SlideShare a Scribd company logo

Check Point sizing security

Group of company MUK
Group of company MUK

Sizing Your Security Gateway

Technology
1 of 36
Sizing Your Security Gateway CPX – Barcelona Solution Center [Protected] For public distribution ©2013 Check Point Software Technologies Ltd.
Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 2
Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 3
Joe Needs a New Security Appliance Required Security Available Appliances Firewall IPS Application Control URL Filtering Firewall: 3 Gbps IPS: 2 Gbps Throughput Needs 350 Mbps Firewall: 25 Gbps IPS: 12 Gbps 2000 Users Joe has a problem. Which appliance can best match his requirements? [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 4
Appliance Sizing Challenges Sizing the right appliance is often a complex task! Match appliance to real-world security requirements Handle current and future capacity needs Effectively compare among appliances [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 5
Customize with Software Blades FW & VPN Software Blades IPS Software Blade Application Control Software Blade Identity Awareness Software Blade Antivirus Software Blade URL Filtering Software Blade Anti-Bot DLP Software Blade Software Blade The Security You Want The Performance You Need [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 6
Balancing Security & Performance Need to protect against a wide spectrum of attacks, in addition to Firewall and VPN What is the impact with multiple Software Blades enabled? What about future growth? [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 7
Different Machines Require Different Power Measurements Different Machines Relevant Power Unit Horsepower Volts Router and Switch Security Gateway [Protected] For public distribution Mbps ? ©2013 Check Point Software Technologies Ltd. 8
Different Machines Require Different Power Measurements Different Machines Relevant Power Unit Horsepower Volts Router and Switch Security Gateway [Protected] For public distribution Mbps SecurityPower ©2013 Check Point Software Technologies Ltd. 9
Appliance SecurityPower Values 21000 3551* SPU 12000 14,600 SPU 3300* SPU 4000 2900* SPU 61000 2000 * With Security Acceleration Module 1861 SPU 114 SPU 114 SPU 2200 4200 374 SPU 4400 623 SPU 4800 738 SPU 1046 SPU 12200 12400 12600 21400 21600 21700 [Protected] For public distribution 61000 ©2013 Check Point Software Technologies Ltd. 10
Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 11
Security Power Utilization  Yesterday’s Performance metrics – sterile – FW throughput – RFC – large packets  2012-2013 – Threats call for a more realistic approach!  Need to measure Security Performance when actually implementing Multi-Layer Security engines  Introducing Check Point Security Power Utilization…  Evolving traffic blend… Real World, Web, Video, Social Media, Mail, SSL [Protected] For public distribution Firewall Firewall + IPS Firewall + AV Firewall + IPS + AV ©2013 Check Point Software Technologies Ltd. 12
Sizing-Up the Right Appliance for You Helping You Select the Right Appliance to Meet Your Security and Performance Requirements Required SecurityPower: 1308 SPU Room for Growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 13
Plan for the Future Optimal Zone Recommended! Customer Requirements Extensive Room for Growth Peak Resource Consumption (Not Recommended) Room for Growth Additional Blades and Throughput until 70% Utilization For optimal results, use up to 50% of the appliance’s SecurityPower capacity [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 14
SPU – Real Performance Traffic Live Demo Sizing Appliances usercenter.checkpoint.com [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 15
SPU – Real Performance Traffic Live Demo How did we get to the appliance SPU? Visit CPX Performance Lab [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 16
How to Size Appliances?  Understand customer Security and Performance requirements – Current vs. Future – 3 up to 5 years – Deployment type, interfaces, cluster, etc.  Use “cpsizeme” – accurate method of collecting data  Use Appliance sizing tool – Consider future growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 17
SPU – Real Performance Traffic Under the hood…. [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 18
Measuring Appliance SecurityPower SecurityPower Integrates Multiple Performance Measurements Based On: Real-World Traffic Multiple Security Functions Typical Security Policy [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 19
SecurityPower ‒ Traffic Blend Measuring Real-World Traffic Blend The Old Way UDP large packets ‒ RFC Real-World Traffic Blend* 10% 9% 13% 68% HTTP SMTP HTTPS Other *Based on customer research conducted by Check Point performance labs [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 20
SecurityPower ‒ Software Blades SecurityPower Measures Performance Under Advanced Security Functions The Old Way FW & VPN Software Blades Application IPS Control Software Blade Software Blade Identity Awareness Software Blade Antivirus & Anti-Malware Software Blade URL Filtering Software Blade DLP Software Blade Firewall only Any-Any-Accept SecurityPower Security Appliance [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 21
SecurityPower ‒ Security Policy Applying a True Security Policy Policy with 100 Rules! The Old Way One rule: Allow all traffic Rule Protocol Action #1 POP3 Accept #2 FTP Accept #3 ICMP Drop # 98 HTTP Accept #99 SMTP Accept #100 ANY Drop [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 22
SecurityPower ‒ Security Policy Applying a True Security Policy The Old Way     No Logging No NAT No IPS No signatures Log All Connections Network Address Translation IPS Recommended Protection Up-to-Date Signature Databases [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 23
Advanced Clusters, Packet Sizes, Amount of Interfaces, Management [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 24
Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 26
Customer Story cpsizeme [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 27
Doctor – I Am Not Feeling Well!!!!  How are you feeling today?  What is the problem?........  Prognosis – Diagnosis?  Tools often used…. [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 28
Introducing Performance Utility Performance Utility Customer Requirements Collect real performance Recommended Appliance data from existing appliance over 24 hours Appliance Selection Tool  Collect customer requirements  Translate Performance Utility output to  Translate requirements to SecurityPower Customer Requirements  Suggest the right appliance for the job [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 29
Introducing Performance Utility XYZ Cloud Based Analysis  Evaluate Security Gateway Performance  View Multi-Security Functions Impact  Capacity Planning  Performance Impact – Minimal [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 30
Case Study #1 Customer Requirements       From Appliance Selection Tool Secure Perimeter FW, VPN, IPS. MAB, URLF, APP 1000 Users / 100 remote users ISP Pipe: 300Mbps Total Throughput: 800 Mbps Required SPU: 433 SPU Customer’s Choice  Customer selected 4800 (~38% utilization estimation)  Customer has room for future growth: ‒ Add Antivirus Software Blade or ‒ 85% traffic growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 31
Case Study #1 300Mbps “Effective” Max Throughput (600 Mbps) Exceptional throughput peak – low impact on CPU [Protected] For public distribution (48%) “Effective” Max Kernel CPU ©2013 Check Point Software Technologies Ltd. 32
Two Facts to Know About the Sizing Tool We used the Performance Utility to Measure the Performance on 95 Appliances in Different Customers’ Product Environments The Appliance Selection Tool Predicted the CPU Utilization in 82% of the Cases* *Accepted variation was [Protected] For public distribution 15 points ©2013 Check Point Software Technologies Ltd. 33
Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 34
Field Feedback  Reliable and trusted tool  Partners say… – The report is great.. Very helpful. – “None of the other vendors have anything like this” – Can’t wait till we get the cpsizeme report – Availability? ‒ ”We want direct access!”  Next steps… – IP series – Virtual Systems, HTTP Encryption – QoS – Traffic blend, packet size [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 37
SecurityPower The New Way to Measure the Real Power of Security Appliances Performance on Real-World Traffic and Advanced Security Functions Enables Planning and Maximization of Security [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 38
Thank You! [Protected] For public distribution ©2013 Check Point Software Technologies Ltd.

Recommended

Open Ethernet: an open-source approach to modern network design
Open Ethernet: an open-source approach to modern network designOpen Ethernet: an open-source approach to modern network design
Open Ethernet: an open-source approach to modern network designAlexander Petrovskiy
 
생성형 AI의 교육적 활용 방안(수업준비)
생성형 AI의 교육적 활용 방안(수업준비)생성형 AI의 교육적 활용 방안(수업준비)
생성형 AI의 교육적 활용 방안(수업준비)Kyubok Cho
 
Dasan zhone mxk_msan_solution
Dasan zhone mxk_msan_solutionDasan zhone mxk_msan_solution
Dasan zhone mxk_msan_solutionHusam Al-Hasani
 
Firefox Architecture Overview
Firefox Architecture OverviewFirefox Architecture Overview
Firefox Architecture OverviewAnant Narayanan
 
Infor So Ho Experience
Infor So Ho ExperienceInfor So Ho Experience
Infor So Ho Experiencerajeevganju
 
VMware Horizon (view) 7 Lab Manual
VMware Horizon (view) 7 Lab Manual VMware Horizon (view) 7 Lab Manual
VMware Horizon (view) 7 Lab Manual Sanjeev Kumar
 
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile ConnectFIDO Alliance
 

Recommended

Open Ethernet: an open-source approach to modern network design
Open Ethernet: an open-source approach to modern network designOpen Ethernet: an open-source approach to modern network design
Open Ethernet: an open-source approach to modern network designAlexander Petrovskiy
 
생성형 AI의 교육적 활용 방안(수업준비)
생성형 AI의 교육적 활용 방안(수업준비)생성형 AI의 교육적 활용 방안(수업준비)
생성형 AI의 교육적 활용 방안(수업준비)Kyubok Cho
 
Dasan zhone mxk_msan_solution
Dasan zhone mxk_msan_solutionDasan zhone mxk_msan_solution
Dasan zhone mxk_msan_solutionHusam Al-Hasani
 
Firefox Architecture Overview
Firefox Architecture OverviewFirefox Architecture Overview
Firefox Architecture OverviewAnant Narayanan
 
Infor So Ho Experience
Infor So Ho ExperienceInfor So Ho Experience
Infor So Ho Experiencerajeevganju
 
VMware Horizon (view) 7 Lab Manual
VMware Horizon (view) 7 Lab Manual VMware Horizon (view) 7 Lab Manual
VMware Horizon (view) 7 Lab Manual Sanjeev Kumar
 
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile ConnectFIDO Alliance
 
Sim box
Sim boxSim box
Sim boxAkhil Singh Rawat
 
VoltDB 소개
VoltDB 소개VoltDB 소개
VoltDB 소개Linux Foundation Korea
 
Google Cloud Platform 入門
Google Cloud Platform 入門Google Cloud Platform 入門
Google Cloud Platform 入門Kah Wai Liew
 
Global IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive IntelligenceGlobal IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive IntelligenceNetscribes
 
GDC Telecom Company Presentation
GDC Telecom Company PresentationGDC Telecom Company Presentation
GDC Telecom Company PresentationGDC Telecom
 
Tech Stack Ideas
Tech Stack IdeasTech Stack Ideas
Tech Stack Ideasnsclark
 
David Soldani, Huawei
David Soldani, HuaweiDavid Soldani, Huawei
David Soldani, HuaweiHilary Ip
 
Past Present and Future of CXL
Past Present and Future of CXLPast Present and Future of CXL
Past Present and Future of CXLMemory Fabric Forum
 
iOS platform
iOS platformiOS platform
iOS platformmaya_slides
 
bookend紹介20221110
bookend紹介20221110bookend紹介20221110
bookend紹介20221110iDOC KK
 
Fondamenti di cloud computing
Fondamenti di cloud computingFondamenti di cloud computing
Fondamenti di cloud computingGianluigi Cogo
 
JITServerTalk.pdf
JITServerTalk.pdfJITServerTalk.pdf
JITServerTalk.pdfRichHagarty
 
Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Herman Arnedo
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And OptionsAlan McSweeney
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...scoopnewsgroup
 
Advanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public NetworksAdvanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public Networks3G4G
 
Training sale man ftth
Training sale man ftth Training sale man ftth
Training sale man ftth Nguyen Phan Giang
 
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.comAVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.comAVATA
 
Docker advance topic
Docker advance topicDocker advance topic
Docker advance topicKalkey
 
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...Igalia
 
Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual SystemsGroup of company MUK
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 

More Related Content

What's hot

Google Cloud Platform 入門
Google Cloud Platform 入門Google Cloud Platform 入門
Google Cloud Platform 入門Kah Wai Liew
 
Global IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive IntelligenceGlobal IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive IntelligenceNetscribes
 
GDC Telecom Company Presentation
GDC Telecom Company PresentationGDC Telecom Company Presentation
GDC Telecom Company PresentationGDC Telecom
 
Tech Stack Ideas
Tech Stack IdeasTech Stack Ideas
Tech Stack Ideasnsclark
 
David Soldani, Huawei
David Soldani, HuaweiDavid Soldani, Huawei
David Soldani, HuaweiHilary Ip
 
bookend紹介20221110
bookend紹介20221110bookend紹介20221110
bookend紹介20221110iDOC KK
 
Fondamenti di cloud computing
Fondamenti di cloud computingFondamenti di cloud computing
Fondamenti di cloud computingGianluigi Cogo
 
JITServerTalk.pdf
JITServerTalk.pdfJITServerTalk.pdf
JITServerTalk.pdfRichHagarty
 
Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Herman Arnedo
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And OptionsAlan McSweeney
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...scoopnewsgroup
 
Advanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public NetworksAdvanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public Networks3G4G
 
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.comAVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.comAVATA
 
Docker advance topic
Docker advance topicDocker advance topic
Docker advance topicKalkey
 
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...Igalia
 

What's hot (20)

Sim box
Sim boxSim box
Sim box
 
VoltDB 소개
VoltDB 소개VoltDB 소개
VoltDB 소개
 
Google Cloud Platform 入門
Google Cloud Platform 入門Google Cloud Platform 入門
Google Cloud Platform 入門
 
Global IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive IntelligenceGlobal IoT Managed Services – Competitive Intelligence
Global IoT Managed Services – Competitive Intelligence
 
GDC Telecom Company Presentation
GDC Telecom Company PresentationGDC Telecom Company Presentation
GDC Telecom Company Presentation
 
Tech Stack Ideas
Tech Stack IdeasTech Stack Ideas
Tech Stack Ideas
 
David Soldani, Huawei
David Soldani, HuaweiDavid Soldani, Huawei
David Soldani, Huawei
 
Past Present and Future of CXL
Past Present and Future of CXLPast Present and Future of CXL
Past Present and Future of CXL
 
iOS platform
iOS platformiOS platform
iOS platform
 
bookend紹介20221110
bookend紹介20221110bookend紹介20221110
bookend紹介20221110
 
Fondamenti di cloud computing
Fondamenti di cloud computingFondamenti di cloud computing
Fondamenti di cloud computing
 
JITServerTalk.pdf
JITServerTalk.pdfJITServerTalk.pdf
JITServerTalk.pdf
 
Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education Microsoft System Center Configuration Manager for Education
Microsoft System Center Configuration Manager for Education
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And Options
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
 
Advanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public NetworksAdvanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public Networks
 
Training sale man ftth
Training sale man ftth Training sale man ftth
Training sale man ftth
 
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.comAVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
AVATA Webinar: Upgrading ASCP - The New Face of ASCP is Here! www.avata.com
 
Docker advance topic
Docker advance topicDocker advance topic
Docker advance topic
 
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
Browsers and Web Runtimes for Automotive: Alternatives, Challenges, and Curre...
 

Viewers also liked

Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014David Berkelmans
 
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies sushmil123
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data CenterGroup of company MUK
 
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security productsAyulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security productsVertexMon VertexMon
 
Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70symple9
 
Web Security Deployment
Web Security DeploymentWeb Security Deployment
Web Security DeploymentCisco Canada
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Cisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in ShortCisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in ShortPriyank Sharma
 
When vendors post false claims (alternative facts)
When vendors post false claims (alternative facts)When vendors post false claims (alternative facts)
When vendors post false claims (alternative facts)Dan Colwell
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationKaveh Khosravi
 
Cp r75 firewall_admin_guide
Cp r75 firewall_admin_guideCp r75 firewall_admin_guide
Cp r75 firewall_admin_guideAnh Thảo
 
Fundamentos de Banco de Dados Relacionais
Fundamentos de Banco de Dados RelacionaisFundamentos de Banco de Dados Relacionais
Fundamentos de Banco de Dados RelacionaisÁlvaro Farias Pinheiro
 
Overview of Linux
Overview of LinuxOverview of Linux
Overview of LinuxThang Man
 

Viewers also liked (20)

Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual Systems
 
checkpoint
checkpointcheckpoint
checkpoint
 
Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
 
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies
 
Checkpoint r77
Checkpoint r77Checkpoint r77
Checkpoint r77
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFW
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
 
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security productsAyulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
 
Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
 
Web Security Deployment
Web Security DeploymentWeb Security Deployment
Web Security Deployment
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Cisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in ShortCisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in Short
 
When vendors post false claims (alternative facts)
When vendors post false claims (alternative facts)When vendors post false claims (alternative facts)
When vendors post false claims (alternative facts)
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
 
Cp r75 firewall_admin_guide
Cp r75 firewall_admin_guideCp r75 firewall_admin_guide
Cp r75 firewall_admin_guide
 
Postgre sql +python
Postgre sql +pythonPostgre sql +python
Postgre sql +python
 
Fundamentos de Banco de Dados Relacionais
Fundamentos de Banco de Dados RelacionaisFundamentos de Banco de Dados Relacionais
Fundamentos de Banco de Dados Relacionais
 
Overview of Linux
Overview of LinuxOverview of Linux
Overview of Linux
 

Similar to Check Point sizing security

ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2Nguyen Binh
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Unlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsUnlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsconfluent
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonDigital Catapult
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin RodillasTI Safe
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Javaterrencebarr
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
IBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix MarketplaceIBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix MarketplaceSimon Baker
 
Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD] Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD] Md Yousup Faruqu
 
Cyberoam Firewall Presentation
Cyberoam Firewall PresentationCyberoam Firewall Presentation
Cyberoam Firewall PresentationManoj Kumar Mishra
 
Ccnsp trainer presentation
Ccnsp trainer presentationCcnsp trainer presentation
Ccnsp trainer presentationSoap MacTavish
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 

Similar to Check Point sizing security (20)

ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution Taarak
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Unlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsUnlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insights
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob Rowlingson
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Java
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
IBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix MarketplaceIBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix Marketplace
 
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
 
Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD] Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD]
 
Cyberoam Firewall Presentation
Cyberoam Firewall PresentationCyberoam Firewall Presentation
Cyberoam Firewall Presentation
 
Ccnsp trainer presentation
Ccnsp trainer presentationCcnsp trainer presentation
Ccnsp trainer presentation
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 

More from Group of company MUK

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botGroup of company MUK
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintGroup of company MUK
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Group of company MUK
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012Group of company MUK
 

More from Group of company MUK (16)

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
 
Check Point Products RU
Check Point Products RUCheck Point Products RU
Check Point Products RU
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
 
Check Point Mobile Security
Check Point Mobile SecurityCheck Point Mobile Security
Check Point Mobile Security
 
Check Point Ddos protector
Check Point Ddos protectorCheck Point Ddos protector
Check Point Ddos protector
 
Check Point: Compliance Blade
Check Point: Compliance BladeCheck Point: Compliance Blade
Check Point: Compliance Blade
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving bot
 
Check Point Threat emulation 2013
Check Point Threat emulation 2013Check Point Threat emulation 2013
Check Point Threat emulation 2013
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security Blueprint
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint
 
Check Point Consolidation
Check Point ConsolidationCheck Point Consolidation
Check Point Consolidation
 
Check Point 2013
Check Point 2013Check Point 2013
Check Point 2013
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012
 
Check Point Report 2013 RU
Check Point Report 2013 RUCheck Point Report 2013 RU
Check Point Report 2013 RU
 
3D Security Report
3D Security Report3D Security Report
3D Security Report
 

Recently uploaded

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Check Point sizing security

  • 1. Sizing Your Security Gateway CPX – Barcelona Solution Center [Protected] For public distribution ©2013 Check Point Software Technologies Ltd.
  • 2. Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 2
  • 3. Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 3
  • 4. Joe Needs a New Security Appliance Required Security Available Appliances Firewall IPS Application Control URL Filtering Firewall: 3 Gbps IPS: 2 Gbps Throughput Needs 350 Mbps Firewall: 25 Gbps IPS: 12 Gbps 2000 Users Joe has a problem. Which appliance can best match his requirements? [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 4
  • 5. Appliance Sizing Challenges Sizing the right appliance is often a complex task! Match appliance to real-world security requirements Handle current and future capacity needs Effectively compare among appliances [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 5
  • 6. Customize with Software Blades FW & VPN Software Blades IPS Software Blade Application Control Software Blade Identity Awareness Software Blade Antivirus Software Blade URL Filtering Software Blade Anti-Bot DLP Software Blade Software Blade The Security You Want The Performance You Need [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 6
  • 7. Balancing Security & Performance Need to protect against a wide spectrum of attacks, in addition to Firewall and VPN What is the impact with multiple Software Blades enabled? What about future growth? [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 7
  • 8. Different Machines Require Different Power Measurements Different Machines Relevant Power Unit Horsepower Volts Router and Switch Security Gateway [Protected] For public distribution Mbps ? ©2013 Check Point Software Technologies Ltd. 8
  • 9. Different Machines Require Different Power Measurements Different Machines Relevant Power Unit Horsepower Volts Router and Switch Security Gateway [Protected] For public distribution Mbps SecurityPower ©2013 Check Point Software Technologies Ltd. 9
  • 10. Appliance SecurityPower Values 21000 3551* SPU 12000 14,600 SPU 3300* SPU 4000 2900* SPU 61000 2000 * With Security Acceleration Module 1861 SPU 114 SPU 114 SPU 2200 4200 374 SPU 4400 623 SPU 4800 738 SPU 1046 SPU 12200 12400 12600 21400 21600 21700 [Protected] For public distribution 61000 ©2013 Check Point Software Technologies Ltd. 10
  • 11. Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 11
  • 12. Security Power Utilization  Yesterday’s Performance metrics – sterile – FW throughput – RFC – large packets  2012-2013 – Threats call for a more realistic approach!  Need to measure Security Performance when actually implementing Multi-Layer Security engines  Introducing Check Point Security Power Utilization…  Evolving traffic blend… Real World, Web, Video, Social Media, Mail, SSL [Protected] For public distribution Firewall Firewall + IPS Firewall + AV Firewall + IPS + AV ©2013 Check Point Software Technologies Ltd. 12
  • 13. Sizing-Up the Right Appliance for You Helping You Select the Right Appliance to Meet Your Security and Performance Requirements Required SecurityPower: 1308 SPU Room for Growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 13
  • 14. Plan for the Future Optimal Zone Recommended! Customer Requirements Extensive Room for Growth Peak Resource Consumption (Not Recommended) Room for Growth Additional Blades and Throughput until 70% Utilization For optimal results, use up to 50% of the appliance’s SecurityPower capacity [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 14
  • 15. SPU – Real Performance Traffic Live Demo Sizing Appliances usercenter.checkpoint.com [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 15
  • 16. SPU – Real Performance Traffic Live Demo How did we get to the appliance SPU? Visit CPX Performance Lab [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 16
  • 17. How to Size Appliances?  Understand customer Security and Performance requirements – Current vs. Future – 3 up to 5 years – Deployment type, interfaces, cluster, etc.  Use “cpsizeme” – accurate method of collecting data  Use Appliance sizing tool – Consider future growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 17
  • 18. SPU – Real Performance Traffic Under the hood…. [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 18
  • 19. Measuring Appliance SecurityPower SecurityPower Integrates Multiple Performance Measurements Based On: Real-World Traffic Multiple Security Functions Typical Security Policy [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 19
  • 20. SecurityPower ‒ Traffic Blend Measuring Real-World Traffic Blend The Old Way UDP large packets ‒ RFC Real-World Traffic Blend* 10% 9% 13% 68% HTTP SMTP HTTPS Other *Based on customer research conducted by Check Point performance labs [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 20
  • 21. SecurityPower ‒ Software Blades SecurityPower Measures Performance Under Advanced Security Functions The Old Way FW & VPN Software Blades Application IPS Control Software Blade Software Blade Identity Awareness Software Blade Antivirus & Anti-Malware Software Blade URL Filtering Software Blade DLP Software Blade Firewall only Any-Any-Accept SecurityPower Security Appliance [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 21
  • 22. SecurityPower ‒ Security Policy Applying a True Security Policy Policy with 100 Rules! The Old Way One rule: Allow all traffic Rule Protocol Action #1 POP3 Accept #2 FTP Accept #3 ICMP Drop # 98 HTTP Accept #99 SMTP Accept #100 ANY Drop [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 22
  • 23. SecurityPower ‒ Security Policy Applying a True Security Policy The Old Way     No Logging No NAT No IPS No signatures Log All Connections Network Address Translation IPS Recommended Protection Up-to-Date Signature Databases [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 23
  • 24. Advanced Clusters, Packet Sizes, Amount of Interfaces, Management [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 24
  • 25. Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 26
  • 26. Customer Story cpsizeme [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 27
  • 27. Doctor – I Am Not Feeling Well!!!!  How are you feeling today?  What is the problem?........  Prognosis – Diagnosis?  Tools often used…. [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 28
  • 28. Introducing Performance Utility Performance Utility Customer Requirements Collect real performance Recommended Appliance data from existing appliance over 24 hours Appliance Selection Tool  Collect customer requirements  Translate Performance Utility output to  Translate requirements to SecurityPower Customer Requirements  Suggest the right appliance for the job [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 29
  • 29. Introducing Performance Utility XYZ Cloud Based Analysis  Evaluate Security Gateway Performance  View Multi-Security Functions Impact  Capacity Planning  Performance Impact – Minimal [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 30
  • 30. Case Study #1 Customer Requirements       From Appliance Selection Tool Secure Perimeter FW, VPN, IPS. MAB, URLF, APP 1000 Users / 100 remote users ISP Pipe: 300Mbps Total Throughput: 800 Mbps Required SPU: 433 SPU Customer’s Choice  Customer selected 4800 (~38% utilization estimation)  Customer has room for future growth: ‒ Add Antivirus Software Blade or ‒ 85% traffic growth [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 31
  • 31. Case Study #1 300Mbps “Effective” Max Throughput (600 Mbps) Exceptional throughput peak – low impact on CPU [Protected] For public distribution (48%) “Effective” Max Kernel CPU ©2013 Check Point Software Technologies Ltd. 32
  • 32. Two Facts to Know About the Sizing Tool We used the Performance Utility to Measure the Performance on 95 Appliances in Different Customers’ Product Environments The Appliance Selection Tool Predicted the CPU Utilization in 82% of the Cases* *Accepted variation was [Protected] For public distribution 15 points ©2013 Check Point Software Technologies Ltd. 33
  • 33. Agenda 1 Security Gateway Sizing Challenges 2 Appliance Selection Tool ‒ SPU 3 Performance Utility 4 Summary [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 34
  • 34. Field Feedback  Reliable and trusted tool  Partners say… – The report is great.. Very helpful. – “None of the other vendors have anything like this” – Can’t wait till we get the cpsizeme report – Availability? ‒ ”We want direct access!”  Next steps… – IP series – Virtual Systems, HTTP Encryption – QoS – Traffic blend, packet size [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 37
  • 35. SecurityPower The New Way to Measure the Real Power of Security Appliances Performance on Real-World Traffic and Advanced Security Functions Enables Planning and Maximization of Security [Protected] For public distribution ©2013 Check Point Software Technologies Ltd. 38
  • 36. Thank You! [Protected] For public distribution ©2013 Check Point Software Technologies Ltd.

Editor's Notes

  1. In order to overcome the challenges we need more security functions and this requires much more power from the appliance
  2. stock-photo-16468646-balancing-stones.jpg
  3. Now, there is a full line of new security appliances delivering integrated security ranging from the small offices all the way up to the large data centers and Telco service provider environments
  4. Add interactive discussion slides