Upload
moti-sagey-
View
336
Download
0
Embed Size (px)
Citation preview
©2016 Check Point Software Technologies Ltd. 1 ©2016 Check Point Software Technologies Ltd. ©2016 Check Point Software Technologies Ltd. [Protected] Non-confidential content
Moti Sagey | Head of Competitive Intelligence
SECURITY VENDOR LANDSCAPE WHAT TO ASK, WHAT TO KNOW
AND HOW TO DECIDE
©2016 Check Point Software Technologies Ltd. 2
Uncompromised Security
Dynamic Architecture
Operational Simplicity
Commitment to Customer Success
WHAT DOES IT TAKE
TO WIN YOUR TRUST?
©2016 Check Point Software Technologies Ltd. 3 [Protected] Non-confidential content
U N C O M P R O M I S E D S E C U R I T Y
In other words… Can you keep
the bad guys out????
©2016 Check Point Software Technologies Ltd. 4
“Not If You Are Using Outdated Thinking”?
“For the imagination of man's heart
is EVIL from his youth” -Genesis 8:21
©2016 Check Point Software Technologies Ltd. 5
What does advanced threat defense look \like today? The 5 styles
Real Time/ Near Real Time
Post Compromise (Days/Weeks)
Payload Analysis/
Sandbox S T Y L E 3
S T Y L E 2
Network Forensics
Network Traffic Analysis
S T Y L E 1
Endpoint Behavior Analysis
S T Y L E 4
Endpoint Forensics
S T Y L E 5
Time
Detective/ Detection
Retrospective/ Response
Check Point, Damballa,
Lancope, Fidelis,
Check Point, FireEye, Cisco
,Fortinet, Trend Micro, PAN
Check Point, Bromium,
CounterTack, Invincea,
Palo Alto Networks, IBM
(trusteer)
IBM (QRadar),FireEye
(nPulse) RSA
NetWitness, Blue
Coat (Solera)
Check Point, Bit9
(Carbon
Black),FireEye,
Tanium,Cisco
PAYLOAD
NETWORK
Source: http://www.gartner.com/newsroom/id/2595015
ENDPOINT
©2016 Check Point Software Technologies Ltd. 6
Firewall IPS VPN
Web AV URLF A-Spam AV Anti-X
Enterprise and Upper-Midsize Businesses
Small and Lower-Midsize Businesses
UTM
SSL VPN APP ID FW+IPS
Network Security Today - the Role of Convergence
Next-Generation
Firewall
Secure Mail
Gateway
Secure Web
Gateway SandBox
©2016 Check Point Software Technologies Ltd. 7
IN GOD WE TRUST, ALL OTHERS MUST BRING DATA
THE CHALLENGE – EVERY VENDOR WILL TELL YOU THEY ARE THE BEST
W.H Deming
©2016 Check Point Software Technologies Ltd. 8
IPS Recommended – Jan 2011
Best integrated IPS Security Score of 97.3%!
NGFW Recommended – April 2011
World’s first NSS Recommended NGFW!
FW Recommended – April 2011
Only vendor to pass the initial test!
NGFW Recommended – Jan 2012
Continued NGFW Leadership and Excellence!
IPS Recommended – July 2012
Leading integrated IPS Security Score of 98.7%!
FW Recommended – Jan 2013
Best Security + Management score of 100%!
IPS Individual Test – Feb 2013*
61000 IPS Security Score of 99%! 26.5G IPS
IPS Recommended – Nov 2013
100% Management score and Best annual Management Labor Cost
(Upkeep and Tuning)!
NGFW Recommended – Feb 2013
Best Security + Management Score of 98.5%!
• Individual product test and not part of a Group Test.
NSS only awards “Recommended” in Group Tests.
NGFW Recommended – Sept 2014
4th NGFW Recommended
BDS Recommended – Aug 2015
1st time tested , 100% unknown malware catch-rate
NGFW Recommended – Mar 2016
99.8% Catch rate and 5th NSS NGFW Recommended!
NSS labs- Check Point’s track record of security leadership and excellence!
©2016 Check Point Software Technologies Ltd. 9 ©2016 Check Point Software Technologies Ltd.
0 1
0 0
4
2
0
3
5 4
3
0
11
4
6
8
2
0
Caution
Neutral
Recommended
©2016 Check Point Software Technologies Ltd.
9
NSS LABS: CHECK POINT THE ONLY VENDOR WITH CONSISTENT “RECOMMENDED” RATING
• Source: NSS Labs * WAF & EPP not calculated
*
©2016 Check Point Software Technologies Ltd. 10
Check Point Sandblast
Recommended for Security Effectiveness and Value
©2016 Check Point Software Technologies Ltd.
100% HTTP Malware
100% SMB Malware
100% Email Malware
100% Drive-by-Exploits
(only vendor)
97.2% Detection Rate
Fastest solution (7Gbps)
Lowest TCO
SandBlastTM
©2016 Check Point Software Technologies Ltd. 11
NSS security value map breach detection Systems
*updated with 10Gb nic retest Source:http://public.brighttalk.com/resource/core/89391/nss-bds-group-test-update-dec-2015_133131.pdf
10Gb nic retest
CHECK POINT
©2016 Check Point Software Technologies Ltd. 12
Yet another Proof, Industry’s Best Catch-rate
U N K N O W N M AL W AR E
I N M AL I C I O U S D O C U M E N T S 100
90
80
70
60
50
40
30
20
10
0
95
50 40
60
80
CHECK POINT FIREEYE PALO ALTO
NETWORKS
CISCO
SOURCEFIRE
FORTINET
Source: Miercom APT Industry Assessment
%
©2016 Check Point Software Technologies Ltd. 13 ©2016 Check Point Software Technologies Ltd.
U N K N O W N M AL W AR E
I N M O B I L E AP P L I C AT I O N S 100
90
80
70
60
50
40
30
20
10
0
99 88
21
90
71
CHECK POINT FIREEYE PALO ALTO
NETWORKS
AVG LOOKOUT
Source: Lacoon competitive benchmark 2015
%
Yet another Proof, Industry’s Best Catch-rate
©2016 Check Point Software Technologies Ltd. 14
14
©2016 Check Point Software Technologies Ltd. 15
Check Point One Step Ahead in Detection and Prevention of Threat Focused Apps
Potentially Risky Apps Check
Point
Palo Alto
Networks
Fortinet Cisco
# of Anonymizers proxy/tunnel apps
(e.g. TOR, UltraSurf, HideMyAss…) 167 78 107 32
# of P2P apps
(e.g. Bitorrent, WinMX…) 341 129 85 51
# of File sharing apps
(e.g. Dropbox, Google Drive, Mega…) 885 270 291 246
# of Remote Admin apps
(e.g. TeamViewer, LogMeIn…) 136 93 91 93
Total number of apps 7,000 2,177 2,661 4,218
Average released apps per month
(Jan 2015-March 2016) 37 14 10 15
Source: Check Point AppWiki, PAN Applipedia, Fortinet FortiGuard, Cisco FirePower , as of March 30st 2016
[Protected ] Non-confidential content
©2016 Check Point Software Technologies Ltd. 16
Security Shortcuts Risk and Reward
Hidden configuration page
©2016 Check Point Software Technologies Ltd. 17
How to Expose Security Shortcuts in POC’s
DOWNLOAD THE GUIDE http://tiny.cc/poc-shortcuts
©2016 Check Point Software Technologies Ltd. 18
Traditional Sandboxes are Prone to Evasions
ATTACKERS CONSTANTLY DEVELOP
NEW DECPETION TECHNIQUES TO
BYPASS SANDBOXES
DECEPTION
©2016 Check Point Software Technologies Ltd. 19
Can the solution prevent threats from getting to the network or it just tells you after the fact? 1
Evaluating A Sandbox?: Top Questions you should ask the vendor and Check for yourself
©2016 Check Point Software Technologies Ltd. 20
What is the maximum file size for inspection? 2
Evaluating A Sandbox?: Top Questions you should ask the vendor and Check for yourself
©2016 Check Point Software Technologies Ltd. 21
Which file types you support (what about archives)? 3
Evaluating A Sandbox?: Top Questions you should ask the vendor and Check for yourself
©2016 Check Point Software Technologies Ltd. 22
What type of Hypervisor for OS Images?
How To Import A Custom Image
From VMware Onto The McAfee ATD
4
Evaluating A Sandbox?: Top Questions you should ask the vendor and Check for yourself
©2016 Check Point Software Technologies Ltd.
23
Vulnerable (Bypassed More Than 100 Different Ways)
GOOGLE “HTTP EVADER” ©2016 Check Point Software Technologies Ltd.
23
©2016 Check Point Software Technologies Ltd.
24
Protected. Period.
R77.30
©2016 Check Point Software Technologies Ltd.
24
©2016 Check Point Software Technologies Ltd.
25
VULNERABILITIES AND HOW VENDORS DEAL WITH THEM
©2016 Check Point Software Technologies Ltd.
26
VULNERABILITIES AND HOW VENDORS DEAL WITH THEM
234 Days
©2016 Check Point Software Technologies Ltd.
27
VULNERABILITIES AND HOW VENDORS DEAL WITH THEM
134 Days
©2016 Check Point Software Technologies Ltd.
28
VULNERABILITIES AND HOW VENDORS DEAL WITH THEM
©2016 Check Point Software Technologies Ltd.
29
VULNERABILITIES AND HOW VENDORS DEAL WITH THEM
1096 Days
©2016 Check Point Software Technologies Ltd. 30
Uncompromised Security
Dynamic Architecture
Operational Simplicity
Commitment to Customer Success
WHAT DOES IT TAKE
TO WIN YOUR TRUST?
©2016 Check Point Software Technologies Ltd. 31 [Protected] Non-confidential content
D Y N A M I C A R C H I T E C T U R E
In other words…I don’t even know where my
own ecosystems begins and ends, how do I
deal with that?
[Protected] Non-confidential content
©2016 Check Point Software Technologies Ltd. 32 [Protected] Non-confidential content
THE CHALLENGE OF SECURING BORDERLESS NETWORKS
©2016 Check Point Software Technologies Ltd. 33
Check Point Software Based Architecture means Dynamic Agile Security
©2016 Check Point Software Technologies Ltd. 34
Uncompromised Security
Dynamic Architecture
Operational Simplicity
Commitment to Customer Success
WHAT DOES IT TAKE
TO WIN YOUR TRUST?
©2016 Check Point Software Technologies Ltd. 35 [Protected] Non-confidential content
OPERATIONAL SIMPLICITY In other words… don’t tell me I will need
more people to run this stuff
©2016 Check Point Software Technologies Ltd. 36 ©2016 Check Point Software Technologies Ltd.
The KISSME Challenge Keeping IT Security Simple Manageable & Effective
http://tiny.cc/kissme1
Security function
Check Point Palo Alto Fortinet Cisco NGFW
Challenge 1:
How Many Consoles Does it
Take?
Challenge 2:
A Day in the Life of an IT Admin Allow G.Docs Download, Block CC Data
Challenge 4:
Ease of visibility
Challenge 3:Scaling for Growth multi-tenancy , Obj. Separation, Global
pol. across domains, concurrent admins
4X
5 locations
3X
2 locations
1 Fastest
Time
1 location
sees it all
5X
5 locations
3 3 4 4:03 71 mouse
clicks
5:03 148 mouse
clicks
8:05 141 mouse
clicks
R80 PAN-OS 7.1 Forti-OS 5.4 6.0.1 (FTD)
1:45 45 mouse
clicks
©2016 Check Point Software Technologies Ltd. 37
1000
1500 1500
2000 2000
Check Point Fortinet Juniper PAN Cisco
Source: NSS Labs NGFW Group Test 2013
Improved Productivity Man hours required for yearly management of 20 gateways per site
“The Check Point management remains the de facto “gold standard”
against which other consoles are measured” Gartner
©2016 Check Point Software Technologies Ltd. 38
Unmatched Unified Access Policy
[Restricted] ONLY for designated groups and individuals
Users Devices Applications Data Gateways Mobile Public Cloud Private Cloud
©2016 Check Point Software Technologies Ltd. 39
Uncompromised Security
Dynamic Architecture
Operational Simplicity
Commitment to Customer Success
WHAT DOES IT TAKE
TO WIN YOUR TRUST?
©2016 Check Point Software Technologies Ltd. 40 [Protected] Non-confidential content
CUSTOMER SUCCESS
In other words… how long will I be exposed
if something bad does happen?
[Protected] Non-confidential content
©2016 Check Point Software Technologies Ltd. 41 ©2016 Check Point Software Technologies Ltd.
41
9 hours
Check Point
Cisco
2 days
Fortinet
5 days
Heartbleed Shellshock Poodle-TLS Venom
22 hours
Check Point
18 hours
Check Point
30 hours
Check Point
Palo Alto
29 days
Fortinet
14 days
Palo Alto
56 days
Fortinet
10 days
Palo Alto
10 days
Fortinet
9 days
Sense of Urgency is in Our DNA
Full references at http://tiny.cc/dna-cp
©2016 Check Point Software Technologies Ltd. 42
2015,2016
Average Response Time for Top Vulnerabilities(ips)
SSL Drown Attack
50 minutes
Check Point
Palo Alto
900 min.
Cisco
98 min.
0 hours
Check Point
13 hours
Check Point
Palo Alto
10 days
Fortinet
9 hours
Palo Alto
5 days
Fortinet
5 days
Flash (In The Wild) 0days 2016
Full references at http://tiny.cc/dna-cp
11 Minutes
Check Point
Palo Alto
540 min.
Fortinet
60 min.
BADLOCK
Microsoft Patch Tuesday
©2016 Check Point Software Technologies Ltd. 43
Competitors “IDEAL TESTING CONDITIONS” Sizing
Marketing Numbers Vs. Predictable Production Performance
©2016 Check Point Software Technologies Ltd. 44
Check Point , The Only Vendor to Provide Predictable Production Performance for its customers
Marketing Numbers Vs. Predictable Production Performance
©2016 Check Point Software Technologies Ltd. 45
THE WORLD’S LARGEST SECURITY ECOSYSTEM
ENFORCEMENT
MANAGEMENT
THREAT INTELLIGENCE
INFRASTRUCTURE
MOBILITY
CLOUD
101 TECHNOLOGY
PARTNERS
©2016 Check Point Software Technologies Ltd. 46
Operational Simplicity Operational Simplicity
Uncompromised Security Dynamic Architecture Dynamic Architecture
Uncompromised Security
Commitment to Customer Success Commitment to Customer Success
SUMMARY- CHECK POINT
ONE STEP AHEAD OF THE INDUSTRY
©2016 Check Point Software Technologies Ltd.
AVOID THE HYPE,
GET THE FACTS
[Protected] Non-confidential content
©2016 Check Point Software Technologies Ltd.
THANK YOU
[Protected] Non-confidential content