It's now approaching three years since Check Point unveiled its blade architecture – essentially a 'soft' box appliance for admins to manage events, set security policies and apply protections from a single interface – but now the technology is starting to be used in a cloud environment, she explained.
“So why are we interested in the cloud? Well, we have a high percentage of large enterprises and they all wanting to reduce their [security costs]. The cloud is big pull for them”, she told her audience in the security theater.
Check Point, she added, is now working with Amazon and other cloud companies in developing security services using blade technologies, allowing these companies to offer cloud-based security offerings to their customers.
This service-based approach to security – which Ikomi admited is still in its early stages of development – is an interesting new development.
The firm is also working with telcos such as AT&T and Orange, using Check Point's VSX technology, which will allow each customer to have their own domain and security policies.
The most important thing to remember about the cloud, said Ikomi, is that IT professionals should not deploy and forget about the cloud when it comes to security, and should review their cloud security technology and allied systems on a regular basis.
“You [really] can have the same security in the virtual world as in a real world server”, she said adding that you need to log all virtualized events and data traffic in order to get a complete picture of what is happening.
Audit logging, she went on to say, is also essential, noting that some corporates are now starting to use private – rather than public – clouds, which she says have special security needs.
“You need to ensure security in a dynamic environment”, she said, adding that Check Point's Security Gateway virtual edition meets these needs, since it can be used in a hypervisor mode (layer 2) or as a standard gateway (layer 3) configuration.
Whichever configuration is deployed, however, Ikomi said that users get a single console to manage their firewall rules and other security policies.