051
ENTERPRISE SECURITY BLUEPRINT
CHECK POINT SOFTWARE-DEFINED PROTECTION
CP
SDP
Automation and Orchestration
As defined by the SDP Architecture, access control and data protection policies are organization-
specific and change constantly based on new users, applications and new business processes.
In order to support these business process changes, Check Point Security Management provides CLIs
and Web Services APIs that allow organizations to integrate with other systems such as network
management, CRM, trouble ticketing, identity management and cloud orchestrators.
Open interfaces to external systems enable the Management Layer to understand the changes to the
environmentandtocoordinatesecuritypolicieswiththesechanges.Forexample,anewvirtualmachinewould
be automatically protected by the appropriate segment policy, based on the machine’s classification.
Visibility with Check Point SmartEvent
Security visibility is an integral part of the resilient security posture. The Management Layer is
required to provide both situation awareness and incident response capability.
Check Point SmartEvent performs big data analysis and real-time security event correlation. It offers
the ability to provide a consolidated and correlated view of an incident based on multiple sources of
information. An accurate event view is provided and helps incident responders identify the necessary
actions to be taken in order to defend the network.
Security event analysis creates actionable intelligence in the form of threat indicators that can be
distributed via ThreatCloud to block threats in real-time. Automated response mechanisms can
provide threat containment, allowing responders to take necessary actions before resuming operations.
Check Point SmartEvent
Figure CPSDP-G
