CloudGuard for Private Cloud Security
Datacenter virtualization increases the risk of lateral spread of threats. Check Point CloudGuard delivers dynamic private cloud security within virtual datacenters to prevent the lateral spread of threats while consolidating visibility and management across physical and virtual networks.
Security and Posture Management
Threat prevention and high fidelity posture management
Multi-cloud security from DevOps to production
Unified Security for
Visibility, intelligence, and threat prevention under one platform
Securing Hybrid Clouds and SDDC
Challenges organizations face when moving assets
and data to the cloud
Security best-practices for protecting cloud-based networks
How Check Point seamlessly extends advanced and agile
security to protect cloud environments
Check Point CloudGuard IaaS private cloud security provides the same industry-leading threat protections safeguarding customer physical networks in a package optimized for the dynamic and automated nature of private cloud datacenters. Easily prevent the lateral spread of threats in software-defined datacenters (SDDCs) with multi-layered protections including:
- Firewall, IPS, Antivirus and Anti-Bot protect services from unauthorized access and attacks.
- Application Control prevents application layer denial of service attacks and protects your cloud services.
- IPsec VPN and Mobile Access provide secure connectivity into cloud resources.
- Data Loss Prevention protects sensitive data from theft or unintentional loss.
- SandBlast Zero-Day Protection provides the most comprehensive protection against malware and zero-day attacks.
Check Point CloudGuard IaaS leverages the automation framework of private cloud solutions for the dynamic insertion, distribution and orchestration of advanced security within private cloud datacenters. This enhances native micro-segmentation capabilities to deliver advanced private cloud security services wherever needed. In the event of a breach of a single node or segment of the network, the threat is easily contained and isolated.
Security management is simplified with centralized configuration and monitoring of all physical and virtual security instances. In private cloud datacenters, there is often a need to integrate different systems that manage the security workflow. Also, repetitive manual tasks must now be automated to streamline security operations. Check Point CloudGuard IaaS security management API allows for granular privilege controls, so that edit privileges can be scoped down to a specific rule or object within the policy, restricting what an automated task or integration can access and change. This ability to perform trusted connections provides private cloud security teams with the confidence to automate the entire security workflow and ensures the right level of protection is applied across each network segment.
Context sharing between Check Point CloudGuard IaaS and leading SDN controllers solutions ensures that security groups, end-point groups, VM identities and more are easily imported and reused within Check Point security policies. This reduces security policy creation time from minutes to seconds. What more, context-awareness is maintained so that any changes or new additions to the virtual infrastructure are automatically absorbed by Check Point CloudGuard. This makes it possible for private cloud security protections to be enforced on virtual applications regardless of where they are created or located.
Virtual workload traffic is logged and can be easily viewed within the same dashboard as physical network logs. Security reports specific to virtual workload traffic as well as complete threat analysis can be generated to track private cloud security compliance across the entire distributed enterprise network – from physical and virtual environments to hybrid clouds.
Check Point CloudGuard for VMware NSX security delivers multi-layered defenses to protect east-west traffic within VMware-deployed data centers. It transparently enforces security at the hypervisor level and between virtual machines, automatically quarantines infected machines for remediation, and provides comprehensive visibility into virtual network traffic trends and threats.