1 / 16

Check Point Connectra NGX R60

Check Point Connectra NGX R60. Patrick Hanel. Agenda. SSL VPN - Anywhere access - Everywhere issue - The future of SSL VPN

jzhou
Download Presentation

Check Point Connectra NGX R60

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Check Point ConnectraNGX R60 Patrick Hanel

  2. Agenda • SSL VPN- Anywhere access- Everywhere issue- The future of SSL VPN • Check Point Connectra: Secure Web-based connectivity- Integrated endpoint security and application security- Universal updateability- Easy deployment and management- Flexible platform options- Uniqueness in SSL VPN

  3. SSL VPN: Anywhere Access Add more remote users beyond current 20 percent • Less technical employees • Partners Reduce remote access support costs • Browser based; no client maintenance • Less end user complexity Additional access options • Access from home PC, corporate PC, Internet kiosk • Day Extenders • Email • Basic applications • Home computer • Teleworkers • Email • Applications • Company computer • Mobile workers • Email • Basic applications • Company computer or public computer • Intranet • Email • Applications • Files • Extranet • Portal • Applications • Files • Extranet access • Partner computers

  4. SSL VPN: Everywhere Access • With IPSec you knew who was coming in • With SSL VPN you don’t (usually) Firewall, antivirus + Access Agreement Company- owned PC Partner PC Company- owned PC Employee home PC Partner PC Public Internet kiosk Completely unmanaged/unsecured

  5. SSL VPN: The Everywhere Issue “Spyware is no longer just an annoying pest swarming home PCs; rather, it has evolved into a serious enterprise security threat.” – IDC Worldwide Spyware 2004-2008 Forecast and Analysis (Nov. 2004) • Internal applications • Generally nonhardened SSL VPN Gateway • External endpoints • Range from secure to completely unsecured

  6. The Future of SSL VPN: Unification SSL VPNs will follow IPSec evolution: Connectivity + Security Key SSL VPN Needs ANYWHERE ACCESS • Browser-based access • Provide access to client/server applications Anywhere Access Network Access EVERYWHERE SECURITY Enforce Policy and Secure Data • Manage the everywhere security problem • Harden applications from security threats Secure Applications UNIFIED MANAGEMENT Easy to Deploy • Minimize deployment and support time

  7. Anywhere Access Network Access Enforce Policy and Secure Data Secure Applications Easy to Deploy Check Point ConnectraWeb Connectivity with Unmatched Security Web Server Authentication Server (Optional) Email Server File Share Server Non-Web Application Server Check Point Connectra Unified Web Security Gateway • Secure Web-Based Connectivity • Integrated Endpoint Security • Integrated Application Security • Easy Deployment and Management • Flexible Deployment Options

  8. Secure Web Based Connectivity Connectra Web Portal Access client/server applications through browser plug-in Web-based access to email Access Web sites and applications Access file share servers

  9. Integrated Endpoint Security • Key benefits • Minimizes risk from unsecured endpoints • Stops ID, password, and data theft Check Point Connectra • Guest PC, unmanaged • Limit access rights • Scans for spyware and malware • Enforces endpoint security compliance (antivirus/firewall) • Provides secure browser for data encryption and cache cleaning • Real-time endpoint security updates • Public PC using secure browser • Grant higher access rights • Spyware and malware • Antivirus and firewall compliance • Secure browser • Spyware detected • Deny access

  10. Integrated Application Security • Application Intelligence and Web IntelligenceApplication-layer protection • DNS, FTP, HTTP, Microsoft CIFS, etc. • Block malicious data • Buffer overflows, DOS attacks, SQL injection, worms, etc. • Real-time security updates • Key benefits • Ensures internal applications and resources are secure • Increases security protection for when endpoints are less secure Normal user Hacker/ infected PC Check Point Connectra Normal user

  11. Universal Updateability • Perimeter, Internal, Web Strategy: Universal Updateability • Update to All Security Components • Application Intelligence and Web Intelligence • Endpoint Security • Universal SmartDefense Delivers the power to update each Check Point solution in real time against the latest known and unknown security threats

  12. Easy Deployment and Management • Authentication Integration • LDAP, RADIUS, SecureID • Application Integration • OWA, Citrix, iNotes, etc. • Email, File Share • SSO • Management • Web-based • Optional SmartCenter integration • Key benefits • Simplifies installation and management • Leverages existing infrastructure SmartCenter Server Authentication Server SSL Check Point VPN-1 Check Point Connectra Management Station (SmartCenter)

  13. Connectra NGX R60 and SmartCenter • Unified Security Management • NGX SmartCenter • SmartView Tracker • SmartView Monitor • Smart Update • SmartDefense Service

  14. Flexible Platform Options • Key benefits • Match platform with price/performance requirements • Connectra appliance • Turnkey solution • Hardened Check Point or OPSEC hardware platform • Multiple platforms to match deployment size • Connectra software • Software for open servers • Based on SecurePlatform • Available as dedicated appliance or software for open servers Connectra software Connectra appliance

  15. Connectra 2.0 warrants consideration, especially when compared with other enterprise remote-access solutions. It has all of the core features, plus solid end-point security. With Connectra 2.0, Check Point Software Technologies Ltd. leverages its vast experience securing networks, applications and client endpoints to provide the most comprehensive security feature set we've seen in an SSL VPN product to date. March 14, 2005 Connectra Uniqueness in SSL VPN Key SSL VPN Needs CONNECTIVITY Anywhere Access • Almost all vendors deliver similar set of connectivity features • SSL Network Extender a solid performer • Some deliver some features • Most rely on third-party startups to fill in gaps • Connectra the most integrated security, only solution with real-time security updates • Standalone solutions, no integration • Unified Security Architecture: Centralized security management Network Access SECURITY Enforce policy and Secure Data Secure Applications MANAGEABILITY Easy to Deploy

  16. Anywhere Access Network Access Enforce Policy and Secure Data Secure Applications Easy to Deploy Thank You! Web Server Authentication Server (Optional) Email Server File Share Server Non-Web Application Server Check Point Connectra Unified Web Security Gateway • Secure Web-Based Connectivity • Integrated Endpoint Security • Integrated Application Security • Easy Deployment and Management • Flexible Deployment Options

More Related