047
ENTERPRISE SECURITY BLUEPRINT
CHECK POINT SOFTWARE-DEFINED PROTECTION
CP
SDP
For private cloud environments, the Check Point Virtual Edition (VE) offers
both hypervisor-level and VM-level enforcement, allowing customers to segment
inter-VM traffic. VE enforcement points are provisioned automatically by the
Management Layer, securing new VMs as they are created and moved between
physical hosts.
Check Point Amazon Security Gateway allows enterprises to enforce segmentation
and firewall policies on systems within the Amazon Web Services (AWS) public
cloud environment.
Check Point Gateway in the Cloud
For mobile users that roam outside the protected corporate environment, Check Point offers
enforcement gateways in the cloud that allow organizations to extend their security policies to the
cloud. All roaming user traffic is tunneled through an enforcement point in the cloud supporting
Check Point threat prevention, access control and data protection.
Check Point SDP Control Layer
The Control Layer is the core of the SDP Architecture. Its role is to generate protections and to deploy
them for execution at the appropriate enforcement points. It is also the area where for the past twenty
years, Check Point has been providing customers with innovative and industry leading protections.
Check Point Software Blade Architecture
Check Point SDP control layer is based on Check Point Software Blade Architecture that provides
customers with flexible and effective security solutions to match their exact needs. With a choice of
Control Layer
Next
Generation
Threat
Prevention
Security
Policy
Next
Generation
Access
Control
Next
Generation
Data
Protection
THREATCL UD
Check Point SDP Control Layer
Figure CPSDP-D
