CloudGuard, Under the Hood

In today's cloud in order to counter threats, you need to start with prevention early in the software development lifecycle. As such, Check Point has introduced new tooling in its CloudGuard CNAPP solution that allows you to shift cloud security left and protect your applications and workloads.

As you adopt automation into your builds, your security should come no questions asked. This allows DevSecOps teams to detect security issues, vulnerabilities or bad practices early and improve the security of any cloud native application and the organization as a whole. Now the question becomes, how does it work and how can you get started?

In this session we will look under the hood and:

- Discuss various risks in your environment
- Take a deeper dive into the CloudGuard platform to see how to improve visibility and manage those risks
- Learn how you can mitigate the risk early in development lifecycle through Shift Left tooling

Join our session to learn how to secure Azure Virtual WAN with maximum operational efficiency. You'll learn common design patterns to secure your Virtual WAN Hub, how to deploy the CloudGuard solution, and security best practices. We'll be going under the hood of each key integration feature to get you ready to deploy your first secure Virtual WAN Hub with industry-leading cloud network security.

Agenda:

Introduction
Reference Designs
How to deploy CGNS
Routing
Best Practices
Q&A

As we saw during last Under The Hood session, CloudGuard offers the ability to enforce compliance with industry regulations and security best practices during pre-deployment with the ShiftLeft tool.
Today we will talk about using Admission Control to enforce post-deployment governance where CloudGuard ensures that the live environment adheres to the compliance and security frameworks mandated. Runtime Protection monitors system calls done by workload containers, or you can configure CloudGuard to block unwanted, malicious, or anomalous activity that it discovers with easy to setup use cases.

In this webinar we will walk you through the setup and configuration of a Cross-AZ cluster in AWS. This new clustering capability provided by the Check Point CloudGuard team allows organizations to build highly resilient architectures per AWS best practices.

Jeff Engel, Cloud Security Technical Marketing Engineer at Check Point, provides a technical preview and showcases some of the newest innovations to CloudGuard Network Security as a Service (NSaaS). See how easy it is to extend cloud native network security to protect your AWS infrastructure and improve security operations. In this technical session presented together with CheckMates, you will see how CloudGuard NSaaS is integrated with AWS services making it easier to scale and manage advanced threat prevention services.

In this webinar we will see how using CIEM helps customers move closer to zero trust for permissions which in turn makes a much more secure environment.

Here’s what we will discuss during this webinar:
• Explanation of the core components of CIEM.
• Using the IAM analyzer to identify overly permissive roles and users.
• See how CloudGuard uses contextual logging to determine when cloud identities are at risk.
• Identifying configuration checks and real-time exposure of incidents as they happen through audit logs.

In this webinar (presented together with CheckMates) we will see how using Kubernetes Admission Control helps customers move govern all cluster operations using a central admissions controller. Easily set policies and guardrails for cluster operations using intuitive, human readable policy language. Enforce least privileged access rights and ensure that all images come from trusted sources.

Here’s what we will discuss during this webinar:
• Explanation of Admission Control.
• Using the intuitive GSL use case builder.
• See how CloudGuard identifies Image Assurance.
• See how CloudGuard enforces using Admission Control

There's an easy way to deploy your AWS cloud network security using Infrastructure as Code!
Join Jeff Engel, expert Technical Marketing Engineer for cloud security, as he explains how to do this quickly and programmatically using a Check Point-built CloudFormation Template.
You'll also learn architecture options to support 3 different traffic flows: ingress, egress, and east-west.

Learning Objectives:
- Use CloudFormation template to automatically create the CloudGuard Network Security components, AWS Gateway Load Balancer, and all other required AWS resources needed to test traffic flows
- Interact with Check Point Security Management to build a security policy
- Test ingress, egress, and east-west traffic flows
- Monitor the traffic flows using Check Point Security Management logging capabilities

Join this upcoming webinar to learn about CloudGuard AppSec, a next-generation web application firewall (WAF) that provides superior protection for web applications and APIs. Unlike signature-based WAF tools, CloudGuard AppSec leverages machine-learning and contextual AI to provide a high level of protection against known and unknown threats. It has successfully blocked zero-day threats such as Log4j and generates virtually no false positives, saving security teams valuable time and resources. The webinar will feature Cloud Security Experts from Check Point, who will discuss the benefits of CloudGuard AppSec, including its ease of deployment, automation, and use. They will also provide insights into how CloudGuard AppSec can simplify security operations, streamline incident response, and improve overall security posture.

Embedding Security Automation within the CI/CD pipeline is the only way to ensure confidence, quality & consistency across the DevOps coding lifecycle. Let us show you how this ‘Holy Grail’ can be achieved, with Check Point CloudGuard.

In this webinar presented with CheckMates, our cloud team will share how CloudGuard’s portfolio of integrated tools solves the developer's challenge of securing your code, while protecting your CI/CD pipeline at the maximum velocity.

Join our session with CheckMates to learn how to secure Azure Virtual WAN with maximum operational efficiency. You'll learn common design patterns to secure your Virtual WAN Hub, how to deploy the CloudGuard solution, and security best practices. We'll be going under the hood of each key integration feature to get you ready to deploy your first secure Virtual WAN Hub with industry-leading cloud network security. 

Agenda:  

Introduction
Reference Designs
How to deploy CloudGuard Network Security
Routing
Best Practices
Q&A

Traditional security is not built for CI/CD and right now many organizations are being forced to trade agility for security. During this webinar, you’ll learn how to create a secure, multi-layered infrastructure with built-in pipeline security. We will also explore the role that DevSecOps are playing during the continuous integration/deployment, and how to solve issues with secrets sprawl, API tokens, exposed certificates, misconfigurations and more!

Using Check Point Spectral, developers can easily scan their code and IAC for vulnerabilities without slowing down the process. Join us as we illustrate how to shift left and provide developers with the tools to be secure.

Are you interested in learning how to effectively manage risks in your cloud environment? Join us for a Check Mates webinar on leveraging the Cloud Native Application Protection Platform for actionable insights.

In today's fast-paced world, time and resources are critical, and managing risks can be a daunting task. Our goal is to help you prioritize your work effectively, keeping business priorities in mind. Our CloudGuard solution maps the attack surface of each cloud asset and combines it with context information to provide a prioritized list of assets at risk, along with the necessary remediation steps.

During this webinar, you will learn how CloudGuard can help you manage risks in various use cases, including sensitive build servers and virtual appliances, older legacy objects, and prioritizing business risks using risk management rules. Our experts will share practical insights and real-world examples to help you understand how to leverage CloudGuard effectively.

Join us on June 1st to learn how to effectively manage risks in your cloud environment using CloudGuard. Don't miss this opportunity to gain actionable insights and take your cloud security to the next level. Register now to secure your spot!

With the recently announced integration between Check Point CloudGuard Network Security and Azure Virtual WAN we are thrilled to demonstrate real-world use cases for our joint customers.

Join this edition of Under the Hood with CheckMates to learn how Check Point CloudGuard Network Security and Azure Virtual WAN work together to help you deploy a fully redundant and endlessly scalable Remote Access VPN architecture.

Agenda:

Overview and Prerequisites
Reference Architecture
Demo
Limitations and considerations
Additional information and resources
Q & A

Join our upcoming webinar hosted by Check Mates and explore the cutting-edge capabilities of CloudGuard Intelligence. Discover how it bolsters your organization's security landscape through Historical Research, Malicious Traffic & Anomalies, and Privilege Escalations.
In today's digital age, proactive threat intelligence and comprehensive insights are essential to safeguarding your cloud infrastructure. CloudGuard Intelligence seamlessly integrates with CloudGuard Posture Management, providing intrusion detection, threat hunting, and remediation functionalities. By harnessing the power of AI, it empowers SecOps and SOC teams to correlate data from various sources like cloud inventory, account activity, and network logs, creating a holistic security landscape.

During the webinar, our expert will shed light on:
• Historical Research: Unlock the ability to analyze historical data, driving data-informed decisions for incident analysis and response.
• Malicious Traffic & Anomalies: Learn how CloudGuard uses AI and UEBA to swiftly detect anomalies and cyber threats, preventing security breaches.
• Privilege Escalations: Gain insights into preventing unauthorized access risks and privilege escalations in your cloud environment.

Don't miss this opportunity to enhance your organization's cybersecurity posture. Register now to secure your spot!

In this session with CheckMates, we will demonstrate how to build and deploy a Zero-Trust Access Control policy with CloudGuard Network Security and Azure Virtual WAN.  Technologies that will be showcased include Application Control, URL Filtering, Identity Awareness, Updateable Objects, CloudGuard Controller(Dynamic Objects) among others.

Agenda:
Overview and Prerequisites
Reference Architecture
Demo
Limitations and considerations
Additional information and resources
Q & A

Stay tuned for Episode II which will cover Zero-Trust Threat Prevention policy configuration and best practices!!!

In this edition of Under the Hood together with CheckMates, we will demonstrate how to build and deploy a zero-trust Threat Prevention policy with CloudGuard Network Security and Azure Virtual WAN. 
Technologies that will be showcased include IPS (Intrusion Prevention), Anti-Virus, Anti-Bot, Threat  Emulation (Sandboxing), and DNS Security among others.

Agenda:
- Overview and Prerequisites
- Reference Architecture
- Demo
- Limitations and considerations
- Additional information and resources
- Q & A

We are thrilled to invite you to our upcoming CheckMates webinar, " Analyze Attack Path with Graph-Based Context Visualization," where we will explore the power of context in bolstering cloud security.
In today's digital landscape, ensuring the security of cloud assets has become more critical than ever. Our webinar aims to shed light on the innovative approach of leveraging context to enhance cloud security measures. Here's a glimpse of what we have in store for you:

• Feature Spotlight: Attach Path Visualization with Context Graph.
• Discover how the Context Graph effectively visualizes the interconnected nature of cloud assets, providing a comprehensive overview of your cloud environment.
• Learn about its practical applications during event investigations, streamlining your threat mitigation processes.
• Our experts will demonstrate real-world examples, showcasing how context-driven insights have already proven invaluable to numerous organizations in safeguarding their cloud infrastructure.

As a valued participant, you'll have the opportunity to:

• Gain deep insights into the power of context-driven cloud security.
• Interact with our seasoned experts during the Q&A session.
• Network with like-minded professionals in the industry.
• Get access to exclusive resources and materials related to the webinar topic.
Register today to secure your spot for this illuminating webinar!

In this edition of Under the Hood together with CheckMates, Check Point and Microsoft will demonstrate how to safely migrate from a traditional hub & spoke Azure deployment of CloudGuard Network Security to CloudGuard for Azure Virtual WAN. Guidance and best practices will be demonstrated to ensure the least amount of disruption to your organization.

Agenda:
Overview and Prerequisites
Migration Workflow
Demo
Limitations and considerations
Additional information and resources
Q & A

Presenters:
Christopher Fields, Product Manager at Microsoft
Jeff Engel, Cloud Security Technical Marketing Engineer and John Guo, Cloud Alliance Architect at Check Point

Join our APAC deep-dive technical webinar, together with CheckMates, to learn how to simplify and secure your hybrid WAN with Azure Virtual WAN & Check Point, with maximum operational efficiency.
You'll learn common design patterns to secure your Virtual WAN, how to deploy the CloudGuard security solution quickly and easily into the Virtual WAN hub, and security best practices.
We'll go into the key features to get you ready to deploy your first secure Virtual WAN with industry-leading cloud network security.

Agenda:
• Azure vWAN overview
• How Azure vWAN helps customers to simplify cloud adoption
• Check Point to secure hybrid WAN
• Multiple customer security use cases & deployment architecture
• Next actions

Cloud computing has revolutionized the way organizations operate, providing unparalleled scalability, flexibility, and cost-efficiency. However, this transition to the cloud also introduces new and complex security challenges that demand attention and expertise. In this seminar, we will delve into the Best Practices on Cloud Network Security with a focus on reference architectures to provide a comprehensive understanding of securing cloud-based infrastructure.

Agenda:
• Overview of the agenda and objectives for the seminar
• Understanding Cloud Network Security
• CloudGuard Network Security for AWS, Azure and GCP
• Case Studies: Implementing Reference Architectures

AWS Cloud WAN is a managed wide-area networking (WAN) service that you can use to build, manage, and monitor a unified global network that connects resources running across your cloud and on-premises environments. It provides a central dashboard from which you can connect on-premises branch offices, data centers, and Amazon Virtual Private Clouds (VPCs) across the AWS global network.

In this under the hood webinar together with CheckMates, learn how to secure AWS Cloud WAN, including common design patterns , how to deploy the CloudGuard solution, and security best practices. We'll be going under the hood of each key integration feature to get you ready to secure AWS Cloud WAN with industry-leading cloud network security.

Agenda:
- Introduction
- Reference Designs
- How to deploy CGNS
- Best Practices
- Q&A

Automate deployment and configuration of Azure CloudGuard VMSS to minimize or eliminate User Defined Routes in Azure (includes automating the integration between the VMSS and the Azure Route Server):

In this Under the Hood webinar together with CheckMates, learn how to use Terraform and CME templates to automate deployment and configuration of CloudGuard Network Security with Azure Scale Sets including automating the integration with Azure Route Server.
Integrating with Azure Route Server allows CloudGuard to advertise itself as the next hop for all Azure resources (eliminating the need for User Defined Routes and increasing security when bringing new services into Azure such as SDWAN connections). When using VM Scale Sets, automation is key to verify that any all newly scaled out instances are automatically configured and integrated with the Azure Route Server BGP service.

We will be going Under the Hood, providing sample templates and playbooks so you can make Terraform and CME do all of the hard work of deploying CloudGuard with VM Scale Sets and configuring the BGP integration with Azure in order to bring industry-leading cloud network security to your Azure deployments.

What is the best choice for Azure Virtual WAN security?
Join us for a step-by-step demo of how to deploy CloudGuard Network Security for Azure Virtual WAN, and connect the security gateways to Check Point's security management as-a-service, called Smart-1 Cloud.
Our cloud security expert will explain the different packages and demo the onboarding and deployment process, as well as provide examples of setting up network security policy, including application rules and URL filtering.

Join us for a discussion on how to secure complex cloud environments with managed cloud security services. The Check Point CloudGuard team will be joined by our managed cloud detection and response partner, Tamnoon and customer Zinnia, a leading Insurtech company.

During this webinar, we'll delve into the world of managed cloud security services and explore a case study showcasing how Zinnia leveraged these services to tackle their cloud security challenges and achieve remarkable results.

Are you using VMware NSX-T?
Do you want the highest levels of security, with consistent security management for public clouds, private clouds and on-premises networks from a single pane-of-glass?

Join this Under the Hood technical webinar with CheckMates for a step-by-step demo of how to deploy and configure CloudGuard Network Security for VMware NSX-T, and connect the security gateways to Check Point's security management.

Automate the deployment and configuration of CloudGuard Network Security gateways for Azure Virtual WAN for improved operational efficiency and control.

Terraform is a popular tool for infrastructure as code that allows you to manage your cloud resources in a declarative way.
With Terraform, you can use our predefined templates to deploy CloudGuard NVAs (Network Virtual Appliances) into an existing Virtual WAN hub or a new Virtual WAN deployment. You can also customize the configuration parameters according to your needs.

In this webinar together with CheckMates, we will be going Under the Hood, providing step-by-step guidance so you can make Terraform do all of the hard work of deploying and configuring CloudGuard in order to bring industry-leading cloud network security to your Azure Virtual WAN deployments.

Are you using Cisco ACI or are you planning a Cisco ACI deployment?
Do you want to design security into your deployment, or perhaps improve your existing security?
How best to extend your security posture to Cisco ACI and perhaps hybrid-clouds?

Join Jon Paine, Infinity Global Services Architect and Elier Cruz, Enterprise Security Architect (both at Check Point), in this webinar with CheckMates, and learn about:
- Cisco ACI networking features and functionality, THEN and NOW (including Single, Multipod, and Multisite architectures)
- Security architecture and Check Point integration design principles
- Requirements and design considerations for a secure Cisco ACI deployment

Are you using CloudGuard Network Security? Yes? Are you aware of the ways CloudGuard Controller can simplify your life? Did you know it is free with Check Point Security Management?

Dynamic environments such as public and on-premises data centers and clouds present a large challenge to security professionals. The number of subnets, virtual machines, and IP addresses change quickly.

In this Under the Hood session presented together with CheckMates, Check Point Cloud Solutions Architect(and expert) Dan Morris will show you how CloudGuard Controller can be integrated with many of Check Point CloudGuard Network Security's public and private vendors that allows organizations to:

Dynamically learn about objects and attributes in data centers, such as changes in subnets, Security Groups, Virtual Machines, IP addresses, and Tags
Use those objects directly in your Security Policy without requiring a policy installation
Streamline operations and reduce the amount of overhead(and potentially errors and downtime) caused by 'ClickOps'