Spam

URL Filtering

Anti-Virus

DDoS

Have the Platform Built 1st !!


Multi-Layer Threat Prevention

Known and Unknown Malware

Known

Unknown

XX X X XX XXX

KnownKnown Known Known

Industry FeedsGlobal Sensor DataCheck Point Research

ThreatCloud

Emulation Service

©2015 Check Point Software Technologies Ltd. 16[Protected] Non-confidential content

INSPECT EMULATE

PREVENTSHARE

“Threat” requires a holistic view** New CPU level solution – Stop before threats get to

the OS level.

Managing Unknowns

Sandbox

Quarantine

Emulation


9 hrsCheck Point

22 hrsCheck Point

18 hrsCheck Point

Others ? Others? Others ?

Priority: Speed & Time to address major vulnerabilities

Heart Bleed Shell Shock Poodle


You can’t manage what you can’t measure

Optics & Reporting


Event Management

Log Management

Security Management

Management

“Our evaluation of Global Management put the Check Point Security Gateway on top by a wide margin.” Network World – May 2012

Check Point Management is the “gold standard against which other consoles are measured.” Gartner 2013

Built-In Compliance Engine

Simplicity & Power in One Plate of Glass


SPOG Management & Visibility


360o Visibility of Network Security

Time shows topline security events

Map shows origin of attacks and threats

Rate and frequency of potential attacks

Important security events highlighted


Mobility


Today’s Mobile Solutions have Security Gaps

[Restricted] ONLY for designated groups and individuals

How do you protect devices from T H R E A T S ?How do you protect D A T A wherever it goes?

• MDM = Management

• NOT Security

Mobile Security

Same policies as On Net

APT protection

Document Security

Mgt & Reporting


The Internet

So many points of

entry!


The Issues are Real

The Solutions are Many

Assess – Plan – Execute

For the entire Enterprise

• Hold the industry accountable • Network / Idea share with

others • Don’t overthink it – get after

it!

Final Thoughts


Everyone has a plan ‘till they get punched in the mouth Mike Tyson

©2015 Check Point Software Technologies Ltd. 31©2015 Check Point Software Technologies Ltd.

Thank You !

Hank Johnson | Area Manager


Build a Plan ; Execute the Plan

Any Security Function

Firewall IPS

VPN App

ControlMobile

Access

DLPID

Awareness GRC

Threat Emulation

Any

Platform

Appliances Open serversCOTS Servers Virtual Cloud

IAS and

COTS servers

2012 Appliances

Anti-Virus

URL Filtering

App

Control

NGFW

Anti-VirusURL

Filtering

Anti-Bot Anti-Spam

NGTP SWG NGDP More

Mobile Data Protection

Integration with OPSEC Central Management and Reporting

©2015 check point software technologies ltd. 1 *texas, oklahoma, arkansas hank johnson | area...

Documents

system software current

field slide

architecture slide

data visibility slide

security trends

mode security

security spending

future state slide