How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use CloudGuard for compliance and auditing. About 20 people in our company use it, including our cloud administrators use it and security personnel. And now even our managers, our scrum masters are using it.
It is a good tool for a large enterprise operating across multiple cloud environments, like AWS, Azure, or a hybrid infrastructure. Check Point posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft.
We primarily use this solution for: * Posture management and compliance for the complete cloud environment (AWS). * Centralized visibility of our cloud assets across multiple accounts in our cloud environment. * Monitoring and alerting of cloud activity (API calls) happening across all the accounts. * Reviewing security configuration (network configuration of security groups). * Scanning serverless functions for existing vulnerabilities. * The baseline for security policy as per workload based on services such as S3, EC2, et cetera.
I have been using it in my AWS-Azure multi-cloud schema in order to monitor and protect transactions and data from all escalations - not only what we have at the database level. It helps us protect the data of our big data. It has been the complete solution to help cover our lack of security at the infrastructure level. Not only does it cover the servers, but at the workstation level, it is monitoring what users are doing. It identifies actions and can make automatic remediation at a user level.
Our primary use case of this solution is for compliance on the cloud and Check Point is very good for tracking that. We are resellers of Check Point CloudGuard and I'm the managing director of the company.
We currently have hybrid cloud environments, so different cloud platforms are being used by the business for different use cases and systems are being deployed at a very fast pace. It's very challenging to enforce security and have eyes on everything that exists in the cloud unless you have centralized tools helping you accomplish this goal. Today Dome9 is helping us analyze what we have out there and what our priorities should be from a remediation perspective. We do have multiple accounts today with the different cloud providers, so it's imperative to use a tool like Dome9.
CheckPoint Dome9 is a cloud security management solution for our Azure cloud environment, and we have Azure for our cloud services. With this solution, we manage our network security policy management and automation for our cloud environment across providers, accounts, and regions. Dome9 provides us policy compliance based on our requirements. If we request SOX or HIPPA, based on that we will enable the policy and we will get the reports as well. We also create users and set policies and we can monitor the logs.
Dome9 is a SaaS security solution that handles compliance and security for cloud. There are two major functions, and the first is to operate as a central firewall monitoring and management system in the cloud. We have more than 100 firewalls in the cloud, and Dome9 allows us to manage them. The second function is its role as a compliance suite that helps you in keeping your cloud platforms compliant with PCI or ISO 27001. For the most part, this is what I used it for. In the beginning, Dome9 did not have many features. There were only these two.
We pull all of our cloud platforms into Dome9: AWS and Azure as well as our Kubernetes environment. We use it for a few things: * It provides policy compliance. If we wanted to use SOX compliance or HIPAA, then we can turn on rules for that. Then, if something is in violation of one of those rules, it will let us know and we can correct it. * We are able to set users, authentication, and powers, e.g., give users the ability to create networks. * We use it for log monitoring. We are able to pull in logs from cloud environments, review them, and take action.
We use Dome9 for security groups on the AWS/Azure side. We use it for inventory purposes, to gather all of the accounts into one single view. We do some governance and compliance in it as well.
The primary use case has been for auditing the cloud infrastructure in terms of security, because our company has been audited a lot of times. For the cloud, this is a tool that we use to audit the cloud environment. For example, all of the S3 buckets are encrypted to know if we don't have servers exposed to the Internet where they shouldn't be. This solution runs some compliance reports. That is why we use it. We use it the most to check if things are complaint, because the compliancy checking is accurate.
We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades. In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall. There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways. Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.
* Visibility for cloud workloads, including server, serverless and Kubernetes. * Security configuration review along with automatic remediation. * Posture management and compliance for a complete cloud environment. * Centralize visibility for a complete cloud environment of the workload hosted on multiple cloud platforms (AWS and Azure). * Baseline for security policy as per the workload based on services, such as S3, EC2, etc. * Visibility of an API call within the environment. * IAM management providing access to the cloud network in a controlled manner. * Alerts and notifications for any security breach/changes in the cloud environment. * Flow visibility of traffic to and from the cloud environment. * Real-time alerting for any security incidents. They provide support for Azure, Amazon, GCP, and Alibaba. However, we just have AWS and Azure.
1) Visibility for Cloud Work Load for Server, Server Less & Container environment 2) Security configuration review along with auto-remediation 3) Posture management and Compliance for complete Cloud Environment 4) Centralize Visibility for Complete Cloud Environment of Workload hosted on Multiple Cloud Platform (AWS, Azure, and GCP) 5) The baseline for Security Policy as per Workload based on Services such as S3, EC2, etc 6) Visibility of API call within the environment 7) IAM management providing access to cloud network in a control manner 8) Alert and Notification for any Security breach/Changes in Cloud environment 9) Flow Visibility of traffic from and to Cloud Environment 10) Real-time alerting for any incident
We are a reseller of security solutions, and we also offer professional and managed services around them. We cover network security, web application firewalls, email, web security, security information and event management, privilege access management, and other such products. Dome9 is one of the solutions that we implement for our customers, and they use it to help secure their cloud. It works on several cloud platforms, including Azure and AWS. It will handle security issues such as ensuring a proper configuration, that the credentials are set up correctly, and that the storage of sensitive data is appropriately configured. Some of our customers use Dome9 for discovery, to help them understand the different accounts that they have in the cloud. Very often, there can be a proliferation of cloud-based accounts and applications that the organization on a wider basis is not aware of. Dome9 is very good if you need to get an inventory and reporting on the current state of your environment.
We are a solution provider and we are evaluating multiple tools for cloud workload security and vulnerability management. We are evaluating products such as Dome9 to figure out which one would be best for our customers. This solution is used to replace a variety of cloud security and management tools.
We have been researching this solution as something to provide for clients who are interested in implementing a high-security AWS environment.
The primary use case for this solution is associated with a challenge whereby we have multiple cloud computing platforms. We have our past cloud platforms in AWS and ECP. Therefore, we can configure management and policy governance tools to deployment across all sites.
What do you like most about Check Point CloudGuard Posture Management?
Thanks for sharing your thoughts with the community!