Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Check Point Makes DLP Work - V-ict-or

advertisement 
Check Point DLP &
Application Control
V-ICT-OR event
26 April 2012
Jeroen De Corel
Security Engineer BeLux
jeroen@checkpoint.com
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
Agenda
1
What is Data Loss?
2
Key Challenges of DLP
3
Introducing Check Point DLP
4
Application Control
Check Point DLP
Makes data loss prevention work
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
2
2
Data Loss Prevention
What is DLP?
John.Stevens@yahoo.com
Corporate Strategy
Green World Strategy Plan 2010
E-mail sent to the wrong
recipient, intentionally or by
mistake.
Company document uploaded
to an external website.
Data breaches have happened to all of us
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
3
3
Data Breaches—Headline Examples
Brand Damage
Compliance
Liabilities
Costly Fines
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
4
4
It’s Not Just About
Regulatory Compliance
Compliance
Security
► Customer
data
► Intellectual
► Corporate
data
► Strategic
► Patient
data
► Internal
Chief Compliance
Officer
property
plans
data
Chief Security
Officer
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
5
5
DLP Has Not Yet Been Solved!
Technology
IT Staff
Challenge
Challenge
Computers can not
reliably understand
human content and
context
Burden of incident
handling
Exposure to
sensitive data
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
6
6
Check Point Makes DLP Work
Data Loss Prevention Alert
An email that you have just sent has been
quarantined.
John.Stevens@yahoo.com
‘John’
<john@greenworld.com>
John.Stevens@yahoo.com
Corporate
Strategy
Reason:
attached document contains
confidential internal data
Green World Strategy Plan 2010
John,
The message is being held until further action.
Send , Discard
, or Review
Issue
Let’s review the corporate
strategy
in our
morning meeting.
Confidential
data sent to the
wrong recipient!
User prompted
to take action
User remediates
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
7
7
Introducing Check Point
Data Loss Prevention
Check Point Combines Technology
and Processes to Make DLP Work
Prevent
John.Stevens@yahoo.com
Corporate Strategy
Green World Strategy Plan 2010
John,
NEW!
Move from detection
to prevention
Data Loss Prevention Alert
An email that you have just sent has been
quarantined.
review
the corporate strategy
Let’s
our morning meeting.
Reason: attached document contains
confidential internal data
The message is being held until further
action.
Send , Discard , or Review Issue
in
Educate
Users on corporate
data policies
Enforce
Data loss
business processes
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
8
8
Check Point Solves the DLP Challenge
New UserCheck™ Technology
Technology Challenge
Empowers users to remediate
incidents in real time
IT Staff Challenge
Educates users on DLP policies
without involving IT staff
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
|
9
9
UserCheck Provides User Remediation
1. Mail sent or
document
uploaded
2. User
alert
3. User
remediation
Data Loss Prevention Alert
An email that you have just sent
has been quarantined.
Reason: attached document
contains confidential internal
data
The message is being held until
further action.
Send , Discard , or Review Issue
Non-disruptive
Real-time
Educational
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 10
10
How Does Check Point DLP Work?
MultiSpect™ Detection Engine
Simple Rule-based Policy Management
Full Network Enforcement
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 11
11
New MultiSpect™ Technology
Correlates data from multiple
sources using open language
MultiSpect Detection Engine
Item
No.
Name
Social
600+File
Data
Types
600+
Formats
Security
Job Title
Gross Pay
Detects more than 600 file formats
Number
1
John Smith
987-65-4320
CEO
$200,000
2
Kevin Brian
987-65-4221
VP R&D
$150,000
3
Margret
White
769-65-7522
VP
Marketing
$153,000
4
Bob Johns
342-62-3323
CFO
$140,000
5
Mike Riddle
777-43-4324
COO
$180,000
Over 250 pre-defined
content data types
Detect and recognize proprietary
forms and templates
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 12
12
Simple Rule-based Policy Management
Easily Define Policy to Detect, Prevent or Ask User
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 13
13
Unified Control and Deployment
Centralized Management
Data Loss Prevention
For Unified Control
Across the Entire
Security Infrastructure
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 14
14
Ease-of-Deployment
Software Blade
Dedicated Appliance
Network-based
Inline Solution
On Existing Gateways or
Open Servers
DLP-1
Be Up and Running
Day-1!
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 15
15
Check Point DLP At-A-Glance
Move from Detection to Prevention
Proactively block intentional and
unintentional data loss
Inline network-based Software Blade
running on any existing Check Point gateway
Supporting HTTP, HTTPS, SMTP and FTP
protocols
UserCheck notification using either thin agent or
a returning email to the user
Scaling from hundred to thousands
of users
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 16
16
Check Point DLP Summary
Check Point combines technology
and processes to make DLP work
Prevent Data Breaches
Move from detection to prevention
Enforce Data Policies
Across the entire network
Educate and Alert Users
Without involving IT staff
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 17
17
DLP-1 Appliance Specifications
DLP-1 2571
DLP-1 9571
Performance
Number of users
1,000
5,000
Messages/Hour
70K
350K
Throughput
700 Mbps
2.5 Gbps
Specifications
Storage
500 GB
2 x 1 TB (RAID 1)
NICs
6 Copper 1GbE
10 Copper 1GbE
Optional Bypass card
4 ports - 2 segments
(pre-packaged appliance)
4 ports - 2 segments
(orderable as accessory)
Price
Price year 1
Annual price year 2+
Without bypass card - $14,990
$49,990
With bypass card- $15,990
Add bypass card - $4,995
$7,000
©2012 Check Point Software Technologies Ltd.
$12,000
|
[Unrestricted] For everyone
| 18
18
Check Point DLP Software Blade
CPSB-DLP-500
CPSB-DLP-1500
CPSB-DLP-U
Recommended Users
(depending on
configuration)*
Up to 500
500-1,500
1,500+
Messages/Hour
5,000-15,000
15,00050,000
50,000250,000
Max Throughput
700 Mbps
1.5 Gbps
2.5 Gbps
Annual Price
$3,000
$7,000
$12,000
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 19
19
Application
Control
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
The Problem with Internet Applications
Malware
Threats
Bandwidth
Hogging
Productivity
Loss
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 21
21
Introducing
Check Point Application Control
Software Blade
Detect and control application usage
AppWiki—Industry’s largest library
with over 50,000 applications
Educate users on corporate policies
Available on EVERY gateway
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 22
22
Introducing Check Point AppWiki
Unparalleled
Application Control
4,500 applications
Over 50,000 social-network widgets
Grouped in over 150 categories
Over
(including Web 2.0, IM, P2P, Voice & Video, File Share)
http://appwiki.checkpoint.com
World’s largest
Application Classification Library
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 23
23
Granular Application Categorization
Application
Type
Advanced
Properties
Security
Risk
►
►
►
►
IM
Web conferencing
Gaming….
►
Share files
High bandwidth
Use stealth techniques…
►
Measures the potential risk
►
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 24
24
User and Machine Awareness
Includes User
Identification
Corporate Active Directory
Security Gateway
User- and group-aware
Machine-aware
User identification with both agent-based and
seamless, agentless Active Directory integration
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 25
25
Application Detection and
Usage Controls
Application Detection
and Usage Controls
Enable access for
support team
Identify, allow, block or limit usage of
applications at user or group level
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 26
26
Reality of Standard Application Control
IT defines black & white policies
Policies don’t match real usage
IT resorts to monitor only
No real control!
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 27
27
Check Point UserCheck Technology
Ask
Understand usage needs, while
enforcing policy
Application Usage Alert
You are trying to use Skype.
Corporate application use policy does not allow the
use of Skype.
If you require Skype access for business, please
click Explain blow.
Corporate Proper Use Policy
Makes application
control more practical
Asks users to explain
reasons for application
usage
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 28
28
Check Point UserCheck Technology
Ask
Understand usage needs, while
enforcing policy
Application Usage Alert
You are trying to access YouTube.
http://www.youtube.com
Corporate application use policy limits YouTube
access to business use only in order to save
bandwidth.
Makes application
control more practical
Please select and confirm your use-case:
Personal , Business , or Cancel
Asks users to confirm
application usage in
real-time
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 29
29
Check Point UserCheck Technology
Inform
Inform and educate, while allowing application
usage
http://www.facebook.com
Alerts users in
real-time
Educates users on risk
and usage policies
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 30
30
Check Point UserCheck Technology
Use to preserve resources (bandwidth) or
control acceptable use
Limit
Application Usage Alert
http://apps.facebook.com/onthefarm
You are trying to access Facebook Games.
Corporate application use policy allows access to
non-business related activities such as Facebook
Games only during these times:
12:30-14:00
19:30-8:30
Corporate Proper Use Policy
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 31
31
Practical Implementation
Involve end-users using multiple policy actions
Accept /
Drop
Traditional security policies are suitable for
clear-cut cases
Inform
Allow but inform the user about the risks
Ask
Learn usage patterns to create better policies
Limit
Use to preserve resources (bandwidth) or
control acceptable use
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
| 32
32
Q&A
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
Thank You!
©2012 Check Point Software Technologies Ltd.
|
[Unrestricted] For everyone
Related documents
Check Point Security Offering
Check Point Security Offering
The-McOnie-Agency-U.K
The-McOnie-Agency-U.K
James Kirkpatrick, Funding Support
James Kirkpatrick, Funding Support
15-图书馆在宿舍前边This courseware is for PRS –Lesson 15. Please
15-图书馆在宿舍前边This courseware is for PRS –Lesson 15. Please
Compressed Air Energy Storage (CAES)
Compressed Air Energy Storage (CAES)
Why plan? - Training Square Ltd
Why plan? - Training Square Ltd
Click to Open
Click to Open
Company Profile - Fashion | Power
Company Profile - Fashion | Power
Long Term Disability coverage
Long Term Disability coverage
Advanced Computing Security
Advanced Computing Security
Download
advertisement