Check Point vSEC for Cisco ACI enables the rapid and secure deployment of applications in next-generation data centers. Combining the most comprehensive threat prevention security with complete visibility and control across both physical and virtual environments, Check Point vSEC lowers the costs and complexities of securing private clouds.
Advanced threat prevention security for private clouds
Enables the secure delivery of applications at a fraction of the cost and time
Improved operational efficiencies
vSEC provides industry-leading, advanced threat prevention to keep data centers protected from lateral movement of even the most sophisticated threats. Fully integrated multi-layer security protections include:
Cisco ACI provides the framework to automate policy-based service insertion from single-pane-of-glass management. The Check Point integration automates and simplifies the insertion of vSEC gateways into the ACI fabric to protect east-west traffic from lateral movement of threats.
The integration with Cisco’s Application Policy Infrastructure Controller (APIC) shares infrastructure context with the Check Point vSEC Controller, allowing objects such as end point groups (EPGs) to be imported and utilized within Check Point security policies. This reduces the time it takes to create and update security policies from minutes to seconds. What’s more, any changes or new additions to Cisco ACI objects are automatically reflected without the need for manual administrator intervention.
vSEC consolidates logging and reporting threats and security events. Check Point logs are enriched with ACI infrastructure context, including EPG names. Additionally, Check Point’s SmartEvent platform provides advanced incident tracking and threat analysis across both physical and virtual data-center network traffic.
Security is simplified and operationally efficient with centralized configuration and monitoring of all physical and virtual vSEC gateways. Security reports can be generated to track compliance across the ACI-enabled private cloud networks. Granular administrative privileges allow segmenting a single policy into sub-policies for customized protections, as well as delegation of duties per application or segment. With Check Point vSEC for Cisco ACI, security administrators get a holistic view of their security posture and complete threat forensics with unified logs and reporting across their physical and virtual networks.
|Supported Cisco Solution||APIC Version 1.3/2.0/2.1/2.2/2.3|
|Supported Check Point Releases||Check Point vSEC R77.30/R80.10
Check Point Gateway R77.30/R80.10
Check Point Smart Management R80/R80.10