Cloud computing is disrupting security models, leaving organizations struggling to figure out the most effective and efficient ways to mitigate risks to cloud-based digital assets. IT Central has put together the best Cloud Security Companies that offer a unified approach to cloud data security and provide a number of distinct advantages. This article explores how real users are leveraging unified cloud data security platforms, based on their experiences with CloudGuard Network Security (formerly called CloudGuard IaaS).
Cloud security use cases
IT Central Station members have put the Check Point portfolio to work in a variety of cloud use cases. For example, a Senior Network Engineer
at a marketing services firm with over 1,000 employees explained that his company uses CloudGuard as cloud protection for the MC65 Operating System, Amazon Web Services (AWS) and Microsoft Azure. For Oleg P
., a Senior Network/Security Engineer at Skywind Group, a computer software company with more than 500 employees, “The main usage of the Check Point CloudGuard Network Security within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades.”
Extending security controls, which had previously been packaged with physical appliances in mind, into virtual infrastructure is what CISO and Senior Director Technical Operations
uses CloudGuard Network Security for at an insurance company with more than 200 employees. As he said, “It’s an add-on capability to an existing virtual infrastructure, such as an AWS, Azure, or even on-premises solutions. It adds a security layer on top of your existing infrastructure with zero latency.” Rajiv T
., a Senior System Engineer at Gas South, an energy/utilities company with more than 200 employees, shared that CloudGuard Network Security “secures our assets in the cloud while providing access to applications in our vendor hosted data centers via IPSEC tunnels. We also use it for endpoint VPN for all our users.”
The unified approach to cloud security
The distributed and heterogeneous nature of the cloud compels security teams to devise simple but far-reaching countermeasures. The Check Point solutions help with the realization of this objective. As the insurance company CISO and Senior Director Technical Operations explained, “What’s most valuable to me is that it’s a contiguous solution that aligns well with the components that we’ve relied on and trusted from a traditional hardware, firewall, and unified threat management system. My engineers and analysts don’t have to learn another platform.”
He added, “We have already entrusted our security controls to Check Point for perimeter and physical security, and now we can do so at the virtual layer as well, which is key to us. It really augments their current stack of capabilities. It all aligns well under their umbrella of their Infinity architecture, which we have adopted.”
“We use its Unified Security Management to manage the solution for on-prem appliances,” said Alex T., a Cyber Security Manager who uses CloudGuard Network Security at H2O Power, a small energy/utilities company. “We combine our cloud and on-prem environments. We have multiple devices at different sites that we manage through the single Management Server, which elevates us, again, to another single pane of glass, instead of all these firewalls all over the place and having to log in to each one of them. We look at all the data and correlate it on the one system that we use to unify our physical sites and our cloud environment.”
For Alex T and two other users, the solution freed team members for other work. Mark G
., an IT Security Manager who uses CloudGuard Network Security at a sports company with over 10,000 employees, shared that “use of the Unified Security Management has definitely freed up security engineers to perform more important tasks.” A Network Security Engineer/Architect
who uses CloudGuard Network Security at a tech services company with over 1,000 employees had a similar experience.
This Network Security Engineer/Architect further explained, “We saved a lot of time, especially managing the threat prevention profiles because when we want to do some kind of exception or enable a new kind of protection, we can enable it on all our firewalls, not only the AWS but also on the on-prem firewalls at the same time using the same profile. That helps us a lot and saves us a lot of time because we don’t need to go to the AWS protection to do stuff and then to the other premise. It saves at least four hours a week.”
These are some of the advantages of the unified approach and platform for cloud data security. CloudGuard Network Security is just one of the key capabilities provided within the CloudGuard solution.