The desire to transition from a hardware-centric to an application-centric network construct is driving more and more organisations to embrace the cloud as part of their IT strategy.
Today, businesses are rapidly adopting cloud-based solutions to not only virtualise their data centres, but also to extend applications and data to public cloud environments.
There are still many companies, however, who aren’t fully embracing the cloud due to the security concerns associated with moving data beyond traditional IT controls.
Businesses want the ability to control their own data and keep it private, protect themselves from cyber threats and securely connect their cloud with their traditional ‘on-premises’ network, all while maintaining compliance with regulatory mandates.
Check Point’s flagship CloudGuard IaaS Cloud Security solution is designed to keep your data in public, private and hybrid cloud networks safe from even the most sophisticated attack.
- Agentless, automated information gathering from AWS, Azure and Google Cloud environments Auto-classification of protected assets based on the level of exposure to the outside world,
- A real-time topology map of security groups and the interrelationships between security policies,
- Visualisation of traffic flow and dropped traffic between cloud assets, security groups, instances, etc., and
- Visualisation of architecture templates (such as AWS CloudFormation Templates or CFTs) to inspect and collaborate prior to deployment.
- Enhance and Streamline Auditing:
Get immediate transparency and control over network security configuration and network flows in your IaaS environment. With CloudGuard Dome9 Clarity, an expected audit effort of several hours can be reduced to minutes.
- Uncover Security and Operational Issues With Flow Analysis:
Analyse AWS VPC Flow Logs within the context of network security group configurations to uncover potential attacks and visually diagnose operational issues caused by misconfigured policies.
- Gain Control Over Network Security Posture:
Get a clear understanding of the interplay between security policies for multi-tier applications and the effective security posture in a cloud environment. CloudGuard Dome9 Clarity allows enterprises to configure and maintain a network segmentation architecture through virtual networks, security groups and accounts to meet business needs.
Cloud Security for Virtualised Data Centres, SDN, IaaS and SaaS Applications
Information security professionals continue to cite a lack of visibility into infrastructure security as the biggest cloud management challenge. It is nearly impossible to detect and fix misconfigurations without a clear understanding of effective network security posture and the ability to inspect relationships between security groups. To control and secure your cloud environment, you need to see it clearly.
CloudGuard Dome9 Clarity is a powerful visualisation capability in the CloudGuard Dome9 platform for Cloud Security Posture Management (CSPM). Clarity provides intelligent visibility and situational awareness of the network security of a public cloud environment.
Check Point CloudGuard IaaS is designed to support popular hypervisor technologies such as VMware ESX, Microsoft Hyper-V and KVM, delivering comprehensive security to protect dynamic virtualised environments from internal and external threats.
CloudGuard IaaS also delivers advanced, multi-layered security for virtual data centre and Network Function virtualisation (NFV) environments, equipping service providers with comprehensive threat prevention security, zero-day protection, agile delivery, management and automation across core network function, software-defined WAN and vCPE deployments.
Check Point partners with the leading public IaaS providers and SDN solutions to not only help customers fulfil their cloud security responsibilities, but to seamlessly provide the same comprehensive security protections safeguarding premises-based networks to cloud environments.
CloudGuard IaaS enhances the native micro-segmentation and elastic networking of cloud environments to dynamically deliver advanced security and consistent policy enforcement that automatically grows and scales with your cloud environments.
Check Point helps secure all your cloud assets while fully supporting the elastic and dynamic nature of the cloud whether your cloud strategy centres on public or hybrid cloud environments, multi-cloud routing or cloud DMZ.
Additionally, only Check Point gives you a single pane-of-glass experience when managing physical, virtual and cloud-based security, complete with consolidated logs and reporting across all network environments.
CloudGuard SaaS – Industry-First Advanced Security and Threat Prevention
Customers of a North American financial services company received emails from the company’s chief financial officer directing them to use a new bank account for money transfers.
As it turns out, the emails were sent by hackers who stole the CFO’s Office365 account credentials, accessed it and sent the emails in his name. More than $2 million was transferred to foreign accounts before the exploit was discovered!
Organisations that are seeking to optimise business operations and reduce costs are increasingly moving to cloud applications and software-as-a-service (SaaS) products.
SaaS Security Challenges
SaaS applications not only help to increase business agility, but they also challenge traditional security approaches. SaaS apps are:
- Provided as an External Service:
SaaS applications cannot embed existing security controls and provide risk visibility as needed.
- Equipped With Minimal Built-In Security:
Frequently, SaaS applications only have minimal default security that allows unrestricted file sharing and malware delivery.
SaaS applications merely require an internet connection to be accessed from any device, location and user.
Enterprises Are Targeted When Using SaaS
Security breaches on SaaS are increasingly common and get media coverage. To answer this, most security solutions offer data leakage protection and application control. However, 90% of SaaS data breaches occur from targeted attacks, with 50% of the breaches happening through account takeovers of employee SaaS accounts.
A preferred way to steal company data, money and interfere with business processes involves hacking into SaaS applications. A cyber security must-have is securing data effectively in SaaS applications.
CloudGuard SaaS – Eliminates Real SaaS Threats
CloudGuard SaaS is a cloud service that prevents attacks on enterprises using SaaS applications:
- Eliminates the top SaaS threat by blocking account hijacks,
- Provides instant visibility into unauthorised SaaS activity,
- Protects shared files and sensitive business data,
- Prevents malware and zero-day threats from attacking SaaS users, and
- Stops sophisticated phishing attacks on Office365 and Gmail accounts.
- Catches more phishing attacks, leveraging artificial intelligence,
- API architecture enables seamless integration with SaaS applications and instant threats visibility,
- ‘Most Effective Breach Prevention’ for malware and zero-days (NSS Labs), and
- Blocks account takeovers wherever they happen, with unpassable Identity Protection.
- Data Leakage Prevention,
- SaaS Shadow IT Discovery,
- Intuitive Cloud Management,
- Deployed within minutes,
- Delivered as a cloud service,
- Zero-Day Threat Protection,
- Phishing Protection, and
- Identity Protection.
CloudGuard IaaS Private and Public Cloud Security
The CloudGuard cloud security family provides consistent and comprehensive cloud security for virtualised data centres to SDN, IaaS and SaaS applications, including the emerging threat of account takeover. The CloudGuard portfolio includes CloudGuard SaaS and CloudGuard IaaS, and seamlessly integrates with the largest number of cloud platforms and cloud-based applications, giving customers the freedom to choose the cloud solution that best aligns with their goals without sacrificing security.
Even the most sophisticated malware and zero-day doesn’t stand a chance against CloudGuard SaaS. With Check Point CloudGuard, SaaS security is just one click away.
Public Cloud Security
When your resources and data are moved to public clouds, you and your cloud provider share security responsibilities. Our solution enables you to not only control your own data and keep it private, but also to protect cloud assets, all while maintaining compliance with regulatory mandates.
Check Point CloudGuard Dome9 Public Cloud Security
CloudGuard Dome9 allows enterprises to easily manage the network security and compliance of their public cloud environments at any scale across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GPC).
Gain full visibility and control of your security posture, minimise your attack surface and protect yourself against vulnerabilities, identity theft and data loss in the cloud with CloudGuard Dome9.
Check Point CloudGuard IaaS Private Cloud Security
Network virtualisation has created a shift in traffic behavior with more traffic going East-West in the data center, allowing threats to travel unimpeded once inside the data centre and spread laterally.
Check Point CloudGuard delivers dynamic security within virtual data centres to prevent the lateral spread of threats while consolidating visibility and management across physical and virtual networks.
How Does It Work?
Check Point CloudGuard SaaS is offered as a cloud service that protects enterprise SaaS applications, within minutes of deployment. It integrates with various SaaS providers using APIs and it is installed in the cloud.
CloudGuard SaaS is notified through API as soon as a user shares an email / file through the SaaS application. The data is then scanned for threats and malicious content by a security engine so that it can determine whether it should be quarantined, cleaned, removed, etc.
CloudGuard SaaS uses a full-blown Check Point security stack to scan the data for threats. This includes:
- The award-winning SandBlast technology for zero-day threats protection and malware prevention,
- A data leak prevention engine, and
- The ability to reveal shadow IT scenarios.
Designed to protect from real SaaS threats, CloudGuard SaaS also provides Identity Protection, with ID-GuardTM, a patent-pending technology that prevents SaaS account takeovers.
A web based management console, as well as Check Point’s renowned SmartConsole, allows activity to be logged and monitored. Powered by Check Point Infinity architecture, CloudGuard SaaS provides consolidated activity logging and policy management for cloud and on premise, as well as rich threat intelligence for a comprehensive security coverage all across the board.
Prevent Employee Account Takeover With ID-Guard Technology
An account takeover is a form of identity theft in which the legitimate credentials of an employee are stolen and used illegitimately by a cyber criminal.
By impersonating the user, the criminal is then able to carry out activities and transactions in the victim’s name.
Unauthorised users and compromised devices are prevented from accessing your SaaS apps through CloudGuard’s ID-GuardTM patent pending technology.
It intercepts them using machine learning algorithms that analyse user behaviour and feed off of sources such as mobile and PC on-device detection of OS exploits, malware and network attacks, SaaS native APIs and Check Point’s Threat Cloud.
ID-GuardTM technology ensures legitimate access to SaaS applications and prevents takeover of employee SaaS accounts. CloudGuard SaaS integrates with various identity providers, such as Okta, Microsoft Active Directory, Azure Active Directory, etc., and adds a layer of security to their authentication process.
If a user tries to access a SaaS account, whether through mobile or a PC, CloudGuard SaaS matches their identity using techniques like that include device fingerprinting, login checkups, locations validation for login and emails, and so on.
By incorporating CloudGuard SaaS inputs into an identity provider’s authentication process, suspicious logins (for example that can be seen in two different locations, bad IP reputation) are immediately denied and blocked. CloudGuard SaaS Identity Protection is transparent to users and does not require their involvement.
Need more information about our cloud security solutions? Then contact us today.