Check Point and BackBox Integrated Network Security Solution
Trusted Network and Security Device Automation
Integration Highlights
Automate OS updates and vulnerability patches for Check Point devices across your network in a timely manner, to prevent exposure to known vulnerabilities. This includes automating multistep updates and support for older devices.
Automate backup of Check Point NGFWs and other security devices. Each backup is validated to ensure its integrity and can be restored with a single click. Backups and restores become so simple, they can easily be incorporated into any potentially destructive automation for rapid recovery.Easily restore Check Point NGFWs configuration with ‘single-click’ disaster recovery to minimize downtime.
Backups can be stored off-site and encrypted with a longer history of backups saved to help with troubleshooting or in the event of an undetected vulnerability.
Fully support CIS Benchmark compliance out-of-the-box, including an initial gap-analysis, ongoing automated configuration audit, drift prevention, reporting, and optional automated remediation.
Ensure your CMDB is always up-to-date and that security vulnerabilities don’t go undetected with Dynamic Inventory capabilities.
The Challenge
Modern enterprise-class networks are incredibly complex and require constant changes to
maximize uptime and minimize vulnerabilities. This complexity is exacerbated by the pace of change within networks to support new applications and services for businesses and their customers. Manual configuration of all network and security devices to ensure business continuity can often be difficult, time-consuming, and prone to human error.
In fact, 92% of our customers say they face more updates to their networks than they can accomplish.
Network and security devices require constant OS updates, patches, and configuration changes to protect from vulnerabilities. Failure to perform these updates in a timely manner exposes the network to security threats and the potential for costly downtime. Similarly, in the absence of regular backups, which often happens when backups are complex to perform or require manual steps, networks experience slower recovery from downtime following outages.
The Solution
To tackle these challenges, organizations need a trusted automation platform that can make repetitive network administration tasks efficient and reliable, that works with existing network architecture and operations, and scales for both enterprise and MSP deployments.
BackBox delivers such a platform with out- of-the-box capabilities for backup, OS updates, compliance auditing and auto-remediation, Dynamic Inventory Reporting, and closed- loop management of vulnerability patching.
BackBox and Check Point Integrated Solution
The Check Point and BackBox integrated solution provides automated backup and single-click recovery of Check Point NGFWs and other devices, eliminating the need for time-consuming and error-prone manual processes or creating and managing in-house scripts.
The Check Point and BackBox integrated solution provides automated backup and single-click recovery of Check Point NGFWs and other devices.
BackBox Dynamic Inventory collects granular asset information from Check Point NGFWs and other devices and then reports on inventory information, including license information, device model, serial numbers, and more. Inventory information can also be passed along to other systems, like an ITSM or CMDB via the BackBox API.
BackBox can change operating system-level parameters on multiple devices with a single click, providing the ability to delegate administrative tasks to individuals who do not require full policy access which, in turn, minimizes human errors that could lead to costly downtime.
BackBox also provides seamless integration to verify that Check Point devices are configured in alignment with internal and industry security policies and regulations, such as CIS Benchmarks, and can automatically remediate configuration drift.
Benefits Of The Integration
Automated OS updates of Check Point devices to protect from vulnerabilities, even when updates require multiple steps to complete.
Automated, validated backups for Check Point devices.
Single-click restore and disaster recovery.
Validation and automatic remediation of configurations against policies and regulations.
Automated discovery of newly connected Check Point devices for easy asset management.
BackBox Intelligent Network Security Automation
BackBox is the most trusted network automation platform, focused on automating network security and operations at scale for enterprises and Technology Services Partners.
Flexible automation empowers our customers to enhance the health, performance, and security of over 100,000 networks worldwide.
We believe that network automation should be easy and reliable, providing our customers with unprecedented time savings and reduced risk.
Check Point QuantumTM Network Security
Check Point Quantum Next Generation Firewall Security Gateways enable enterprises to deploy the industry leading threat prevention capabilities at all points of their infrastructure, scaling security with Maestro Hyperscale according to their changing business needs. This enables enterprises to prevent even advanced, zero-day attacks before they can disrupt business.
Check Point Maestro brings scale, agility, and elasticity of the cloud on premise with efficient N+1 clustering based on Check Point HyperSync technology, maximizing the capabilities of your existing security gateways. Users can create their own virtualized private-cloud on premise by stacking multiple Check Point security gateways together. Group them by security feature set, policy or the assets they protect and further virtualize them with virtual systems technology.
Use Case 1
CENTRALIZE AND AUTOMATE OS UPDATES AND VULNERABILITY PATCHES
The Challenge:
OS updates and patch management are a critical aspect of maintaining network security. The versions of OS that run on the network infrastructure must be closely managed to ensure continuity of service and remediation of known security vulnerabilities. However manually keeping track of the frequent OS updates and patches of firewalls and other network and security devices is getting more challenging, especially with limited resources.
The Solution:
BackBox offers automated OS updates and patches for Check Point Quantum NGFWs and will do the same for network and security devices from 180 other vendors, all from a centralized location. This eliminates the need to hop from one tool to another to update different devices, saving time and resources. Users can use BackBox to update the OS of Check Point devices alongside hundreds of devices seamlessly, with a single click.
Use Case 2
ENFORCE COMPLIANCE WITH CIS BENCHMARKS
The Challenge:
With configuration updates getting more frequent due to the acceleration of new threats and malicious actors, it is a challenge to ensure all security and network devices, such as firewalls, are up-to-date and compliant with CIS Benchmarks, internal policies, and industry regulations.
The Solution:
Eliminating the need to manually check device configuration for compliance, BackBox provides contextually-aware automation templates that remove the drudgery and reduce risk by validating that a specific configuration for Check Point devices meets best practices, and can automatically remediate those that do not. Rechecks can be scheduled to run daily or at whatever frequency desired. Administrators receive notifications of configuration drift to manually correct or can auto-remediate to bring the organization back into compliance.
Use Case 3
AUTOMATE BACKUPS
The Challenge:
Manual backups for network and security devices like firewalls is time consuming and prone to human error. In addition to security infrastructure, network engineers must perform regular backups on routers, switches, and other network devices from multiple vendors, via multiple different user interfaces, further increasing risk.
The Solution:
Seamless integration between BackBox and Check Point devices enables automated, centralized, and secure backups for all configuration information from Check Point devices and devices from other vendors. This ensures rapid recovery and minimal downtime.