Slide 1

2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Check Point DLP & Application Control V-ICT-OR event 26 April 2012 Jeroen De Corel Security Engineer BeLux jeroen@checkpoint.com

Slide 2

2 22012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point DLP Makes data loss prevention work Agenda 1 What is Data Loss? 2 Key Challenges of DLP 3 Introducing Check Point DLP 4 Application Control

Slide 3

3 32012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Data Loss Prevention What is DLP? John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 E-mail sent to the wrong recipient, intentionally or by mistake. Data breaches have happened to all of us Company document uploaded to an external website.

Slide 4

4 42012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Data BreachesHeadline Examples Brand Damage Compliance Liabilities Costly Fines Brand Damage Compliance Liabilities Costly Fines

Slide 5

5 52012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Its Not Just About Regulatory Compliance Chief Compliance Officer Chief Security Officer Compliance Customer data Corporate data Patient data Security Intellectual property Strategic plans Internal data

Slide 6

6 62012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | DLP Has Not Yet Been Solved! Technology Challenge Computers can not reliably understand human content and context IT Staff Challenge Burden of incident handling Exposure to sensitive data

Slide 7

7 72012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point Makes DLP Work John.Stevens@yahoo.com Corporate Strategy John, Lets review the corporate strategy in our morning meeting. Green World Strategy Plan 2010 John John.Stevens@yahoo.com Confidential data sent to the wrong recipient! Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send, Discard, or Review Issue User prompted to take action User remediates

Slide 8

8 82012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | John, Lets review the corporate strategy in our morning meeting. Green World Strategy Plan 2010 John.Stevens@yahoo.com Corporate Strategy Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send, Discard, or Review Issue Introducing Check Point Data Loss Prevention Educate Users on corporate data policies Educate Users on corporate data policies Enforce Data loss business processes Enforce Data loss business processes Prevent Move from detection to prevention Prevent Move from detection to prevention Check Point Combines Technology and Processes to Make DLP Work NEW!

Slide 9

9 92012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point Solves the DLP Challenge Technology Challenge Empowers users to remediate incidents in real time Technology Challenge Empowers users to remediate incidents in real time IT Staff Challenge Educates users on DLP policies without involving IT staff IT Staff Challenge Educates users on DLP policies without involving IT staff New UserCheck Technology

Slide 10

10 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send, Discard, or Review Issue 2. User alert 1. Mail sent or document uploaded 3. User remediation UserCheck Provides User Remediation Non-disruptive Real-time Educational

Slide 11

11 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | How Does Check Point DLP Work? Simple Rule-based Policy Management MultiSpect Detection Engine Full Network Enforcement

Slide 12

12 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Item No. NameSocial Security Number Job TitleGross Pay 1John Smith987-65-4320CEO$200,000 2Kevin Brian987-65-4221VP R&D$150,000 3Margret White 769-65-7522VP Marketing $153,000 4Bob Johns342-62-3323CFO$140,000 5Mike Riddle777-43-4324COO$180,000 Correlates data from multiple sources using open language New MultiSpect Technology MultiSpect Detection Engine Detects more than 600 file formats 600+ File Formats 600+ Data Types Over 250 pre-defined content data types Detect and recognize proprietary forms and templates

Slide 13

13 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Simple Rule-based Policy Management Easily Define Policy to Detect, Prevent or Ask User

Slide 14

14 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Unified Control and Deployment Centralized Management For Unified Control Across the Entire Security Infrastructure Data Loss Prevention

Slide 15

15 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Ease-of-Deployment Dedicated Appliance Software Blade Network-based Inline Solution On Existing Gateways or Open Servers Be Up and Running Day-1! DLP-1

Slide 16

16 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point DLP At-A-Glance Move from Detection to Prevention Scaling from hundred to thousands of users Supporting HTTP, HTTPS, SMTP and FTP protocols Inline network-based Software Blade running on any existing Check Point gateway UserCheck notification using either thin agent or a returning email to the user Proactively block intentional and unintentional data loss

Slide 17

17 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point DLP Summary Check Point combines technology and processes to make DLP work Prevent Data Breaches Move from detection to prevention Enforce Data Policies Across the entire network Educate and Alert Users Without involving IT staff

Slide 18

18 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | DLP-1 Appliance Specifications DLP-1 2571DLP-1 9571 Performance Number of users 1,0005,000 Messages/Hour 70K350K Throughput 700 Mbps2.5 Gbps Specifications Storage 500 GB2 x 1 TB ( RAID 1 ) NICs 6 Copper 1GbE10 Copper 1GbE Optional Bypass card 4 ports - 2 segments (pre-packaged appliance) 4 ports - 2 segments (orderable as accessory) Price Price year 1 Without bypass card - $14,990 With bypass card- $15,990 $49,990 Add bypass card - $4,995 Annual price year 2+$7,000$12,000

Slide 19

19 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point DLP Software Blade CPSB-DLP-500CPSB-DLP-1500CPSB-DLP-U Recommended Users (depending on configuration)* Up to 500500-1,5001,500+ Messages/Hour 5,000-15,000 15,000- 50,000 50,000- 250,000 Max Throughput 700 Mbps1.5 Gbps2.5 Gbps Annual Price $3,000$7,000$12,000

Slide 20

2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Application Control

Slide 21

21 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | The Problem with Internet Applications Malware Threats Productivity Loss Bandwidth Hogging

Slide 22

22 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Introducing Check Point Application Control Software Blade Check Point Application Control Software Blade Detect and control application usage Available on EVERY gateway AppWikiIndustrys largest library with over 50,000 applications Educate users on corporate policies

Slide 23

23 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Introducing Check Point AppWiki Over 4,500 applications Over 50,000 social-network widgets Grouped in over 150 categories (including Web 2.0, IM, P2P, Voice & Video, File Share) http://appwiki.checkpoint.com Worlds largest Application Classification Library Unparalleled Application Control

Slide 24

24 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Measures the potential risk Granular Application Categorization IM Web conferencing Gaming. Share files High bandwidth Use stealth techniques Security Risk Advanced Properties Application Type

Slide 25

25 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | User and Machine Awareness User identification with both agent-based and seamless, agentless Active Directory integration Machine-aware Corporate Active DirectorySecurity Gateway User- and group-aware Includes User Identification

Slide 26

26 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Application Detection and Usage Controls Identify, allow, block or limit usage of applications at user or group level Enable access for support team Application Detection and Usage Controls

Slide 27

27 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Reality of Standard Application Control IT defines black & white policies Policies dont match real usageIT resorts to monitor onlyNo real control!

Slide 28

28 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Makes application control more practical Asks users to explain reasons for application usage Check Point UserCheck Technology Understand usage needs, while enforcing policy Ask Application Usage Alert You are trying to use Skype. Corporate application use policy does not allow the use of Skype. If you require Skype access for business, please click Explain blow. Corporate Proper Use Policy

Slide 29

29 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Makes application control more practical Asks users to confirm application usage in real-time Check Point UserCheck Technology http://www.youtube.com Understand usage needs, while enforcing policy Ask Application Usage Alert You are trying to access YouTube. Corporate application use policy limits YouTube access to business use only in order to save bandwidth. Please select and confirm your use-case: Personal, Business, or Cancel

Slide 30

30 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Alerts users in real-time Educates users on risk and usage policies Check Point UserCheck Technology http://www.facebook.com Inform and educate, while allowing application usage Inform

Slide 31

31 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point UserCheck Technology Use to preserve resources (bandwidth) or control acceptable use Limit http://apps.facebook.com/onthefarm Application Usage Alert You are trying to access Facebook Games. Corporate application use policy allows access to non-business related activities such as Facebook Games only during these times: 12:30-14:00 19:30-8:30 Corporate Proper Use Policy

Slide 32

32 2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Practical Implementation Traditional security policies are suitable for clear-cut cases Involve end-users using multiple policy actions Accept / Drop Allow but inform the user about the risks Inform Learn usage patterns to create better policies Ask Use to preserve resources (bandwidth) or control acceptable use Limit

Slide 33

2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Q&A

Slide 34

2012 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Thank You!