Check Point & Palo Alto Beef Up Multicloud Security

Mitch Wagner
2/7/2018
50%
50%

Check Point Software and Palo Alto Networks are adding muscle to security protection for enterprise running workloads that span multiple cloud platforms.

Check Point Software Technologies Ltd. (Nasdaq: CHKP) introduced CloudGuard on Wednesday, designed to protect enterprises against attacks on cloud infrastructure workloads, as well as cloud applications.

"We're seeing a lot more interest with respect to the cloud being targeted by the bad guy," Don Meyer, Check Point head of product marketing, tells Enterprise Cloud News. Enterprise cloud applications and accounts are proliferating, often without proper security procedures in place. "The bad guys know full well that when any new service goes online, the likelihood that it's secure is low."


Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.


Recent vendor-sponsored studies show that IT departments are losing control of IT infrastructure, but still getting blamed for breaches. Fully one-third of employees say they knowingly use software that's been forbidden by their IT departments. (See IT Departments: Losing Control, Still Getting Blamed.)

The CloudGuard SaaS software for cloud applications protects against zero-day threats, ransomware and bots; blocks impostors from accessing cloud applications, as well as blocking unauthorized users and compromised devices; forces encryption of sensitive data; and blocks and quarantines unauthorized sensitive file sharing.

CloudGuard IaaS software, for infrastructure protection, is a rebranding of Palo Alto's vSEC, and provides protection for a laundry list of major cloud platforms -- Amazon Web Services, Google Cloud Platform, Microsoft Azure, Cisco Application Centric Infrastructure, OpenStack, VMWare NSX, VMware Cloud on AW, Alibaba Cloud, and more.

Both CloudGuard SaaS and IaaS are available as user-installable software or as an appliance from Check Point.

Check Point competes with a variety of companies, including Cisco, Symantec, Palo Alto, and Fortinet. Check Point says it competes by offering centralized management and a full software suite, as well as focusing on prevention.

One of those competitors, Palo Alto Networks Inc. , announced upgrades to its Networks Next-Generation Security Platform on Tuesday, adding support for Google Cloud Platform in addition to previous support for Amazon Web Services and Microsoft Azure.

In an upcoming study by ZK Research, 86% of respondents said their organization uses multiple cloud infrastructure providers, showing a need for consistent security across numerous platforms, according to Palo Alto Networks.

For easier management, the Palo Alto platform supports Azure Security Center and Google Cloud Deployment Manager and Terraform and Ansible for automated workflow and policy management.

The platform is designed to help enterprises upgrade applications more rapidly by eliminating security as a bottleneck. "We're making it so the security team is able to provide support without putting a burden on the development team. We're able to autoscale and keep up with security demands. We're removing any of the resistance the development team might have in deploying security tools," Chris Morosco, Palo Alto product marketing director, tells Enterprise Cloud News.

Palo Alto also adds support for APIs for PaaS tools, and securing credentials via two-factor authentication and rules to track behavior of security admins, to detect anomalous behavior that might indicate a compromised account, such as logging in from unusual locations, or at unusual times, or spinning up enormous numbers of workloads rapidly.

And Palo Alto is updating its Traps endpoint protection tool to prevent zero-day attacks against Linux workloads running on all major clouds, in addition to existing Windows support.

This year has seen increased security activity among major vendors. Cisco Systems Inc. (Nasdaq: CSCO) acquired cloud security vendor Skyport Systems last month and Amazon Web Services Inc. bought Sqrrl, also last month. (See Cisco to Buy Skyport Systems for Cloud Security and Amazon Scoops Up Sqrrl for Cloud Security.)

Also last month, Cisco introduced analytics services designed to find security vulnerabilities in encrypted data without decrypting it. (See Cisco Plugs Encryption Hole in Network Security.)

And Google parent Alphabet launched Chronicle, a subsidiary spun out of Alphabet's X "moonshot factory," designed to create an "immune system" against threats.

The heightened security activity comes as the Spectre and Meltdown vulnerabilities cast a shadow over cloud security. (See 'Spectre' & 'Meltdown' – What Cloud Users Need to Know.)

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud News

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
kq4ym
50%
50%
kq4ym,
User Rank: Light Sabre
2/15/2018 | 8:13:23 AM
Re: Spectre / Meltdown fix?
Checkpoint and the others are certainly giving firms tha opportunity to improve security in as much as noted "one-third of employees say they knowingly use software that's been forbidden by their IT departments." Whether it's or the competitor's products are going to be foolproof and an efficient and best investment for IT deparments will be tested with their customers.
mhhfive
50%
50%
mhhfive,
User Rank: Light Sabre
2/8/2018 | 1:21:11 PM
Spectre / Meltdown fix?
This solution doesn't sound like a fix for Spectre or Meltdown-- but it secures other avenues of attack from unwanted users. It's good to have but... can any single service ensure complete security?
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Blogger
2/8/2018 | 5:28:42 AM
Great news!
I am so pleased to read news like this! So rarely you get to read something positive related to cybersecurity. It’s refreshing to now learn about CloudGuard. Cloud infrastructures and cloud applications must remain a top priority for IT management.
More Blogs from Wagner’s Ring
Equinix is initially testing virtual router and firewall in the US and Europe, with plans to extend into Asia soon, to help make network connections more agile and responsive for enterprise customers.
While networks alone won't deliver enterprise transformation, robust, software-defined networks are needed for enterprises to transform, says Sorabh Saxena, president, business operations for AT&T business solutions.
Telefónica turned to Juniper and Nokia to meet exploding demand in Spain. Upgrade raises network capacity to 10 Tbit/s, with room to grow.
Apple haters have been sounding the alarm for a decade, but this time the bad news is real.
Superior technology isn't enough.
Featured Video
Flash Poll
Upcoming Live Events
April 8, 2019, Las Vegas, Nevada
May 6, 2019, Denver, Colorado
May 6-8, 2019, Denver, Colorado
September 17-19, 2019, Dallas, Texas
October 1, 2019, New Orleans, Louisiana
October 2-22, 2019, Los Angeles, CA
October 10, 2019, New York, New York
November 5, 2019, London, England
November 7, 2019, London, UK
December 3-5, 2019, Vienna, Austria
December 3, 2019, New York, New York
All Upcoming Live Events
Partner Perspectives - content from our sponsors
Huawei Shows 5G in Action at MWC
By Ken Wieland, for Huawei
Huawei Heats Up Microwave for 5G Backhaul
By Ken Wieland, for Huawei
Huawei Services Bring the Best 5G Into Reality
By Steven Wu, President of Consulting & Service Solution Sales Dept., Carrier BG, Huawei
All Partner Perspectives