Thanks to the flexibility of cloud platforms, businesses are steadily moving towards a network design that includes a cloud resource – be it for testing, high availability, regulatory requirements or other purposes. As you can imagine, it’s crucial to secure cloud environments properly, but all too often, the security of these publicly available resources in the architecture remains just an afterthought. How do we remedy this?
Most built-in security tools are insufficient:
This is where Check Point CloudGuard comes in. In Azure, the use of a Check Point CloudGuard gateway allows the customer to:
… that Azure deployments can be automated to include a CloudGuard gateway?
Most engineers today will be familiar with Azure Marketplace and know how to install a resource by clicking through the installation wizard’s steps. More advanced consultants use ARM templates or PowerShell scripts for deployment and fine-tuning. The most effective installation would be deploying a complete Virtual Datacenter, including a CloudGuard gateway, via an automated procedure.
At Xylos, deployment of a standard vNet including a CloudGuard gateway and controller is fully automated.
… that a Check Point CloudGuard gateway can be further automated?
After deploying a new CloudGuard gateway, you’ll need to configure some typical settings, such as firewall rules and security settings. This leaves some room for improving installation efficiency.
There are several ways to make the Network Security Admin’s life easier:
… that CloudGuard adapts to your needs?
With Azure Virtual Machine Scale Sets, the number of Check Point CloudGuard gateways is adapted to your needs. As the amount of resources you protect is scaled up or down, the number of Security Gateways that provide protection follows suit.
Now that the CloudGuard gateway is protecting your cloud environment and your resources are secure, what comes next?
The CloudGuard Controller is integrated with Azure. When DevOps decides to deploy a new web or database server and uses a tag that has previously been added to the Controller, this new resource will automatically be added to the configured object groups and the rules they are used in.
Additionally, Check Point’s SmartConsole software enables you to visually follow up on logs, threats and configuration for all your physical and virtual Check Point devices.
If you’d like to take things a step further, AWS and Google Cloud are also supported. Check Point’s management plugin Dome9 lets you audit and change your multi-cloud environment.
Your email address will not be published. Required fields are marked.