Last month we attended the Check Point Experience USA 2017 conference in Las Vegas.
‘What happens in Vegas stays in Vegas’ – True, but we still wanted to share some of our experiences and thoughts from the event.
During the show we spoke with many security professionals from various geographics and positions: from network engineers, responsible for the daily task of opening firewall ports, to security managers who oversee their companies’ security strategies.
It is an interesting time to be in the data center security business. Major shifts are happening – the rise of the Software Defined Data Center, the move to the cloud, the increased focus on agility, elasticity, orchestration and automation. These trends have profound impact on the security posture of any organization. The security teams we met with know that they have to change their mindset to accommodate these changes.
While every organization has its own security strategy, there were a few major challenges which came up in (almost) every conversation we had:
- Visibility and breach detection in an agile environment. Developers are given much more freedom in modern environments. Test and production servers are rapidly being spun up and down, new applications and application upgrades are deployed on a daily or even hourly basis, and security teams are often left in the dark when it comes to knowing what their data center is actually doing. Legacy security approaches provide next to zero visibility in the data center, leaving them unable to assess security risks and detect breaches.
- Security consolidation. Data centers are becoming more dynamic and diverse. Legacy, on-premises data centers are shifting to complex, hybrid data centers with workloads running on various private and public clouds from different providers – each with its own risks and security solutions.
Security teams are desperately looking for products that provide a consistent experience and security value across data centers and clouds. Without consolidated products, security teams will have to maintain an increasing number of technologies, reducing team efficiency.
- Security needs to keep up with R&D and Devops. When it comes to how enterprises deploy and operate their security products, each organization has its own way. Inflexible security products and approaches which limit the speed of developers or security teams will simply be turned off. Security teams in medium and large enterprises are tailoring products to their own needs, binding them to their automation and orchestration suites.
We were proud to be featured in one of the conference’s keynote Cyber Talks, where Brian Linder from Check Point interviewed Michael Lamberg (OpenLink’s VP & CISO) who deployed GuardiCore Centra and Check Point vSEC in his Azure environment. Mike shared his experiences of moving his product from a legacy, on-premises data center to the Azure public cloud, and his need for a solution which worked in this critical, dynamic environment.
Mike described GuardiCore as the solution which enabled him to get visibility into his Azure environment – seeing all east west traffic between Azure VMs (between and inside VNETs), including process-level information about each flow. This level of visibility enabled his engineering team to better understand what Openlink’s cloud applications were doing, and then set a baseline for the correct, secure behavior of VMs. Once this baseline is violated, Openlink’s security teams can get a real time alert with full details on the potential brach.
We hope to see you all in CPX Europe 2017, where we will present GuardiCore Centra in the pre-conference training sessions and on the show floor. Come say hi, grab some swag, and learn how GuardiCore can assist you in securing your data centers and clouds.