NOT EVERY CLOUD HAS A SILVER LINING
INTRODUCING CHECK POINT CLOUDGUARD™
Despite the rapid adoption of cloud, protecting assets and data remains a top concern. Moving applications and workloads to the cloud creates unique security challenges which expose organizations to a host of new threats. Check Point CloudGuard, a comprehensive cloud security portfolio, is designed to prevent the latest fifth generation (Gen V), multi-vector cyberattacks targeting enterprise cloud services. Part of the Infinity Architecture, the portfolio includes CloudGuard IaaS that provides advanced threat prevention for enterprise network in public and private clouds, CloudGuard Dome9 that offers native security and compliance orchestration across the public cloud, and CloudGuard SaaS that prevents targeted attacks on SaaS applications and cloud-based email.
Whether your organization centers around cloud-enabling applications and platforms, public and hybrid infrastructure or a multi-cloud approach, CloudGuard ensures all your assets are fully protected while supporting the elastic, dynamic and cost-effective nature of the cloud. CloudGuard – Any Cloud, Any Application, Unmatched Security.
Unmatched Threat Prevention Security
Leveraging the Check Point Infinity Architecture, CloudGuard delivers shared intelligence and advanced threat prevention security to protect against the latest sophisticated cyberattacks.
Comprehensive Cloud Security Portfolio
CloudGuard supports the broadest range of cloud infrastructures and applications providing the freedom to adopt a cloud strategy aligned to exact needs without sacrificing security
Security as Dynamic as Your Cloud
CloudGuard supports context sharing for dynamic policy updates as well as auto-provisioning, auto-scaling & one-click deployments to keep security aligned to the dynamic nature of cloud-based services.
Check Point CloudGuard IaaS protects assets in the cloud from the most sophisticated Gen V cyberthreats with dynamic scalability, intelligent provisioning and consistent control across physical and virtual networks, ensuring you can embrace the cloud with confidence.
Whether your cloud strategy centers on public or hybrid cloud environments, multi-cloud routing, or cloud DMZ, Check Point helps secure all your cloud assets while fully supporting the elastic and dynamic nature of the cloud. What’s more, only Check Point gives you a single pane-of-glass experience when managing physical, virtual and cloud-based security, complete with consolidated logs and reporting across all network environments.
Public Cloud Network Security
Adopting public cloud infrastructure means security is now shared between you and your cloud provider. CloudGuard delivers automated and elastic public cloud network security to keep assets and data protected while staying aligned to the dynamic needs of public cloud environments. Learn more here >>
Private Cloud Security
Datacenter virtualization increases the risk of lateral spread of threats. Check Point CloudGuard delivers dynamic private cloud security within virtual datacenters to prevent the lateral spread of threats while consolidating visibility and management across physical and virtual networks. Learn more here >>
CloudGuard Dome9 is a comprehensive software platform for security and compliance automation in the public cloud, offering visibility, continuous compliance, active protection and threat detection. CloudGuard Dome9 is an API based SaaS platform that integrates natively with and delivers security capabilities across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP). It provides guardrails to minimize your attack surface and ensures you meet compliance and governance standards in the public cloud.
Using Dome9, organizations can visualize and assess their security posture, detect misconfigurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud. Dome9 delivers security capabilities across Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP).
Cloud Agnostic Policy Automation
Dome9 simplifies public cloud security. The Dome9 service integrates with AWS, Azure and GCP natively through their API and provides cloud-agnostic policy orchestration on top of the native controls. This allows customers to visualize and enforce their security posture consistently across these public cloud services. In effect, Dome9 is a force multiplier to the public cloud. Learn more here >>
Check Point CloudGuard SaaS provides leading identity protection for all SaaS applications, including Microsoft Office365, G Suite, OneDrive, Dropbox, and Box. Check Point has developed a unique Identity Protection engine, which integrates with any Identity Provider and SaaS Provider that supports the SAML 2.0 protocol. CloudGuard SaaS utilizes intelligence engines within CloudGuard SaaS, as well as leverages Check Point’s rich threat intelligence, ThreatCloud™, to make smart decisions about user logins to SaaS applications. Thus, “bad” scenarios, such as suspicious location login attempts, impossible travel login attempts, anomalies in user actions, bad reputation source IP addresses, or prohibited geographic locations, are identified and the user (or hacker) activity is reported and/or blocked from accessing the SaaS account. CloudGuard SaaS Identity Protection offers 3 deployment modes:
One-time passcode via SMS (Agentless Mode)
One-time passcode via in-app Push Notification (Hybrid Mode)
Interrogation of device via the Agent to assess device security posture and other contextual meta-data (Agent Mode)