How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

vSEC for Cisco ACI

Check Point vSEC for Cisco ACI enables the rapid and secure deployment of applications in next-generation data centers. Combining the most comprehensive threat prevention security with complete visibility and control across both physical and virtual environments, Check Point vSEC lowers the costs and complexities of securing private clouds.


Advanced threat prevention security for private clouds

  • Multi-layered security architecture—including award-winning Check Point SandBlast Zero-Day Protection—safeguards private cloud environments against even the most sophisticated attacks
  • Secure east-west traffic between physical and virtual machines to prevent lateral movement of threats within the private cloud
  • Security protections include Firewall, Intrusion Prevention System (IPS), Anti-Virus, AntiBot, Anti-Spam, Application Control, as well as Check Point SandBlast Zero-Day Protection

Enables the secure delivery of applications at a fraction of the cost and time

  • Tightly integrated with the Cisco APIC controller for automated security provisioning and policy orchestration
  • Dynamically learns ACI-defined objects such as end point groups (EPGs) in vSEC Controller, including any changes or new additions, without manual intervention

Improved operational efficiencies

  • Unified management with a single policy for virtual and physical gateways simplifies security enforcement
  • Centralized logging and reporting provides complete forensics analysis inside private cloud data centers


Comprehensive Threat Prevention

vSEC provides industry-leading, advanced threat prevention to keep data centers protected from lateral movement of even the most sophisticated threats. Fully integrated multi-layer security protections include:

Automated Security Provisioning

Cisco ACI provides the framework to automate policy-based service insertion from single-pane-of-glass management. The Check Point integration automates and simplifies the insertion of vSEC gateways into the ACI fabric to protect east-west traffic from lateral movement of threats.

Automated and Dynamic Security Policy

The integration with Cisco’s Application Policy Infrastructure Controller (APIC) shares infrastructure context with the Check Point vSEC Controller, allowing objects such as end point groups (EPGs) to be imported and utilized within Check Point security policies. This reduces the time it takes to create and update security policies from minutes to seconds. What’s more, any changes or new additions to Cisco ACI objects are automatically reflected without the need for manual administrator intervention.

Complete Threat Visibility and Control

vSEC consolidates logging and reporting threats and security events. Check Point logs are enriched with ACI infrastructure context, including EPG names. Additionally, Check Point’s SmartEvent platform provides advanced incident tracking and threat analysis across both physical and virtual data-center network traffic.

Centralized and Unified Security Management

Security is simplified and operationally efficient with centralized configuration and monitoring of all physical and virtual vSEC gateways. Security reports can be generated to track compliance across the ACI-enabled private cloud networks. Granular administrative privileges allow segmenting a single policy into sub-policies for customized protections, as well as delegation of duties per application or segment. With Check Point vSEC for Cisco ACI, security administrators get a holistic view of their security posture and complete threat forensics with unified logs and reporting across their physical and virtual networks.

Learn More


Supported Cisco SolutionAPIC Version 1.3/2.0/2.1/2.2/2.3
Supported Check Point ReleasesCheck Point vSEC R77.30/R80.10
Check Point Gateway R77.30/R80.10
Check Point Smart Management R80/R80.10