045
ENTERPRISE SECURITY BLUEPRINT
CHECK POINT SOFTWARE-DEFINED PROTECTION
CP
SDP
Check Point SDP Enforcement Layer
As the borders of the perimeter continue to blur and expand, organizations need to segment their IT
environments including both their internal network and their cloud and mobile environments.
To secure the boundaries of each segment, Check Point offers a wide range of enforcement points.
These include high-performance network security appliances, virtual gateways, and endpoint host
software and mobile device applications. Check Point provides enterprises with all the building blocks
needed to engineer segmented, consolidated and secure systems and networks.
Network Enforcement Gateways
Check Point offers network enforcement gateways in the shape of appliances and software that can
run on open platforms, allowing customers to choose their own flavor of enforcement points.
Check Point security appliances feature 19 different models that can fit organizations of all sizes.
The Check Point appliance product line starts with the 600 and 1100 appliances to protect small and
branch offices, and goes up to the
security gateway, the fastest security gateway in the industry
that offers unparalleled performance and scalability for high-end enterprise and data centers.
INTERNET
DEPARTMENTAL
SERVERS
MPLS
LAN
INTERNAL
SERVERS
SENSITIVE
SERVERS
V
V
V V V
LOG
LOG
LOG
LOG
TRUSTED CHANNEL
LOG
DMZ
LOG
LOG
LOG
Logging
Pre-infection Threat Prevention
Post-infection Threat Prevention
Inbound Access Control
Outbound Access Control
Data Protection
VIRTUALIZED
SECURITY GATEWAY
Check Point SDP
Enforcement Layer
Figure CPSDP-B
