Introduction

Check Point CloudGuard is a web-based, SaaS platform that provides unified, cloud-native security across your applications, workloads, and network. You can use it to automate security, prevent threats, achieve compliance and manage posture for all of your cloud environments – from Amazon AWSClosed Amazon® Web Services. Public cloud platform that offers global compute, storage, database, application and other cloud services., and Microsoft AzureClosed Collection of integrated cloud services that developers and IT professionals use to build, deploy, and manage applications through a global network of data centers managed by Microsoft®., to Google Cloud Platform, and more.

CloudGuard offers depth of coverage for all container types, rich visualization of cloud assets, and an assessment of security posture to quickly identify misconfiguration issues and threats. Understand at a glance what is running in your container environment and how it is configured. Visualize KubernetesClosed Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. data flows and gain visibility of container misconfigurations and anomalies.

CloudGuard's powerful layer of Threat Intelligence transforms cloud big data into high-definition, actionable security logic. Customize alerts and built-in queries, quarantine threats, and stop attacks in progress.

CloudGuard ensures network security and enforces security policy, prevents unauthorized changes, and enforces the previously defined configuration. Regardless of whether you use public or private clouds, CloudGuard facilitates server configuration management. Its flexible security management tools ensure compliance and reduce configuration errors and potential breaches.

Build custom compliance rules using intuitive GSL language, and align with NIS & CIS security benchmarks, with the largest number of rulesets and compliance frameworks across cloud environments.

To manage your environments in CloudGuard, start with onboarding them into CloudGuard. The onboarding process gives CloudGuard application permissions to access resources in your cloud environments. CloudGuard does not have permissions to access content in any of your assets such as S3 bucketsClosed A bucket is a container for objects stored in Amazon S3 (Amazon Simple Storage Service)., RDSClosed Relational Database Service (RDS) - A web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks. databases, or EC2Closed Amazon EC2 - A web service for launching and managing Linux/UNIX and Windows Server instances in Amazon data centers. instances. When you onboard an environment to CloudGuard, you can select to manage the environment fully in CloudGuard or to give CloudGuard read-only permissions to monitor.

This video shows what you can do with CloudGuard Infinity Portal:

System Architecture

The diagram below shows the system architecture for the CloudGuard portal.

CloudGuard is connected to cloud platforms with the respective platform APIs and platform notification services, such as SNS for AWS. In addition, CloudGuard can connect to logging, ticketing, and email systems, such as ServiceNow and PagerDuty, to forward CloudGuard alerts.

Upstream, corporate systems can connect to CloudGuard with its REST APIClosed Also known as RESTful API - an application programming interface (API or web API) that conforms to the constraints of REST architectural style and allows for interaction with RESTful web services., to implement automation processes to manage activities on CloudGuard. Moreover, users can use Infrastructure as Code systems, such as TerraformClosed An infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. or AWS CloudFormation, to connect to CloudGuard.

Additional Resources

  • CloudGuard Knowledge Base - The Knowledge Base articles explain how to configure and use various CloudGuard features, how to use 3rd-party services and systems with CloudGuard, and how to use the CloudGuard REST API.

  • CloudGuard REST API - You can access CloudGuard programmatically with the CloudGuard REST API. The API has resources to onboard accounts, manage security groups, retrieve findings, run compliance assessments, and more.

  • CloudGuard GSL Knowledge Base - The GSL Knowledge Base is a comprehensive repository of CloudGuard GSL rules and compliance rulesets.

  • CloudGuard Release Notes - The Release Notes indicate the latest features and fixes in the CloudGuard portal.

  • Administration Guide - This guide is used with a standalone version of the CloudGuard portal.