The complexity of too many choices (source: ) The New York Times Too much choice is often confusing. Think about all the different types of cereal, perfume, or even political parties in some countries. However, often the multitude of choices is unavoidable. For example, when flying to a far-away destination, you have to choose between multiple flight options, considering cost, duration of travel, number of legs, different airlines, comfort, layovers, etc. This holds true for cloud marketplaces, like the . AWS Marketplace With so many options to choose from, it is important to understand the listings. If you’d like to purchase CloudGuard to improve your AWS security with an industry-leading cloud network security solution, or even to get a 30-day free trial, you should understand the different offerings available to ensure that you get exactly what you need. Check Point recently added three new offerings to the AWS Marketplace in order to provide AWS customers the opportunity to use CloudGuard with AWS Gateway Load Balancer (AWS GLB). This blog post explains all the CloudGuard Network Security offerings in the AWS Marketplace and is an update to the previous . explanatory blog post from August 2019 Before I explain each offering, I will provide a little detail about the AWS Marketplace, CloudGuard Network Security, and AWS GWLB. What is the AWS Marketplace? explains that the AWS Marketplace “enables qualified partners to market and sell their software to AWS Customers.” AWS In other words, AWS enables its customers to purchase software and services from 3rd party ISVs (Independent Software Vendors), Value-Added Resellers (VARs), and Systems Integrators (SIs) after these have been qualified by AWS. Additionally, AWS writes that “AWS Marketplace is an online software store that helps customers find, buy, and immediately start using the software and services that run on AWS.” AWS Marketplace is a great win-win as it supports the AWS ecosystem of partners, provides easy-to-use services to AWS customers and improves the usability of AWS services. There are currently over 16,000 different offerings in the AWS Marketplace, from over two thousand vendors, in eight different categories, with twelve pricing plans and eight delivery methods. AWS Marketplace is a self-service portal for customers to choose, trial and purchase solutions from AWS partners, but without the additional overhead which is often associated with lengthy contract and pricing negotiations. Customers who purchase third-party services or solutions in the Marketplace pay AWS for these purchases as part of their regular monthly bills; AWS then pays the thrid-party partners. What is CloudGuard Network Security? (CGNS) is a cloud-native security gateway which delivers industry-leading advanced threat prevention and multi-layered network security for all public, private and hybrid cloud deployments. CloudGuard Network Security Threat prevention security features include , , , , , and Anti-Bot, Threat Extraction and Threat Emulation. Firewall DLP IPS Application Control IPsec VPN Antivirus Integrated with leading configuration management tools, CloudGuard enables rapid deployment and supports full automation to support CI/CD processes and Infrastructure as Code practices. The Unified Security Management console provides consistent visibility, policy management, logging, reporting and control across all public, private and hybrid cloud networks as well as for on-premises deployments. AWS Gateway Load Balancer AWS Gateway Load Balancer (GWLB) is a new cloud service that makes it easy for customers to deploy, scale and manage multiple CGNS gateways, for many networking purposes. AWS launched GWLB in November 2020; on the same day, Check Point announced that . CloudGuard integrates with AWS Gateway Load Balancer at launch (from Check Point’s Summit, February 2021) explains the benefits of GWLB to AWS and Check Point customers. This video CPX360 What CGNS offerings are available in the AWS Marketplace? There are 9 in the AWS Marketplace. CGNS offerings The differences between these offerings are due to: Functionality: Next Generation Firewall with Threat Prevention (also known as ): This security gateway includes Firewall, IPS, Application Control, IPsec VPN, Antivirus, Anti-Bot, and Data Loss Prevention NGTP Next Generation Firewall with Threat Prevention and SandBlast (also known as ): This security gateway includes all features of NGTP functionality and adds Threat Extraction (which removes exploitable content and promptly delivers sanitized content to users) and Threat Emulation (which prevents infections from new malware and targeted attacks using threat sandboxing with the best possible catch rate, and is virtually immune to evasion techniques). NGTX Support for AWS GWLB (yes/no) Management: Security Gateways are managed from a Security Management Server which provides consistent security policy management, enforcement, and reporting within a single pane of glass. (Note that certain offerings in the AWS Marketplace include only the security gateway, others include only the management server, and one offering – – includes both) CloudGuard Network Security All-In-One Pricing models: PAYG: Pay-as-you-go pricing allows you to pay only for what you use. The AWS Marketplace pricing reflects the full price of using Check Point’s offering: payment to Check Point for the software license and payment to AWS for the AWS infrastructure resources consumed. BYOL: Customers who have already obtained a software license from Check Point can use these licenses; the AWS Marketplace BYOL pricing is paid to AWS for the AWS infrastructure resources consumed. Note also that different offerings also support different sets of AWS instances. The table below shows the differences between the nine CGNS offerings in the AWS Marketplace, as well as the instances supported by each offering. ** PAYG or BYOL** Security Gateway Functionality Security Management****Functionality Supports GWLB? CloudGuard Network Security Next-Gen Firewall with Threat Prevention PAYG Threat Prevention Not included.Choose one of the Check Point Security Management offerings No CloudGuard Network Security with Threat Prevention and SandBlast PAYG Threat Prevention and SandBlast Not included.Choose one of the Check Point Security Management offerings No CloudGuard Network Security with Threat Prevention & SandBlast BYOL BYOL Threat Prevention ORThreat Prevention and SandBlast (depends on customer’s existing license) Not included.Choose one of the Check Point Security Management offerings No CloudGuard Network Security for Gateway Load Balancer PAYG Threat Prevention Not included.Choose one of the Check Point Security Management offerings Yes CloudGuard Network Security for Gateway Load Balancer with SandBlast PAYG Threat Prevention and SandBlast Not included.Choose one of the Check Point Security Management offerings Yes CloudGuard Network Security for Gateway Load Balancer – BYOL BYOL Threat Prevention ORThreat Prevention and SandBlast (depends on customer’s existing license) Not included.Choose one of the Check Point Security Management offerings Yes CloudGuard Network Security All-In-One PAYG Threat Prevention and SandBlast Included No Check Point Security Management PAYG Not included.Choose one of the CloudGuard Network Security offerings Included N/A Check Point Security Management (BYOL) BYOL Not included.Choose one of the CloudGuard Network Security offerings Included N/A Please note that the AWS Marketplace offerings allow you to deploy a single gateway each time. For AWS Cloudformation templates or more comprehensive deployments (including Auto-Scaling, High Availability, etc.), please refer to . sk111013 For more information on: AWS Marketplace: The main page is here AWS GWLB: Read this blog CloudGuard Network Security: See the product page here AWS Cloudformation templates and more comprehensive deployments: see here The Check Point Cloud Security Blueprint documents, which outline best practices and principles for building secure cloud deployments: see here About CloudGuard provides unified cloud native security for all your assets and workloads, giving you the confidence to automate security, prevent threats, and manage posture – everywhere – across your multi-cloud environment. Check Point CloudGuard CloudGuard provides multi-layer cloud security with multiple capabilities. One of these is , as explained above. Organizations with on-premises environments and in the process of migrating to the cloud with CloudGuard receive unified and consistent security management of all their on-prem and cloud environments and experience the: CloudGuard Network Security and cloud migration Most secure, easiest quickest Lowest total cost of ownership

Amazon

Check Point

CloudGuard added AWS GWLB: What that Means for AWS Marketplace Offerings

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Best Practice: Identifying And Mitigating The Impact Of Sunburst

101 Stories To Learn About Cloud Infrastructure

10 Things in Engineering We Don't Spend Enough Time On

10 Things I Did To Increase CloudTrail Logs Security

10 reasons to give cloud computing a go

10 Lessons from 10 Years of AWS (part 1)

Best Practice: Identifying And Mitigating The Impact Of Sunburst

101 Stories To Learn About Cloud Infrastructure

10 Things in Engineering We Don't Spend Enough Time On

10 Things I Did To Increase CloudTrail Logs Security

10 reasons to give cloud computing a go

10 Lessons from 10 Years of AWS (part 1)

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps