Check Point CloudGuard Network Security provides consistent policy management and enforcement of advanced security protections, is automatically deployed and dynamically orchestrated into software-defined data center environments. CloudGuardfor Cisco ACIprovides industry-leading security for ACI environments. CloudGuard provides the following capabilities to improve customers’ Cisco ACI security:
Cloud Network Visibility and Visualization : CloudGuard implements microsegmentation for ACI environments, providing deep insight into both north-south and east-west traffic flows. This granular visibility aids in understanding data flows within a corporate network and enforcing corporate security policies.
Advanced Threat Prevention : CloudGuard’s advanced threat prevention capabilities combine a full security stack – including a firewall, intrusion prevention system (IPS), antivirus, and anti-bot protections – with secure remote access, threat extraction and sandbox-based threat emulation .
Automation and Orchestration : Cisco ACI enables network infrastructure to be defined based upon network policies. The integration between Check Point CloudGuard and Cisco ACI means that an organization can automatically insert and provision CloudGuard security gateways into ACI environments for security policy enforcement.
Policy and Compliance Enforcement : CloudGuard receives context from Cisco’s APIC, which enables policy information defined within the ACI environment to be used to quickly define security policies. These security policies can then be easily enforced in ACI using CloudGuard gateways.
Data Protection : CloudGuard’s integration with ACI enables it to apply data loss prevention (DLP) to ACI environments. This helps to protect an organization’s sensitive data from being lost or stolen.
Centralized Security Management : Using CloudGuard with ACI enables the security of the ACI ecosystem to be monitored and managed from the same console as the rest of an organization’s network infrastructure. This makes it easier for security analysts to detect and respond to potential threats within their public, private and on-prem networks.
