Welcome to Check Point Jump Start training series. Check Point CloudGuard is a suite of products and solutions that can secure your data and virtual networks in the Cloud. In this training video series, we'll be looking at CloudGuard posture management. In this training module, we're going to break down and learn what is posture management, why you need a posture management solution. I'm going to demonstrate how the CloudGuard security posture management solution can be used to secure your assets in the Cloud. At the end of this training module, you will understand what is CloudGuard posture management, why it is the best Cloud security solution in the industry, and also what makes us the global leader in Cloud protection, and why Check Point CloudGuard should be your solution of choice. My name is Manuel Joaquim, and I will be your technical trainer for this training module. Before watching this video, make sure that you have watched the first video in this training series, The CloudGuard Network Security, because in this video, we'll build on that knowledge. Let's get started. At first take a look at the agenda of this training video. We're going to break this training video into four separate lessons. Each lesson will be a separate training video. Let's start with our first lesson, lesson 1, what is posture management? We'll start our first discussion with a network analogy. This network analogy hopefully will help us clarify the difference between what is Cloud security and what is posture management, and the main goal being why you need a posture management solution. In the second lesson, we're going to discuss what are the Cloud security challenges. We're going to break down what are some of the security challenges and concerns when moving your assets into the Cloud? In lesson 3, we're going to dive into the core of this video. We're going to discuss what is Check Point Cloud security posture management solution, which we call the CloudGuard posture management. How this revolutionary solution addresses the Cloud security concerns and helps organizations to secure their Cloud and multi-Cloud environments. Finally, in our fourth lesson, we're going to discuss how it all functions. We're going to break down how the architecture works and demonstrate how to get started. Now, let's get started with our first lesson, what is posture management. In the previous CloudGuard security video in this training series, we mentioned that CloudGuard is not just one product, but a suite of products that can help you secure your Cloud environments. We have a few product solutions in this category to help organizations secure their Cloud infrastructures. We have the CloudGuard network security product, formerly called CloudGuard IaaS. In the previous video, we discussed how this product is used not only to control access at the perimeter of your Cloud, but also to prevent infections of your Cloud infrastructure, be it either a public Cloud or a private Cloud. Now we have the CloudGuard posture management solution, formerly called Dome 9. This is the focus of this current training video. I'm going to explain and demonstrate that this not only is a security assessment solution, but it is much more. We also have the CloudGuard Cloud Intelligence and Threat Hunting, formerly called Logic. It's a Cloud analytics tool. It helps you assess your traffic flow and identify any vulnerabilities or intrusions on your Cloud. We have the CloudGuard Workload, formerly called Protego. This solution is used to protect your code that is running in your Cloud: your container code, your serverless function code, your open source code. It helps you make sure that whatever code you develop and deploy into the Cloud, that the code is hygienic, meaning it has been scanned, cleaned, secured, and protected from any vulnerabilities. We also have the CloudGuard WAAP, Web Application and API protection. This solution is used to protect your web applications and programs. It uses machine learning to predict user and application behavior based on history, and it builds an essential rating assessment and will block anything outside this norm. All of these products can be used independently to secure your cloud infrastructure. But ultimately, if you combine them together, you'll get the most and optimal Cloud security solution. In the previous video, CloudGuard Network Security, we talked about Cloud security, and this refers to network security of your Cloud. Cloud security is about access control, which means to secure the access to your Cloud assets like, what access is allowed, to which resources, to which virtual networks, and to which workloads, and also to which applications? But now I want to talk about posture management. What exactly is posture management? Posture management is about the visibility to your Cloud assets. It's also about compliance on those assets and resources. Posture management is a tool that helps you map and build a diagram of your network infrastructure. It's like a window into your Cloud landscape to help you assess, and identify, and control who has or who should not have access to those assets and to those resources. Let's use an analogy to help clarify the differences. I like to think about network security and compare it to airport security. Network security, just like airport security, is about access control. It's about who is allowed in and out of the airport. We have many layers and levels of access control. We have external access control and we also have internal access control. External access control refers to the access to the airport property, the aircraft, the airfields, and the control towers. We also have the airport crew, the traffic control personnel, and others that need access to the airfields like the catering staff, the cleaning staff, security teams, and firefighters, and also maintenance, and fueling companies. We also have internal airport security access. We have the general public access areas, the screening of passengers and travelers, the waiting and boarding areas, and we also have the baggage handlers, airline crew, the security personnel, like the police officers, and the custom, and control border agents. We might need to keep them segmented and at separate containment areas. But we also have common areas like the lounge areas, the merchandise shops, and the food courts. We have many people that need access to one or more of these areas. In addition, we also have personnel that need to have access to highly restricted areas and also prohibited areas. Depending on the access level, access permissions and authorization privileges, they will need to identify themselves with identity cards like passports, keys, magnetic cards, and biometric solutions. As you can see, airport security is highly complex. But here we're mostly talking about access control and access permissions. Who should have access? What access do they have? Where do they have the access to? Network security, just like airport security, is remarkably sophisticated and highly complex. Posture management, on the other hand, is about the visibility and identification of who has the keys. Who accessed the restricted areas? How did they access it? What permissions did they have? Did they abuse those permissions? Did the public or passengers have access to restrictive or prohibitive areas? What areas should be closed off to the general public? Did passengers or travelers access restricted or roped-off areas? How did they access it? Was is by an accident, or was it a mistake? Did someone leave the door open? Did the door jam? Was the lock broken? Did someone call in sick? Did someone replace them, and who replaced them? What is their security level? Have they passed any background checks? Posture management is about an assessment of your security landscape. Posture management tools are about presenting techniques and putting measures in place to help you simplify, and automate, and enforce security best practices. To help you identify and analyze what is secure, and what is not secure, and what other security measures and countermeasures need to be taken to secure the landscape. Do we need more road barriers, gates, guard rails, or door alarms, fire alarms, or cameras? Do we need to improve screening techniques? How about increasing and training staff? Do we need K-9 or bomb squads to boost security? Do we need to put up more barriers or barricades to restrict access to certain people and to certain areas. In posture management, we're not just talking about visibility and security, but also about compliance. We also need to make sure that we're following federal regulations, and transportation codes, and also airline industry standards and protocols. We need to make sure that there is no crime, or potential of crime, or any other issues that can lead to abuse or threats including harassment, sabotage, and terrorism. As you can see, airport security is highly sophisticated. Now let's drop this analogy and let's get back to Cloud networking. Network security is also very complicated. When you combine both network security and then add Cloud security on top of it into the mixture, then it becomes highly complex to monitor and to manage. Traditional network monitoring tools do not scale well to Cloud adoption. The Cloud is dynamic, the Cloud is elastic, the Cloud is public, and so traditional networking checks will fail within the Cloud. So you need new and improved tools to monitor and manage your Cloud or multi-Cloud infrastructures. Let's take a look at this from a different angle. Let's first take a moment to recap and digest what we have covered so far. If you have followed me from the beginning in the streaming journey, we started out with CloudGuard Network Security video series. Now we have configured our cloud or our multi cloud with CloudGuard Network Security. Now we have all of our assets that had been lifted and shifted into the Cloud. We also have configured our CloudGuard gateways at the perimeter of our Cloud infrastructure. We also have configured our north and south bound hubs and also implemented east and west segmentation across all of our clouds, and multi-cloud environments. Everything is configured and working appropriately, or is it? Hate to burst your bubble just yet. How do we know that we have not misconfigured an asset? How do we know that we did not assign inappropriate access or grant improper authorization? How do we know that we have not unintentionally left a vulnerability or backdoor open? How do we know that someone else did not either mistakenly or unintentionally or even deliberately, for that matter? Are we confident on that fact? How confident are we? Do we have the confidence and peace of mind that all of our assets in the Cloud are secure. This is where Posture Management comes into the picture. Posture Management is not just about monitoring your cloud but also about managing your Cloud. We can break down Posture Management into four main core tasks. Inventory, Visibility, Compliance, and Security. Inventory; this refers to obtaining a complete list of all your Cloud assets. This is the classification and cataloging of all your Cloud resources. Here we're keeping a full index of all your Cloud estate in one centralized location. Visibility; this refers to an outline and mapping, and the visualization of all your Cloud assets. Meaning, where are all the assets located? In other words, what assets are publicly accessible? What is a level of exposure that your assets have to the internet? Compliance; this refers to the industries regulation standards and best practices. Are we compliant? What are the risks and threats that are not being enforced? What is being enforced? Are there any risks or potential threats and vulnerabilities that we are exposed to. This helps give us a threat, and risk assessment of our overall Cloud Security Posture. Security; this refers to Cloud Security. We need a consistent observation of all the connections and links between all our virtual networks, and between all the virtual machines. We need this in real-time. Again, these are the four main tasks that we have. Inventory, visibility, compliance, and security. There are a few other differentiators, and strong distinctions when it comes to our own CloudGuard Posture Management solution. We'll get to more specifics later. For now, I wanted to highlight and break this down into the four main core tasks that Posture Management solution does, so that we can get a better understanding of what is Posture Management, and why it is needed to get your Cloud secure? Now, that brings us to the end of this lesson. Let's quickly recap before exiting this video. In this video, I wanted to introduce you to what is Posture Management solution. Posture Management refers to a set of tools and techniques to give you an overall security assessment of your network. Posture Management is about monitoring and management of your assets. Posture Management is about enforcing security guidelines. Because using traditional security approach to networking is not applicable to the Cloud environments. The traditional security tools are not flexible enough to meet the highly dynamic nature of the Cloud. CloudGuard Posture Management is a revolutionary approach to Posture Management, specifically designed for the cloud. That's why CloudGuard Posture Management was designed and written to fund the ground up. From the beginning, it was designed for the cloud. We also mentioned that your Posture Management solution needs to address four core tasks. Inventory; the list of your assets. Visibility; where are your assets located? Compliance; how compliant are your assets to industry regulations and security? Are your networks and links and workloads and your perimeter access secure? That's the end of this video. In the next lesson, we'll talk about Cloud security challenges, and how Posture Management can help address these challenges. I'll see you there.
