Software Defined Protection (SDP)

The bad guys innovate rapidly. To stay ahead of threats, you need a modern security infrastructure designed for today’s dynamic networks. Check Point’s Software Defined Protection (SDP) is a leap forward in security architecture, providing collaborative threat intelligence with a modular, agile infrastructure that most importantly, is secure. Essentially, SDP is the least complex way of looking at security and programming it to protect your network. It builds on Information Security concepts, while taking into account the realities of today’s complex and distributed networks that increasingly lack traditional boundaries.

Software Defined Protection (SDP) Video: Today Architecture for Tomorrow Threats Software Defined Protection (SDP) Video: Today Architecture for Tomorrow Threats

Software Defined Protection (SDP) 3 Layers Diagram: Management, Control, and Enforcement Layers

Protect Your Organization with Check Point’s Software Defined Protection (SDP)

Three Interconnected Layers:

Integrates security with business processes

  • Modularity
  • Centralized visibility
  • Automation and orchestration


Delivers real-time protections to the enforcement points

  • Threat intelligence
  • Access control
  • Data protection based on classification


Inspects traffic and enforces protections in well-defined segments

  • Segmentation
  • Centralized control
  • Infection prevention


Visibility for Situation Awareness and Incident Response

The Software Defined Protection (SDP) Management Layer provides security administrators with real-time visualization of security incidents. With this information they can enhance their incident response and overall insight into the network security posture. Because it is open and modular, the Management Layer provides administrators with a great deal of flexibility in definition and delegation of security

Software Defined Protection (SDP) Management Layer Diagram

Software Defined Protection (SDP) Control Layer Diagram

Enhanced Control of Policy Enforcement

At the core of the Software Defined Protection (SDP) architecture, the Control Layer generates software-defined protections that adapt rapidly in the face of new threats and changing network configurations. It develops these protections using advanced threat intelligence and then deploys precision policy updates using the enforcement points created by the Enforcement Layer.

Enforcement Points to Prevent Attack Proliferation

The Enforcement Layer segments the network, grouping together elements that share the same policy and protection characteristics. Segmentation allows for modular protection, preventing attacks from proliferating within the network and establishing trusted channels in which authorized traffic can flow unimpeded.

Software Defined Protection (SDP) Enforcement Layer Diagram

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO