- CheckMates
- :
- Products
- :
- Infinity Global Services
- :
- NDR
- :
- Re: SandBlast Now Product Brief
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SandBlast Now Product Brief
Posting product brief, describing the SandBlast Now DEPLOY - HUNT - PREVENT concept of operations and toolset. SandBlast Now is available as both a management add-on for on-premises deployment, and as a hosted service - at now.checkpoint.com.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SandBlast Now is generally available to all customers. We have many production customers on the now.checkpoint.com cloud, and a few that have purchased private Now clouds.
CGI TAP is considered to be in EA. The main gaps towards GA are support for LB tapping for autoscaling; and a cloud service SKU.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would like to know more information and what are the SKUs of the supported appliances, licensing, etc. to position in our clients.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Miguel,
The collateral hasn't kept up with the R&D team, we're moving really fast 🙂.
First of all, there are a few other posts on Checkmates - look for CGI TAP, a SandBlast Now Tech Talk, and a CPX 2020 breakout presentation by one of our customers.
We will be launching a new set of SandBlast Now Cloud service SKUs in the near future. Till that further notice, the existing licensing scheme is that the cloud service is included in the NGTX service. In other words, if you have an active service contract and support on your NGTX, you can use it in "Now Mode".
One caveat is that we support inline configurations only with a fail-open NIC. To make it easier, we created six NOW bundle SKUs that include a 4 port 1Gbps copper fail-open NIC with an NGTX appliance. These are: CPAP-SG5100-NOW, CPAP-SG5400-NOW, CPAP-SG5800-NOW, CPAP-SG5900-NOW-SSD, CPAP-SG15600-NOW, CPAP-SG23800-NOW. But as noted above, you can just use a standard NGTX license.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Nir, can we put a fail-open card into an existing appliance to convert it to a "NOW" appliance?
Jeremy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. You actually need the fail-open card only if there's a need to put the appliance inline. A "NOW" appliance is simply a Check Point R80.40 gateway with a NOW hotfix.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Nir,
Just to confirm, the Sandblast NOW cloud service is included with the NGTX right? To deploy this appliance I also need an onprem or cloud management?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's included with NGTX, yes.
The appliance must be enrolled in the SandBlast Now portal, which brings the appliance under cloud management.
No local management is required.
Further, we do now have failopen NICs for the Quantum appliances (6000 and up):
- CPAC-2-10FSR-BP-C (2 port 10gb fiber fail-open NIC)
- CPAC-4-1C-BP-C (4 port 1gb copper fail-open NIC).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Miguel, Dameon, all,
As noted above on this topic, our long standing intention has been to require a NOW cloud service SKU in addition to NGTX service and support.
SandBlast Now is a completely automated plug and play solution, so no management deployment is required by the customer. However, Check Point does host the customer's logs and provides threat intelligence management, hosted SmartEvent, and advanced threat hunting analytics.
Therefore, for all new deals, we are now also requiring one of the following Smart-1 Cloud SKUs:
- Smart-1 Cloud - for Smart Intel customers, providing threat indicator storage and distribution
- Smart-1 Cloud with SmartEvent - hosted SmartEvent
- Smart-1 Cloud with SmartEvent and Compliance - includes advanced Threat Hunting Analytics
Note: This notice does not apply to customers who purchase a private SandBlast Now Cloud (i.e. not hosted by Check Point).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Nir_Naaman!
Do you have an updated "Product Brief" doc or datasheet for this solution? Also...What is the final name for this solution (CloudGuard NDR o Infinity NDR)??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @MikeB,
The product brief is currently being refactored to align with the new Infinity NDR branding. Meanwhile, the product has been listed on https://www.checkpoint.com/solutions/security-operations/.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @MikeB,
An Infinity NDR-branded product brief has finally been produced. See: https://community.checkpoint.com/t5/CloudGuard-NDR/Infinity-NDR-Product-Brief-2-pager/m-p/146929#M58.