What is the Check Point SASE security solution?
Check Point’s SASE solution is Harmony Connect and features the following: Next Generation Firewall, Intrusion Prevention System, Advanced Threat Prevention, Secure Web Gateway, Data Loss Prevention and Zero Trust Network Access. The solution is cloud-based, which allows for quick deployment and the ability to secure both branch and remote Internet and cloud connections. It features a personalized user portal (See, What Reporting and Management is Available Via the Check Point Portal?), single sign-on integrated with identity providers, security for managed and unmanaged devices, zero trust access control, clienteless remote access, and full layer-3 VPN access (early availability).
What ZTNA (Zero Trust Network Access) Solution is Supported by Check Point?
Check Point offer ZTNA-as-a-Service through Harmony Connect Remote Access for fast deployment. The service can secure access to corporate networks and applications, if they are located in public and private clouds, IaaS and data centers. The solution also provides intuitive clienteless access to SSH, RDP, web and SQL-based resources with the capability to cater to the needs of employees, engineers, DevOps, third-party users, diverse personnel and administrators. The service also includes Security Gateways which allow clients to create network segmentation across LAN environments and public and private clouds. This offers visibility into the groups, applications, users, connection types and machines on a client’s network - with the capability to enforce a Least Privileged access policy, meaning that only authorized users can access protected assets. This is also capable of defending against Direct Denial of Service (DDoS) attacks.
Zero Trust Workloads secures workloads such as the public cloud - the solution offers cloud security that integrates with all public and private cloud infrastructures with full visibility. Providers include Azure, Oracle Cloud, AWS, IBM Cloud, Google Cloud Platform, NSX, OpenStack, Alibaba Cloud, Cisco ISE and Cisco ACI. Zero Trust Devices allows clients to block any compromised devices from accessing sensitive data and assets. This includes users workstations and mobile devices, Industrial Control Systems and IoT devices.
Check Point Identity Awareness is designed to ensure only authorized users can access sensitive data, by checking the authenticity of user identities with Single Sign-On, context-aware policies, anomaly detection and Multi-Factor Authentication. For remote users, Harmony Connect Remote offers least privileged access using identity providers and by integrating into directories and with Privileged Access Management (PAM) as-a-Service for DevOps, administrators and engineers.
Zero Trust Data is Check Point’s data protection solution. It secures data that travels between mobile devices, databases, workstations, application servers, and SaaS applications. The solution features data encryption and data loss prevention, whilst classifying and categorizing data.
What CASB (Cloud Access Security Broker) Solution is Supported by Check Point?
Check Point’s CASB solution is included as part of the CloudGuard SaaS solution. This CASB 2.0 features an advanced threat protection policy as well as CASB services. For more about Check Point’s CloudGuard Solution please see, What NDR (Network Detection and Response) solution is supported by Check Point?
What SWG (Secure Web Gateway) Solution is Supported by Check Point?
Check Point’s Secure Web Gateway uses Application Control, URL Filtering, Identity Awareness and Analysis, Integrated Antivirus as well as Reporting with optional Intrusion Prevention System and Anti-bot. This solution provides granular reporting and forensic tools for event analysis as well as granular policies at both user and user group level. The Secure Web Gateway identifies malware using ThreatCloud global security intelligence and blocks access to phishing and malware websites through URL Filtering controls which include a database of over 200 million websites. Unified reporting, control and enforcement help to protect machines, applications, web and users. This solution can be deployed through cloud security gateways, security gateway appliances and CloudGuard Connect, Check Point’s cloud security service.
What FWaaS (Firewall as a Service) Solution is Supported by Check Point?
Check Point offer a range of hardware-deployed Next Generation Firewalls (NGFW) as part of their Quantum Security Gateway solution. They provide zero-day protection using SandBlast Zero Day Protection, and each of their NGFW solutions come with a one-year license for SandBlast, and the updated range of appliances are based on Infinity Architecture. The solution offers R81 unified security management control across clouds, IoT and networks. Each appliance integrates consolidated management and advanced threat prevention to protect against cyber attacks.
- Quantum Edge: A Branch Virtual Security Gateway designed to protect Check Point’s branch SD WAN Cloud Connector from security threats. Designed to create a secure connection between the branch office and the cloud, using Threat Prevention. This is deployed as either a virtual machine on SD WAN or as a universal Customer Premises Equipment (uCPE) device. The solution integrates with SD WAN from VMware, Cisco, Citrix, Aryaka and Versa Networks, featuring: cloud or enterprise management options, privacy and compliance maintenance, lightweight embedded VM with 1 core, 1GB RAM and 1GB disk, integration with an on-premise SD WAN Edge; and integration with VMware SD WAN Edge devices.
- Quantum Maestro: Check Point offer clients Hyperscale cloud security, which allows them to simplify data center workflow orchestration, whilst scaling up existing Check Point security gateways as required. Clients can stack multiple Check Point security gateways together, to create their own virtualised private cloud premise. The Maestro Orchestrator is a Hyperscale Security Solution designed to protect next generation data centers, with the capability to scale up existing Check Point security gateways as needed. The solution has the capability to expand from a single gateway up to a maximum capacity of 52 gateways. Newer models include a 1U form factor designed for hyperscale implementations.
- Large Enterprises: Check Point offer large enterprises their 15000/16000 Series appliance which includes Quantum Security Gateways for easily managed comprehensive security protection.
- Data Center and High End Enterprise: Offers Check Point’s 26000/28000 Series appliance for data center-grade hardware leveraging Quantum Security Gateways.
- Branch Office: Clients looking for branch office solutions can choose between 1600, 1800 and 3000 Series hardware appliances, which include Quantum Security Gateways in small form factor in order to fit branch and small offices.
- Quantum Spark: A Next Generation Firewall (NGFW) for Small to Medium Enterprises (SMEs) offering threat protection as well as security gateways to provide security for up to 500 employees, leveraging WebUI for management and reporting. The solution can be managed from a mobile application or web portal. This is offered using 1500, 1600 and 1800 Series hardware appliances. This solution includes: IPsec VPN, SSL-VPN, intrusion prevention, anti-bot, sandblast threat emulation, NGFW, anti-spam, SandBlast Threat Emulation and application control and web filtering.
- Midsize Enterprises: Leverages Quantum Security Gateways with Gen V in one security gateway, provided by a 6000 Series hardware appliance
- Industrial Appliances: Check Point’s Quantum Rugged is designed to deliver Threat Prevention to protect Industrial Control Systems for industry verticals such as energy, utilities, transportation and manufacturing using 1570R Wired and Wireless Models.
- Quantum Scalable Chassis: Designed for clients who’s networks are growing, leveraging the Quantum Scalable Chassis with chassis-based and multi-bladed systems for scalability. Uses the 44000 and 64000 Series hardware appliances which are suitable for large data center and telco environments.
What MDR (Managed Detection and Response) Solution is Supported by Check Point?
Check Point’s Managed Security Service, ThreatCloud, offers 24/7 monitoring or fully managed service. The service offers monitoring, analysis and advanced tools to ensure the mitigation of threats. The MDR solution includes policy tuning and optimization, real time phone, web and email notifications, Global ThreatCloud intelligence feeds, access to web portal and periodic reports, 24/7 security event monitoring all year round and support for URL Filtering, Threat Emulation blades, Anti-Bot, Application Control, IPS and Antivirus. This solution supports existing IT teams by automating analysis of customer events, and providing 24/7 access to Check Point’s Security Operations Centers to monitor and diminish threats.
What NDR (Network Detection and Response) Solution is Supported by Check Point?
Check Point offer CloudGuard as their NDR solution. CloudGuard is a unified, cloud native solution that offers Cloud Security Posture Management, Cloud Workload Protection, Cloud Application Security, Cloud Intelligence & Threat Hunting as well as Cloud Network Security & Threat Prevention. From a single platform solution organizations are able to secure their multi-cloud environments and prevent threats by gaining visibility into cloud traffic as well as leveraging a centralized platform for assets, security alerts and auto-remediation. Security and posture management helps to prevent threats and Automated DevSecOp helps to resolve vulnerabilities whilst also reducing false positives enabling IT security teams to focus on the threats that matter. CloudGuard provides cloud security across multiple platforms such as: Alibaba Cloud, AWS, Azure, Google Cloud, IBM Cloud, Kubernetes, Oracle Cloud and VMware etc.
What XDR (Extended Detection and Response) Solution is Supported by Check Point?
Check Point offer XDR solutions, the details of which are available on application. Typically, XDR solutions collect and automatically correlate data across cloud workloads, the network, emails, endpoints and servers. XDR aims to improve the speed of detection of threats, and more efficiently investigate security risks.