CheckPoint CeBIT 2008 VSX PDF

Check Point VPN-1 Power VSX
Virtualisierung von Firewall-Systemen

Will Stefan Roth Technical Consultant Check Point Software Technologies
puresecurity
2003-2007 Check Point Software Technologies Ltd. All rights reserved. Proprietary and confidential.
Known picture?
Security Management is too Complex
Best-of-breed security has led to gaps in protection and a high cost of ownership because of the need for multiple management consoles and a lack of integration. - John Pescatore, Gartner
puresecurity
Provider-1 Introduction
Consolidates multiple security policies on a single platform Intuitive GUI allows easy policy updates Minimizes investment in hardware & labor
puresecurity
VPN-1 VSX NGX Virtual Security Extension
puresecurity
VSX - Meeting the Challenge
Designed for large scale large-scale environments Virtualization of network infrastructure Check Point Stateful Inspection, Application I ti A li ti Intelligence, and SmartDefense services Centralized management for distributed network, POP and hosting h ti environments i t
VSX Gateway
puresecurity
Virtual Routing and Firewalling

VPN-1 VSX NGX establishes a Virtual Network Environment consists of multiple virtual devices
Virtual System (VS) Virtual System In Bridge Mode Virtual Router (VR) ( ) Virtual Switch (V-SW) ( ) Virtual Cable (warp link) VPN-1 Firewall Module VPN-1 Firewall Module In B id Mode I Bridge M d IP Router Switch Network Cable
puresecurity
VPN-1 VSX NGX Security Virtualization

VPN-1 VSX is a virtualized security gateway that allows enterprises and service providers to aggregate up to 250 comprehensive security policies on a single hardware platform, eliminating the need to invest in and deploy multiple solutions to achieve end-to-end security. Only Check Point VPN-1 VSX provides a platform for highly scalable virtualized network and security services that is easy to deploy and manage.
Check Point Stateful Inspection, Application Intelligence, and SmartDefense services Centralized, multi-domain policy management Completely virtualized network environment i t Wire-speed security for gigabit networks High availability and scalability
Based on proven, mature, core technologies
Eases deployment and reduces administrative b d E d l d d d i i i burden
Virtual security and network services including virtual routing, virtual switching, and virtual systems in bridge mode switching
Superior performance assuring security without disruptions in your network or data center center. Reduced downtime means less disruption of business. Scales to meet the needs of the most complex network environments
puresecurity
VPN-1 VSX NGX - Features

Dynamic Routing Single IP address for VSX management Virtual System in Bridge Mode Virtual System creation templates Virtual System creation y wizard VoIP Security VSX gateway reconfigure option
Support for Dynamic routing per VS/VR Minimizes number of IP addresses that system requires. Addresses critical issue with IP address management, conserving IT resources. Layer 2 VPN-1 with no IP addresses, transparent FW. Important differentiator, appealing to Enterprises. Simplifies deployment & administration. Simplify creation of VSs with templates. Considerbly reduce time to S f f S C deploy and manage VSX. Saves time and simplifies creation process of VSs. Minimizes risk for human error. Support for securing H.323, SIP, MGCP, and SCCP traffic Improved resiliency. (previously reliant on backups, now GW can be reconfigured from management)
puresecurity
Virtual Switches
Internet
Virtual Switches Facilitates

Sharing Physical Interfaces among multiple VSs Inter VS communication Reduces the number of hops No IP allocation process required
212.150.48.254
Virtual Switches require no IP addresses Facilitate internal and external Connectivity
212.150.48.1
212.150.48.2
212.150.48.3
212.150.48.4
192.168.1.1
172.169.1.1
192.150.2.1
200.128.4.1
802.1q 802 1
puresecurity
Virtual Network Environment Dynamic Routing

The Virtual Network Environment integrates support for Dynamic Routing Protocols g
Unicast Routing RIPv1/2, OSPFv2 & BGP-4 Multicast Routing IGMPv2, PIM-DM & PIM-SM
Each Virtual Device maintains support for all of the routing protocols
The protocols facilitate connectivity between: Virtual Device to Virtual Device Virtual Device to external router
802.1q 802 1q
Virtual Switch
OSPF
802.1q
Marketing
Virtual Router
puresecurity
10
VPN-1 VSX NGX Clustering

VSX provides seamless fail over of connections and routing from one VSX cluster member t another ti f l t b to th
Key Benefit y Increased granularity in resiliency and scalability
Stateful failover for routing protocols Recovering fallen modules Add/ remove members to existing cluster Upgrading cluster members Single Virtual System fail-over More cluster members VSX cluster now supports up to 12 members
State d St t and routing ti synchronization
puresecurity
11
VSX NGX Management

Simplified VSX GUI for simpler and faster configuration
Unified Graphical User Interface
All configuration and management aspects done through SmartDashboard
Virtual System Creation Wizard

New wizard simplified creation of Virtual Systems
Virtual System Creation Templates

Select Pre-defined template or Pre defined Customized Virtual System Creation Wizard pages are displayed according to template
Backward Compatibility Support

From NGX release -create and manage VSX 2.0.1 and VSX NG AI objects 201 objects.
puresecurity
12
Using VSX NGX for complete Enterprise Security

Vlan 100
DMZ-2 DMZ 2 Private FTP Site
Vlan 200 SAP Vlan 300 Gatekeepers Vlan 301 Development Servers
Remote Sites
VPN access
Internet Mail-Relay, Public FTP Site & Proxies
End-toEnd-to-End Virtualized Enterprise Security

The Perimeter P i t
Vlan 101 Finance
Routed Core
Vlan 102 Purchasing
Vlan 400 IP Telephony Vlan 304 Business B i Development
Support Vendors
Partners
Service Area Web Servers

Vlan 1000 Lab 1 Vlan 1001 Lab 2 Vlan 1002 QA
VSX Cluster
Distribution
Floor L-2 Access LSwitches
puresecurity
13
Check Point PURE Security
puresecurity
14
puresecurity
15
puresecurity
16
puresecurity
17
Check Point Globaler Marktfhrer
Etablierter Hersteller
Weltweiter Marktfhrer in den Bereichen Firewall/ VPN*, mobile Datenverschlsselung 100% der Fortune 100, 98% der Fortune 500 100.000 Unternehmen, 30 Mio. Benutzer 100% Focus auf IP Sicherheit 700 IP Sicherheit 700+ Entwickler allein fr IP-Sicherheit Focus auf Netzwerk- und Datensicherheit 1.700+ Mitarbeiter 69 Niederlassungen in 28 Lndern 2.200 Partner in 88 Lndern Zentralen i I Z t l in Israel und U.S.A. l dUSA
2006 Check Point Software Technologies Ltd. Proprietary & Confidential
PURE Security
Weltweit fr Sie da
* Frost & Sullivan
puresecurity
18
Vielen D k f Ih Vi l Dank fr Ihre Aufmerksamkeit!
puresecurity
19

CheckPoint CeBIT 2008 VSX PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

CheckPoint CeBIT 2008 VSX PDF

Încărcat de

Drepturi de autor:

Formate disponibile

Check Point VPN-1 Power VSX

Virtualisierung von Firewall-Systemen

VPN-1 VSX NGX Virtual Security Extension

VSX - Meeting the Challenge

Virtual Routing and Firewalling

VPN-1 VSX NGX Security Virtualization

Based on proven, mature, core technologies

Eases deployment and reduces administrative b d E d l d d d i i i burden

VPN-1 VSX NGX - Features

Virtual Switches Facilitates

Virtual Switches require no IP addresses Facilitate internal and external Connectivity

Virtual Network Environment Dynamic Routing

VPN-1 VSX NGX Clustering

State d St t and routing ti synchronization

VSX NGX Management

Virtual System Creation Wizard

Virtual System Creation Templates

Backward Compatibility Support

Using VSX NGX for complete Enterprise Security

DMZ-2 DMZ 2 Private FTP Site

Internet Mail-Relay, Public FTP Site & Proxies

End-toEnd-to-End Virtualized Enterprise Security

Vlan 102 Purchasing

Vlan 400 IP Telephony Vlan 304 Business B i Development

Service Area Web Servers

Floor L-2 Access LSwitches

Check Point PURE Security

Check Point PURE Security

Check Point PURE Security

Check Point PURE Security

Check Point Globaler Marktfhrer

* Frost & Sullivan

Vielen D k f Ih Vi l Dank fr Ihre Aufmerksamkeit!

S-ar putea să vă placă și