博威---云架构决胜云计算

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 1850|回复: 1

Check Point Software Blade Architecture

[复制链接]
发表于 2010-1-14 11:21:54 | 显示全部楼层 |阅读模式
Check Point Software Blade ArchitectureThe industry's first flexible, extensible security architecture

A Revolution in IT Security

Check Point is no stranger to IT security revolution. Fifteen years ago we created the stateful inspection technology that is still the foundation for the most robust firewall in the industry. We then transformed security management with our single console SmartCenter, unified security gateways and introduced the first and only single agent for endpoint security. Most recently, we delivered Total Security, offering uncompromised security, reduced complexity and improved operational efficiency.


With Check Point’s introduction of its Software Blade Architecture, a new security revolution has begun.
Why software blades architecture?
Security environments become more complex as companies of all sizes defend themselves against new and varied threats. With these new threats come new security solutions, new vendors, costly new hardware, and increasing complexity. As IT comes under increasing pressure to do more with existing hardware and human resources, this approach becomes increasingly unacceptable.
Check Point's Software Blade architecture offers a better way, enabling organizations to efficiently tailor targeted managed solutions that meet targeted business security needs. All solutions are centrally managed through a single console that reduces complexity and operational overhead. And as new threats emerge, Check Point's Software blade architecture quickly and flexibly expands services as needed without the addition of new hardware or management complexity.

The Check Point Software Blade architecture is the first and only security architecture that delivers total, flexible and manageable security to companies of any size. With this unprecedented capability, Check Point Software Blades deliver lower cost of ownership and cost-efficient protection that meet any network security need, today and in the future.

What is a software blade?A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. And as needs evolve, additional blades can be quickly activated to extend security to an existing configuration within the same hardware foundation.


Check Point Security gateway R70Larger Image


Key Benefits of the Check Point Software Blade Architecture
  • Flexibility – Provides the right level of protection at the right level of investment
  • Manageability – Enables fast deployment of security services. Increases productivity through centralized blade management.
  • Total Security – Provides the right level of security, at all enforcement points, and at all layers of the network
  • Lower TCO - Protects investment through consolidation and use of existing hardware infrastructure
  • Guaranteed performance – Enables provisioning of resources that guarantee service levels

How are Check Point Software Blades deployed?
Software Blades can be deployed on Check Point UTM-1 and Power-1 appliances, IP appliances, open servers and within virtualized environments. New blades can be added simply by enabling their functionality in software; no additional hardware, firmware or drivers are necessary. This enables organizations to deploy security dynamically, as needed, with lower total cost of deployment.
Building a security solution using Software Blades
Check Point’s Software Blade Architecture enables customization of tailored systems or quick selection of predefined turnkey solutions.
Tailoring a security gateway or security management solution:
ips1.jpg

Step 1:
Choose a container

Step 2:
Select software blades

Step 3:
Configure and deploy





Security Gateway Blades





Security Management Blades


Whether designing a solution for corporate headquarters, a data center or a branch office, creating a system takes just three easy steps:

Step 1: Choose a Security Management or Security Gateway Container
Step 2: Select needed Software Blades
Step 3: Configure and Deploy system


The result is a complete gateway or management system configured precisely to a specific business need. Software Blade Containers

There are two varieties of Software Blade Containers; Security Gateway Containers and Security Management Containers. Each Software Blade container comes with all of the necessary services required to run the software blade environment along with the Check Point Firewall blade which provides Check Point's patented and award-winning FireWall-1® technology.

There are 4 Security Gateway Containers and 3 Security Management Containers available:

Security Gateway Containers

Security Gateway Containers

Name

Cores

Environment

SG101

1

Small Office

SG201

2

Mid-Size Organizations

SG401

4

High Performance

SG801

8

Highest Performance

Security Management Containers

Name

Gateways Managed

Environment

SM1000

10

Small Companies

SM2500

25

Mid-Size Companies

SMU000

Unlimited

Large Enterprises


Software Blade Container Features
  • CoreXL, a patent pending technology delivering near-linear performance scalability (not included in SG101)
  • An update service that keeps current with the latest software
  • Software blade license management that facilitates blade activation and migration
  • SecurePlatform, a pre-hardened operating system that enables quick and easy deployment anywhere in the network
  • Web-based administrative interface
  • Integrated backup, restore and upgrade capabilities
Choosing a predefined turnkey system

Check Point also offers 9 predefined security gateway and management systems, each aimed at specific security objective common to many organizations. Each turnkey system consists of a software blade container and specific sets of Software Blades. These include lower-end single core systems for protecting remote bureaus to full featured eight core systems destine for more complex and demanding environments such as large enterprises and service providers.


Software Blades

The Check Point Software Blade Architecture supports a complete and increasing selection of Software Blades, each delivering a modular security gateway or security management function. Because Software Blades are modular and moveable, Software Blades enable users to efficiently and quickly tailor Security Gateway and Management functionality to specific and changing security needs. New blades are quickly licensed as needed without the addition of new hardware.


Application Awareness and Control
The Check Point Application Library enables application scanning and detection of more than 4,500 distinct applications and over 50,000 social networking widgets - regardless of port, protocol, or evasive technique used to traverse the network. To meet the dynamic nature of internet applications the Application Library is continuously updated.
The integration of the Application Library into Check Point Security Gateways allows customers to leverage the convenience of Web 2.0 technologies safely and securely.

Click here for the press release.

Security Gateway and Security Management blades available today include:

Security Gateway Software BladesSecurity Management Software Blades

Security Gateway Software Blades
    Firewall - World's most proven firewall secures more than 200 applications, protocols and services featuring the most adaptive and intelligent inspection technology. IPsec VPN - Secure connectivity for offices and end users via sophisticated but easy to manage Site-to-Site VPN and flexible remote access. IPS - The highest performing integrated IPS solution with the industry's best threat coverage Web Security - Advanced protection for the entire Web environment featuring the strongest protection against buffer-overflow attacks. URL Filtering - Best-of-breed Web filtering covering more than 20 million URLs protects users and enterprises by restricting access to dangerous Web sites. Antivirus & Anti-Malware - Leading antivirus protection including heuristic virus analysis stops viruses, worms and other malware at the gateway Anti-Spam & Email Security - Multi-dimensional protection for the messaging infrastructure stops spam, protects servers and eliminates attacks through email. Advanced Networking - Adds dynamic routing, multicast support and Quality of Service (QOS) to security gateways. Acceleration & Clustering - Patented SecureXL and ClusterXL technologies provide wire speed packet inspection, high availability and load sharing.
  • Voice over IP - Advanced connectivity and security features for VoIP deployments, featuring enhanced Rate Limiting protections, Far end NAT and inspection of SIP TLS.



Security Management Software Blades
    Network Policy Management - Comprehensive network security policy management for Check Point gateways and blades via SmartDashboard, a single, unified console Endpoint Policy Management - Centrally deploy, manage, monitor and enforce security policy for all endpoint devices across any sized organization. Logging & Status - Comprehensive information in the form of logs and a complete visual picture of changes to gateways, tunnels, remove users and security activities Monitoring - A complete view of network and security performance, enabling fast response to changes in traffic patterns and security events. Management Portal - Extends a browser-based view of security policies to outside groups such as support staff while maintaining central policy control User Directory - Enables Check Point gateways to leverage LDAP-based user information stores, eliminating the risks associated with manually maintaining and synchronizing redundant data stores. IPS Event Analysis - Complete IPS event management system providing situational visibility, easy to use forensic tools, and reporting. SmartProvisioning - Provides centralized administration and provisioning of Check Point security devices via a single management console. SmartWorkflow - Provides a formal process of policy change management that helps administrators reduce errors and enhance compliance. Reporting - Turns vast amounts of security and network data into graphical, easy-to-understand reports.
  • Event Correlation - Centralized, real-time security event correlation and management for Check Point and third-party devices.


Security Gateway Systems
To help ease configuration, Check Point has developed several pre-defined bundles composed of a container and software blades.

SG405

Check Point Security Gateway Systems
Series 100 - An ideal security solution for the small office. A 1 core system, limited to 50 users and recommended up to 8 ports
ModelSoftware BladesDescription
SG103
Firewall, VPN, IPSAn entry level security gateway to provide critical protection the small or branch offices
SG106
Firewall, VPN, IPS, Anti-Spam & Email Security, URL Filtering, Antivirus & Anti-MalwareAn ideal XTM ( eXtensible Threat Management) security gateway providing Total Security for the small and branch office

Series 200 - A cost-effective security platform for mid-size companies and offices. A 2 core system, limited to 500 users or unlimited users and recommended up to 12 ports.
ModelSoftware BladesDescription
SG203
Firewall, VPN, IPSAn entry level security gateway to provide critical protection for mid-sized companies and offices
SG203U
Firewall, VPN, IPSAn entry level security gateway to provide critical protection for mid-sized companies and offices with more than 500 users
SG205
Firewall, IPSEC VPN, IPS, Advanced Networking, Acceleration & ClusteringHigh-performance security gateway for mid-sized companies and offices with demanding network environments
SG207
Firewall, VPN, IPS, Anti-Spam & Email Security, URL Filtering, Antivirus & Anti-Malware, Acceleration & ClusteringMost comprehensive XTM (extensible Threat Management) security gateway with high performance capabilities for mid-sized companies and offices

Series 400 - For offices of any size requiring high performance. A 4 core system, unlimited number of users and recommended up to 16 ports.
ModelSoftware BladesDescription
SG405
Firewall, VPN, IPS, Advanced Networking, Acceleration & ClusteringHigh performance security gateway for company of any size
SG407
Firewall, VPN, IPS, Anti-Spam & Email Security, URL Filtering, Antivirus & Anti-Malware, Acceleration & ClusteringMost comprehensive XTM (eXtensible Threat Management) security gateway for offices of any size requiring high performance

Series 800 - Designed for the most demanding highest performance environments, the Series 800 security gateway is ideal for the large campus and data center. It is optimized for 8 core system.
ModelSoftware BladesDescription
SG805
Firewall, VPN, IPS, Advanced Networking, Acceleration & ClusteringHigh-performance security gateway for the most demanding performance environments.

Check Point Security Management Systems

SM2506

ModelSoftware BladesDescription
SM1003
Network Policy Management, Endpoint Policy Management, and Logging and StatusIdeal entry level central security management solution for small organizations.  
Manages up to 10 gateways
SM1007
Network Policy Management, Endpoint Policy Management, Logging and Status, Monitoring, IPS Event Analysis, SmartProvisioning and User Directory Ideal entry level central security management solution for small organizations with advanced requirements.
Manages up to 10 gateways
SM2506
Network Policy Management, Endpoint Policy Management, Logging and Status, Monitoring, IPS Event Analysis, SmartProvisioning and User DirectoryIdeal entry level central security management solution for small organizations with advanced requirements.
Manages up to 10 gateways
SMU003
Network Policy Management, Endpoint Policy Management, and Logging and StatusIndustry leading central security management solutions for large enterprises.
Unlimited number of gateways
SMU007
Network Policy Management, Endpoint Policy Management, Logging and Status, Monitoring, IPS Event Analysis, SmartProvisioning and User DirectoryIndustry leading central security management solutions for large enterprises with advanced requirements.
Unlimited number of gateways

Check Point Provider-1 Enterprise Edition Security Management Systems
ModelSoftware BladesDescription
SMV308
Network Policy Management, Endpoint Policy Management, Logging & Status, Monitoring, IPS Event Analysis, SmartProvisioning, Management Portal and User Directory Check Point Provider-1 Enterprise Edition brings a highly scalable multi-domain management solution to high-end enterprise customers. That shares global objects and policies across the security domains.
Manages up to 3 domains
SMV508Network Policy Management, Endpoint Policy Management, Logging & Status, Monitoring, IPS Event Analysis, SmartProvisioning, Management Portal and User Directory Check Point Provider-1 Enterprise Edition brings a highly scalable multi-domain management solution to high-end enterprise customers. That shares global objects and policies across the security domains.
Manages up to 5 domains
 楼主| 发表于 2010-1-14 16:53:31 | 显示全部楼层
eeeeee
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|boway Inc. ( 冀ICP备10011147号 )

GMT+8, 2024-11-22 06:16 , Processed in 0.110677 second(s), 20 queries .

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表