Amazon Web Services Adds Cloud-Based Check Point Security Gateways

Under a new partnership, Amazon Web Services customers have Check Point Software Technologies' virtual security appliances built into their customized cloud environments.

Check Point Software Technologies has partnered with Amazon to bring virtual security appliances to its Amazon Web Services.

AWS customers will be able to manage Check Point's virtual security gateways from the centralized management dashboard to apply security policies to the cloud infrastructure, Check Point announced Jan. 4. Virtual Appliance for Amazon Web Services offers customers access to more than 30 security applications, including a firewall, virtual private network, URL filtering, application control, intrusion prevention, mobile access, data loss prevention, antivirus and others, the company said.

The virtual appliance looks just like an on-premise appliance within the Check Point management dashboard, Fred Kost, head of product marketing at Check Point, told eWEEK. Customers who are used to the dashboard and have been trained on Check Point's security gateways will have no trouble switching to the cloud because the security layer will remain consistent, Kost said.

The virtual appliance is running the "same gateway code and has the same management capabilities," such as unified logs and reporting, as the physical boxes, said Kost.

With this partnership, Check Point customers would be able to apply security policies to protect applications and data stored in the public cloud on Amazon's infrastructure in the same way it would have protected data on-premises. Amazon built into the platform some security features that are available to everyone but rely on a "shared-responsibility security model" to encourage customers to run security products that fit their requirements, according to Stephen Schmidt, chief information security officer at Amazon Web Services.

Customers bring their own applications onto Amazon's cloud infrastructure, and can use Check Point's line of virtual appliances to add their own layers of security on top of what is already in place, Kost said. The customer picks and chooses between more than 30 software "blades," or security applications, in order to create the level of security they require.

IT departments can "enforce a consistent security policy across the organization," Kost said.

"Security gateways in cloud environments are equally as important as they are in on-premise locations; therefore, unifying their policies and reporting capabilities in a centralized way is critical to ensuring both the security and compliance mandates of enterprises worldwide," said Lawrence Pingree, research director at Gartner.

For organizations interested in cloud security, they often run the security tool within a single machine instance and have to manage them all independently. Since Check Point's gateway appliance software runs on a machine running the Check Point operating system, the engineers worked with Amazon to tweak the installation process, according to Kost. Amazon created a special machine image that accommodated the gateway appliance, he said. Customers have to present to Amazon a valid Check Point license, specifically for use in the Amazon cloud before receiving access to the virtual appliance.

Customers simply click on the appliance to enable the blades in the cloud environment, making it fast and easy to deploy.

Customers pay according to the number of software blades they need. Pricing for a Virtual Appliance for Amazon Web Services license starts at $2,000.