Inter-VM Traffic Inspection
Ensure virtual machine security inter-VM traffic inspection using granular firewall policies and integrated best-in-class Intrusion Prevention (IPS). The Security Gateway VE Software Blade utilizes VMware VMsafe technology to seamlessly enforce hypervisor security.
Typically, using external security appliances to inspect inter-VM traffic impacts performance and complicates topology. However, with the Security Gateway VE Software Blade, performance is increased by inspecting virtual machine traffic inside the virtual system.
The Security Gateway VE Software Blade enables you to separate virtual applications, protecting them from each other as well as external threats. Integrated IPS utilizes signature and protocol-anomaly-based intrusion prevention to protect business-critical services like FTP, HTTP and VoIP from known and unknown attacks. Check Point update services provide real-time updates to keep protections current with the latest defenses.
Security Enforcement for Dynamic Virtualized Environments
Protection for virtual machines is uninterrupted during live migration from one host to another and while new virtual machines are added, ensuring zero down time for maintenance and dynamic resource allocation. Full support for VMware VMotion and DRS allows the security policy to be enforced while maintaining open connections.
Virtual machines are so easy to create that it sometimes leads to VM sprawl. The Security Gateway VE Software Blade alleviates this concern by ensuring that newly added virtual machines are segregated from existing VMs with automatic security policy enforcement.
Complete Virtualized Security Solution
The Security Gateway VE Software Blade simplifies security deployments by consolidating proven security functions within a single solution, streamlining deployment and administration. Virtual machines are protected from external threats, as well as from each other, with best-in-class integrated firewall, IPS, VPN, anti-virus, anti-spam, URL filtering and web security. Where separation of servers and data is required for compliance, the Security Gateway VE Software Blade protects segregated applications and information from one another without the need for physical security appliances.
In addition to seamless hypervisor-layer security, the Security Gateway VE Software Blade also provides the flexibility to be deployed as a Layer 2 or Layer 3 default gateway.
The Security Gateway VE Software Blade reduces administration overhead by automatically applying security to virtual machines without the need to change network topology configuration for the VMs, VLANs or VSwitches.
Single, Unified Management
The Security Gateway VE Software Blade is managed from the same security management or Multi-Domain Management (MDM) as all other physical Check Point security gateways and appliances. This enables you to ensure consistent security at all gateways without the expense of separate management consoles.
Traffic logging, reporting and full virtualization auditing solutions tailored for the virtual infrastructure enable users to accelerate and achieve compliance, with dedicated reports that are mapped to relevant requirements within the PCI, SOX, HIPAA, COBIT and ISO 17799 regulations and standards.
Check Point security management and MDM can also be deployed on virtual machines.
Integrated into Flexible Software Blade Architecture
The Check Point Software Blade architecture is the first and only security architecture that delivers complete, flexible and manageable security to companies of any size. With unprecedented flexibility and expandability, Software Blades deliver lower cost of ownership and cost-efficient protection that meet any need, today and in the future.
Full integration into the modular Software Blade Architecture allows for rapid and easy activation on any Check Point security gateway.