Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Garrett_DirSec
Advisor

EA and details on Cloudguard Connect for Users (ie. VPN to cloud gateway)

Hello -- I understand from another thread and comment by @Tomer_Noy that Cloudguard Connect for Users is in some form of EA (  My apologies if I attributed this to wrong person ).

I perceive this is basically the current Clouguard Connect (gateway in the cloud) with added functionality for remote access end-user VPN.

This would compete directly with Netskope Private Access and PAN Prisma Access.

Do you have any further details?   Will it include features for ZTNA (zero trust) and possibly turn-key MFA either with native support for Google Authenticator and/or integration with existing 3rd party providers?

Considering current global situation, this product can't be available soon enough.

thx -Garrett

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

@Tomer_Sole what can we share about this?

0 Kudos
Kevin_Orrison
Collaborator

Is there any news on CloudGuard Connect for Users? My SE hasn't been able to get much information or someone I can talk to about the product in much detail. I'm very interested in doing an EA as I am evaluating VPN products as we speak.
0 Kudos
PhoneBoy
Admin
Admin

Unfortunately, I don't have any details I can share publicly at the moment.
Pretty sure @Tomer_Sole will reach out privately, though. 😬

0 Kudos
Tomer_Sole
Mentor
Mentor

Hi,

 

We are about to start a private early availability program for security for users - expanding Check Point's CloudGuard Connect to employees outside their office.

 

Corporates can secure their users by deploying a very lightweight agent that simply routes all traffic through Check Point's cloud, giving you:

  • Prevention of malicious files using sandbox for unknown attacks, and using domain, URL reputation, and IPS signatures for known attacks
  • Prevention of access to malicious websites using URL Filtering, Application Control, and Threat Prevention domain and URL reputation
  • Prevention of infected hosts communicating back to their command & control servers
  • Prevention of access to websites that run dynamic content which exploits vulnerabilities of their web browser (using IPS)

As well as full access control (NGFW), HTTPS Inspection and Identity Awareness.

 

CloudGuard Connect has a scalable architecture and also provides

  • 99.999% uptime
  • Automatic always up-to-date R8x security enforcement 

 

To sign up, please email CloudGuardConnect_EA@checkpoint.com along with your Check Point sales representative.

Please note that accepting signups is depended on the capacity of the early availability team.

 

 

We have a parallel project for cloud remote access to corporate data centers or VPC's, managed by the CloudGuard Connect policy. Details about this project will be posted later on.

 

 

Kevin_Orrison
Collaborator

Thanks for the reply. So can only existing CloudGuard Connect customers leverage this new technology? Is this only currently planned for protecting a remote user's connection to the internet? Or will this also act like a VPN to corporate resources in the data center? If so, how does the CloudGuard infrastructure connect to a customer data center? Through a standard IPsec tunnel to the data center firewall? Or is this an outbound only tunnel from an on prem VM to the CloudGuard infrastructure. The later is how I see most cloud delivered VPNs function.
0 Kudos
Garrett_DirSec
Advisor

Hello -  I'll let @Tomer_Sole chime in but here's some information below.

I suggest the EA being discussed is an evolution of current CloudGuard Connect (virtual gateway in cloud).     The current released Cloudguard Connect platform does not include remote access VPN services. 

The EA (Cloudguard connect for Users) specifically adds remote access functionality with policy, threat prevention, etc.   This solution will provide Check Point's entry in the SASE marketspace to compete with solutions like Netskope Private Access and PAN Prisma Access.     Of course, the Checkpoint solution will have unique approach the SASE space with some new innovations.

I'm fairly certain you do NOT need to be existing CloudGuard Connect user to participate in EA of CloudGuard Connector for Users.

The datacenter connection to Guardguard Connect "gateway" is via secure site-to-site IPsec VPN.    Checkpoint supports GRE but recommends IPsec as transport is encrypted (GRE is not encrypted and not recommended).

Cloudguard Connect Admin Guide

You manage the security policy on Cloudguard Connect "gateway" via either (a) Infinity Web portal, or (b) local SmartConsole using add-in. 

How to manage the Access Control Policy of CloudGuard Connect from SmartConsole

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events