The name of the base system (platform): | Check Point Infinity |
Developers: | Check Point Software Technologies |
Date of the premiere of the system: | 2015/07/17 |
Last Release Date: | 2021/03/15 |
Technology: | IaaS - Infrastructure as a service, Network Health Monitoring - Network monitoring or health-performance management of IT Infrastructure, SaaS - Software as service, Virtualization, IS - Antivirus, IB - Antispam, IB - Firewalls, IB - Prevention of information leakage, IB - Encryption tools, Performance management systems of network applications, Data centers - technologies for data centers |
Content |
CloudGuard is a line of solutions designed to provide comprehensive protection of enterprise cloud SaaS applications, cloud infrastructure and data from Fifth Generation cyber attacks.
CloudGuard
CloudGuard is part of the Check Point Infinity infrastructure, which is based on technologies that provide advanced Gen V protection for the cloud.
Structure
CloudGuard SaaS is a suite of security technologies designed for optimized protection and threat prevention against SaaS applications. CloudGuard SaaS also prevents theft of user accounts and hacking of SaaS applications using ID-Guard technology.
Key Features:
- Zero-Day Threat Protection - Helps protect SaaS app content from APT attacks and unknown zero-day malware with real-time sandbox technologies, ransomware, bots, and a continually updated cloud threat database.
- ID-Guard user identification protection technology (as of February 2018 - in the process of obtaining a patent): the solution detects and blocks attackers who are trying to gain access to SaaS accounts, and also disables unregarded users and unsafe devices.
- Data protection - The solution automatically encrypts sensitive data, blocks unauthorized sharing of sensitive files, and quarantines them.
CloudGuard IaaS (formerly vSEC) offers Fifth Generation threat prevention and advanced protection against attacks on public and private cloud platforms.
CloudGuard Logic provides environments safety cloudy. Detects cloud anomalies, blocks threats and, and invasions provides contextual. visualization
History of development
2019: More Security for Server-Free Computing
On December 10, 2019, it became known that Check Point Software Technologies Ltd. expanded the capabilities of its cloud-based CloudGuard security platform to support Kubernetes computing services, including Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS). The CloudGuard now provides additional security features for Amazon Web Services (AWS) server-free computing solutions, including AWS Lambda and related services such as AWS Fargate, Amazon API Gateway, Amazon DynamoDB and Amazon Kinesis.
It is important for Check Point to provide protection for all corporate tasks and in any cloud by purchasing Protego, a company that can secure the cloud without servers.
According to a 2019 survey, 87% of respondents use container technology. In 2017, this figure was 55%.
Server-free cloud services are the fastest growing: the number of their applications has grown by 50% compared to 2018. But this can cause problems: it is difficult to provide visibility and meet security requirements in cloud deployments. The risk of misconfiguration increases, putting organizations at risk of data breaches and cyber attacks.
According to developers, using CloudGuard, customers can be sure that their Kubernetes configurations meet the established basic container security indicators, such as CIS Kubernetes or NIST 800-190 tests. This functionality complements the existing ability of CloudGuard to protect traffic between Kubernetes and local or cloud resources with. IPsec VPN
The added CloudGuard Serverless Code Scanning feature detects, warns, and eliminates security and compliance risks in a server-less environment.
Regardless of which cloud service the organization has chosen, it is important that its specialists have a clear idea of its work and control over them. The cloud service must meet the requirements of Cloud Workload Protection (CWPP) and Cloud Security Posture Management (CSPM). The enhanced CloudGuard solution, like Protego, provides powerful CSPM and CWPP capabilities across all enterprise cloud environments. They constantly review and immediately detect and resolve any incorrect configurations or security issues. Their work ensures that organizations can fully exploit the flexibility of the cloud without compromising their security, tells Zohar Alon, Head of Cloud Products at Check Point Software Technologies
|
2018: Announcement of the line of CloudGuard
Check Point Software Technologies in February 2018 introduced a line of CloudGuard solutions to protect organizations from Fifth Generation cyber attacks on cloud applications and infrastructure, as well as CloudGuard SaaS to protect enterprises from attacks on SaaS applications (Software-as-a-service).
In addition, according to the company, CloudGuard IaaS (formerly vSEC) is now also part of the CloudGuard line. The solution prevents Fifth Generation threats and offers advanced protection against attacks on the infrastructure and workloads of public and private cloud platforms, including:,, Amazon Web Services,, Google Cloud Platform,, Microsoft Azure,, Cisco ACI OpenStack VMware NSX VMware Cloud on AWS Alibaba VMware ESXi Cloud,, etc. KVM Hyper-V
Fifth-generation cyber attacks (Gen V) are defined as large-scale and dynamic attacks on mobile, cloud and local networks. Such advanced attacks easily overcome the traditional static protection solutions that are used in most organizations. Because cloud asset owners are both cloud service providers and end users, it's not easy to determine who is responsible for their security. This situation poses additional difficulties. CloudGuard is a complete line of cloud security solutions. Their common task is to advance threat prevention and protect enterprise cloud applications, infrastructure and data from Fifth Generation cyber attacks, Check Point said.
CloudGuard Log.ic
History of development
2019: Announcement of the solution CloudGuard Log.ic
On June 17, 2019, the company Check Point Software Technologies announced the release of CloudGuard Logic, a solution that provides safety cloudy environments. With this product, customers can see each thread data and audit trail in today's flexible cloud environments, and analyze data and actions in the cloud to speed investigations. cyberincidents
According to the developer, CloudGuard Logic effectively detects cloud anomalies, blocks threats and intrusions, and provides contextual visualization that allows thorough investigations of security incidents in public cloud infrastructures such as AWS. Logic joins the Check Point CloudGuard family of cloud security products.
A study of cloud computing security conducted by CyberSecurity Insiders for Check Point showed that the most problem faced by IT organizations in this area is non-compliance with safe work rules (34%) and lack of infrastructure security control (33%). Although most organizations say that their cloud storage was not hacked (54%), the other 25% did not know whether it was hacked or not. 15% of organizations confirmed that they faced at least one cloud security incident.
CloudGuard Log.ic is the cornerstone the mechanism which collects data from various sources, including VPC Flow Logs and AWS CloudTrail, and creates contextual awareness on safety in public cloud environments. IB and DevOps can use a ready-made solution to speed incident response and threat detection, view security policies, and apply them to multiple accounts. CloudGuard Logic can also integrate with third-party SIEM solutions, such as, for example, ArcSight, the developer emphasized.
"One of the key differences in cloud environments is the short-lived elements. Since applications collect information that was previously considered static, such as IP addresses, no longer rely on their data. There is a need for new security solutions that initially understand new concepts and enrich information from thread logs, load balancers, and other cloud components. As a result, the IT department gets a more detailed understanding of events during work, which allows a more accurate understanding of the environment, as well as stricter compliance with security rules. " noted Fernando Montenegro of research firm 451 Research |
Key features of CloudGuard Logic noted by the developer:
- Advanced threat prevention by integrating with Check Point ThreatCloud to detect malicious IP addresses.
- Easily create custom alerts that trigger suspicious network and user activity, compliance violations, and incorrect security configurations.
- The attribution assigned to users, groups, and roles is analyzed to track even merged events because configuration changes are tracked and correlated to an individual or role.
- Important events, statistics, and traffic reports can be defined and scheduled for direct e-mail reporting and various ITMS tools such as ServiceNow, PagerDuty, Jira, and others.
- Auto-Fix features can CloudBots be used to automatically respond to specific malicious activity alerts and automate future actions, such as quarantine or tagging.
"CloudGuard Logic provides enterprise customers with visibility into all cloud activities. In addition, the solution allows you to identify malicious intentions, detect intrusions and prevent Fifth Generation Gen V mega-attacks. With the addition of CloudGuard Logic Check Point continues to equip customers with security tools to detect and prevent advanced threats in the cloud. " noted Itai Greenberg, vice president of product management and marketing at Check Point Software Technologies |
CloudGuard SaaS
History of development
2018: Availability CloudGuard SaaS
On December 10, 2018, Check Point Software Technologies announced the public availability of CloudGuard SaaS, a cloud-based solution designed to prevent advanced security threats aimed at SaaS applications.
One of the latest additions to the Check Point cloud product portfolio - CloudGuard SaaS - protects businesses using SaaS applications and cloud mail services (including Office 365, GSuite, and OneDrive), and prevents targeted attacks aimed at stealing sensitive data. Targeted against today's SaaS threats, this solution provides 360-degree protection against malware and zero-day threats, phishing attacks, and employee account theft. In addition, it helps detect unauthorized use of SaaS applications and prevent data leakage, while providing instant visibility into the threat, the developer claims.
"In today's Fifth Generation cyberattack landscape, it is critical to implement technology that can withstand more threats in cloud-based business applications. Typically, companies use CASB solutions (Cloud Access Security Broker) that provide access control and data loss protection. CloudGuard SaaS goes beyond CASB capabilities to help prevent the most common attacks on SaaS applications. " |
Protection against malware and zero-day threats: according to the developer, CloudGuard SaaS is an effective solution to prevent the spread of malware and zero-day attacks on SaaS applications using advanced Check Point SandBlast technologies. SandBlast detects 100% of detection evasion attempts according to NSS Labs tests. Using these capabilities, CloudGuard SaaS protects email attachments and downloads in file-sharing and collaboration tools. CloudGuard SaaS blocks zero-day threats before they reach users and delivers secure content in seconds using Threat Emulation and Threat Extraction technologies.
Account Theft Prevention Technology: CloudGuard SaaS Blocks the leak of SaaS accounts, preventing unauthorized users from logging in, even if the device is already hacked. Using ID-Guard technology, CloudGuard SaaS detects attackers who are trying to access SaaS accounts, emphasized in Check Point.
Phishing protection: According to the developer, Cloudguard SaaS prevents more phishing attacks than standard email services using artificial intelligence mechanisms. It can stop complex phishing attacks, targeted attacks, and email spoofing that can bypass other solutions. Malicious email content is also blocked with high precision.
CloudGuard IaaS
CloudGuard IaaS (until February 2018 - vSEC) - a line of products designed for network protection of cloud and virtual infrastructures.
History of development
2021: Availability on Yandex.Cloud
On March 15, 2021, Check Point Software Technologies Ltd., a provider of cybersecurity solutions worldwide, announced the start of a technology partnership with the Yandex.Cloud cloud platform . Companies will be able to establish a secure VPN connection between offices, data centers or infrastructure in the cloud, provide remote access, protect web servers and other components of their infrastructure using NGFW from Yandex.Cloud.
The pandemic has forced many companies to move to cloud storage. According to the Check Point Cyber Security Report 2021, in 2020, companies did what they planned to do for 5 years due to a pandemic in a year. At the same time, the security of environments located in public clouds is still a serious problem for 75% of companies.
For Russian companies that work with user personal data, there are restrictions on their storage abroad - this means that using foreign clouds can be difficult and you need to look for a Russian solution with reliable protection. Yandex.Cloud is a Russian cloud provider in which Check Point technologies are available.
The Yandex.Cloud marketplace includes the following Check Point products: the security management platform CloudGuard IaaS Security Management and security gateways CloudGuard IaaS.
CloudGuard IaaS Security Management enables enterprises to deploy security in their organizations, as well as in public, private, and hybrid clouds.
The solution is available in two ways: Firstly, according to the BYOL charging system (Bring Your Own License) - you can start a virtual server on the Yandex platform and bring your Check Point license to the NGFW solution used, which was acquired earlier. Secondly, according to the PAYG (Pay-as-you-go) charging, the license fee is included in a single account from Yandex.Cloud. If you select the PAYG rate, hourly charging occurs. All included in one cloud provider check is the cost of Yandex.Cloud processing power and license fees for Check Point solutions.
Check Point CloudGuard IaaS protects information by preventing the spread of threats and providing security management across physical and virtual networks. The solution contains such protections as firewall, antivirus, anti-bot, IDS (Intrusion Detection System), sandboxes, application monitoring systems, and a number of other components.
The need for real cloud solutions is great. Migration of information systems to clouds is a trend that was repeatedly strengthened by the conditions of the pandemic in 2020. However, Russian businesses, due to a number of restrictions on the use of the offer of "foreign clouds," practically did not have the opportunity to provide themselves with everything necessary, and the supply of services from cloud providers was limited, "says Vasily Diaghilev, head of Check Point Software Technologies in Russia and the CIS. - This partnership allows for the first time in Russia all users of Yandex cloud infrastructure to get world-class security along with the offer that exists in other countries. |
2018: Entering the line of CloudGuard
In February 2018, the product vSEC included in the product line CloudGuard, changing its name to CloudGuard IaaS.
2017
Check Point vSEC для Azure
On October 9, 2017, Check Point Software Technologies Ltd. introduced a version of vSEC cloud security technology for Microsoft Azure.
vSEC now supports Azure Stack and provides stable protection for Azure's public and hybrid cloud environment.
Check Point vSEC offers multi-layer protection of data and assets in the cloud from harmful ON other advanced threats. vSEC takes into account the dynamism and flexibility of Azure environments and automatically adapts security policies to changes in the cloud environment based on context data about Azure-defined virtual machines objects, groups, labels, and other objects.
As a result, a comprehensive protection system is created that meets the specific needs of the environment. vSEC automatically tracks workloads and data when they are migrated from the Azure public cloud to the Azure Stack environment, complementing native Microsoft management tools. The solution allows you to use a consistent security policy, manage enforcement, log operations, and report through a single management console.
Main properties
- improved threat prevention protects cloud assets from external and internal threats. vSEC complements the functionality of Azure's own management tools and protects traffic with comprehensive multi-layer security.
- Manage security in a single console for public and private clouds, LANs, and ensure consistent management policies and transparency across the cloud.
- security policy, logging, and reporting allow you to use Microsoft Azure Cloud objects that improve monitoring transparency.
- protection of any cloud and any service.
Check Point vSEC для Google Cloud Platform
On March 23, 2017, Check Point vSEC for Google Cloud Platform is a protection integrated with the Google Cloud Platform.
On March 23, 2017, Check Point Software Technologies Ltd. introduced Check Point vSEC for Google Cloud Platform, which provides protection on the Google Cloud Platform.
Since today we use various Google services, it is natural for us to build our new cloud environment around Google Cloud Platform. Implementing powerful security systems is a key part of this strategy. Check Point vSEC allows us to safely take advantage of all the capabilities of the cloud, increase the use of our local data center, and at the same time be sure that critical assets are protected from external and internal threats. Google Cloud Platform also increases the speed, adaptability, and cost-effectiveness of your infrastructure. |
Check Point vSEC for Google Cloud Platform extends tiered protection of working resources in the cloud, protecting them from external attacks, provides security for connecting local networks to Google Cloud Platform, and prevents horizontal movement of threats between servers located in the cloud.
vSEC is automatically scaled as needed.
Main properties
- Threat prevention protects cloud assets from external and internal threats. vSEC complements existing Google Cloud Platform management tools by protecting traffic with comprehensive multi-layer security.
- Automated and adaptive protection that matches DevOps speeds scales dynamically and grows to meet your organization's needs. vSEC is implemented and configured with the configuration option.
- Manage security from a single panel for public and private cloud, local area networks, and ensure consistent policy management. The solution allows you to use objects defined by Google Cloud Platform in security policies, event logs, and generated reports of the proposed security system.
We are very pleased to offer cloud-based vSEC protection for Google Cloud Platform. Cloud-based vSEC protection is a threat prevention tool that scales after business growth. Security automatically adjusts to dynamic changes in the cloud, allowing DevOps teams and security professionals to put protection on the autopilot and use security management tools evenly across the cloud. |
Check Point vSEC for Google Cloud Platform brings to the cloud the same layered protection that customers have in their data centers. We are very pleased that Check Point supports us in meeting our commitment to build secure, scalable, and efficient applications. |
vSEC for Google Cloud Platform is available in two options - PAYG (Pay-as-you-Grow, "pay as you grow") or BYOL (Bring-your-own-License, "transfer applications to the cloud while retaining a previously acquired license").
2015: Check Point vSEC для VMware NSX
Check Point vSEC is a multi-layer traffic protection system in, DPC VMware for amplification. VMware NSX
vSEC (virtual Security) provides hypervisor-level security between virtual machines, automatically isolating infected computers for further recovery. Network traffic trends and security threats are monitored.
On July 17, 2015 the Check Point Software Technologies company reported about creation of the Check Point vSEC product and its integration into the platform for network virtualizatsiiVMware NSX. A shared solution for software-defined data centers provides comprehensive protection of the private cloud environment - this allows you to control the security of all data center traffic.
Interaction of Check Point vSEC as a part of DPC of VMware, 2015
With VMware NSX, security is presented as part of the data center network infrastructure and microsegmentation becomes functional and cost-effective. VMware NSX transparently builds and manages Check Point vSEC for high-quality traffic analysis.
The combined solution protects against malware, targeted attacks, and zero-day vulnerabilities for outbound and inbound data center traffic, as well as traffic between applications.
Integration Properties:
- Fully automated, advanced traffic protection within data centers
- Dynamically deploy and scale Check Point vSEC to the environment of software-defined data centers
- a full overview of threats to all data center traffic.
According to VMware, VMware NSX, together with Check Point vSEC, enables customers to simplify and accelerate the deployment of Check Point security services in software-defined data centers and ensure their coordinated management.