Check Point CloudGuard Edge
Securely Connect Your Branch Office to the Cloud
Check Point CloudGuard Edge
Contact us for Pricing!
Get a Quote
- Lightweight VM designed for WAN Edge
- 1 GB of memory, 1 GB of disk, 1 CPU core
- Automated sites on-boarding
- Cloud and Enterprise management options
- Support inbound and outbound traffic inspection
- Maintain privacy and compliance
Overview:
Connecting branches directly to the cloud significantly increases security risks. Branches need to protect themselves against sophisticated Gen V cyber attacks.
CloudGuard Edge protects branch offices on-premise with top-rated Threat Prevention, that can be deployed in minutes, and be managed by a unified threat prevention and access platform.
Cyber criminals are getting smarter, leveraging highly sophisticated attacks, and adapting their tactics to exploit any weakness to ultimately achieve their goals. How do you secure branch offices that are at remote locations and are not staffed by the same IT or security experts that you have at your headquarters site?
Large organizations need a branch office security solution that is affordable, agile, and manageable at scale to close the branch office security gap.
Product Benefits
- Lightweight VM designed for WAN Edge
- 1 GB of memory, 1 GB of disk, 1 CPU core
- Automated sites on-boarding
- Cloud and Enterprise management options
- Support inbound and outbound traffic inspection
- Maintain privacy and compliance
For enterprises that require on-premise branch office security for data privacy, compliance, or location requirements, CloudGuard Edge can run as a virtual machine (VM) on SD-WAN or universal Customer Premise Equipment (uCPE) devices
Secure
Top-rated threat prevention with 100% cyber attack catch rate
Flexible
Five-minutes to protect your SD-WAN on the Cloud or On-Premises
Efficient
Unified security architecture reduces OpEx costs up to 40% and CapEx by 20%
Solution
CloudGuard Edge is a small footprint virtual security gateway with advanced threat prevention that can be centrally deployed and managed within minutes, making it an ideal security solution for branch offices. CloudGuard Edge integrates with leading branch office network vendors to provide comprehensive threat-prevention security, zero-day protection, agile delivery, management and automation across Softwaredefined WAN (SD-WAN) and uCPE deployments.
Companies with large numbers of remote branch offices get industry-leading protection, accelerated delivery of new services, and reduced operating and capital expense costs. Customers have full control of security policy and data, satisfying privacy and regulation requirements.
Secure Branch Offices On-Premise
Secures incoming and outgoing connections, maintain privacy and compliance
- Zero-touch automates on-boarding sites
- Cloud or enterprise management options
- Maintain privacy and compliance
- Integrated with an on-premise SD-WAN edge
- Lightweight embedded VM with 1 Core, 1GB RAM, 1 GB disk
- Seamless integration with VMware SD-WAN Edge devices
CloudGuard Edge
Secure SD-WAN On-Premise
Secure Branch Offices On-Premise
- Seamless integration with VMware SD-WAN Edge devices
- One-Click Activation of Check Point CloudGuard Edge transparent on all branches
Always Up to Date Advanced Threat Prevention for Branch
Offices
- Continuously up to date with the latest Threat Prevention
- Top-rated Threat Prevention
- Protects from the latest Zero-Day and Gen V cyber attacks
- Leverages real-time Threat Intelligence
Automated Orchestrations Enables Setup in 5 Minutes
- Central orchestrator management of the entire infrastructure
- Quickly enable security at hundreds of branch locations
- API integration facilitates deployment
Always Up to Data Advanced Threat Prevention for Branch
Offices
- Out of the box security profile and easy to use web based management
- R80 integration enables central management of security policy across all locations
- Unified view of threat landscape and security policy from one single console
- Real-time updates on the latest Zero-Day and Gen V cyber attacks through ThreatCloud
- Unified with Check Point Infinity reducing operational expenses up to 40%
Features:
Virtual FirewallCloudGuard Edge is a lightweight virtual image of the Check Point Branch Office Security Gateway. It’s a small footprint, requiring only 1 GB of memory, 1 GB of disk storage and 1 CPU core. Power on the virtual security gateway and within a minute, your branch office is protected.
Check Point Advanced Threat PreventionCheck Point provides organizations of all sizes with integrated, advanced threat prevention, reducing complexity and lowering the total cost of ownership. Check Point security products protects SaaS, IaaS and now branch office assets from sophisticated threats with dynamic scalability, intelligent provisioning and consistent control across physical and virtual networks.
Unlike other solutions that only detect threats, Check Point prevents threats. Check Point SandBlast Zero-Day Protection is a cloud-hosted sandboxing technology where files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. Malware is detected during the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox.
This innovative solution combines cloud-hosted CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits, and zero-day and targeted attacks.
The Check Point solution also includes Application Control and URL Filtering to enforce safe web use. IPS, Anti-Bot and Antivirus protect from known threats. HTTPS inspection safeguards from threats trying to hide inside encrypted HTTPS channels. Furthermore, Check Point is a fully consolidated and connected cyber security architecture protecting on premises, cloud and branch networks as well as endpoint and mobile devices from advanced persistent threats. Threats identified on one device can be automatically propagated as an IoC (Indicator of Compromise) to protect your branch, mobile and cloud-hosted assets from the same zero-day threat.
Central ManagementCustomers also have two central management options; cloud-hosted Security Management Portal (SMP) and R80 Security Management. Cloud-hosted Security Management Portal (SMP) streamlines provisioning, maintenance and security policy and event management of tens of thousands of devices. Automating firmware updates and backups and setting security policy plans for common groups of CloudGuard Edge virtual security gateways greatly simplifies security management. CloudGuard Edge sends security logs to the SMP’s central log repository. With the pre-defined central reports customers can easily see Infected Hosts, Prevented Attacks, Detected Attacks and Attack Trends.
The other management option is the Check Point enterprise R80 Security Management product, the same product that manages Check Point integrated Next-Generation Threat Prevention security gateways on-premises at headquarters and in public and private clouds. This option leverages existing security management infrastructure and provides more granular security policy control. Bringing CloudGuard Edge security logs into Check Point SmartEvent along with security events from other Check Point security gateways, endpoint and mobile devices greatly simplifies threat management. The pre-defined views and reporting highlight the most important events, reducing response times.
Integration with SD-WAN
CloudGuard Edge security gateways are deployed through the SD-WAN management console. This tight integration reduces deployment time, effort, and costs. When CloudGuard Edge is deployed on SD-WAN or uCPE equipment, the CloudGuard Edge virtual security gateway is configured, automatically connected and ready to be centrally managed and monitored by the customer’s domain in cloud-hosted SMP or the headquarters R80 Security Management.
Optimize WAN Security
CloudGuard Edge has been fully tested and integrates with leading SD-WAN and uCPE equipment vendors as well as cloudhosted services offered by carriers and Managed Security Service Providers. Application security policies are defined once and programmed to all sites in contrast to the branch firewall security model requiring device-by-device management. Centralized management not only reduces the time to deploy and IT resource costs but also provides more consistent policies, reducing risk across the enterprise.
Specifications:
Minimum System Requirements | |||||
Memory | 1 GB | ||||
CPU | 1 Core | ||||
Disk | 1 GB | ||||
Software | |||||
Security | Firewall, VPN, User Awareness, QoS, Application Control, URL Filtering, IPS, Anti-Bot, Antivirus and SandBlast Threat Emulation (sandboxing) | ||||
Performance | |||||
VMware SD-WAN | Edge 520v | Edge 620 | Edge 640 | Edge 680 | Edge 840 |
Threat Prevention | 100 Mbps | 100 Mbps | 350 Mbps | 500 Mbps | 550 Mbps |
Management | |||||
Cloud-hosted | Security Management Portal (SMP) | ||||
On-premises management | R80.20 or higher | ||||
Branch Edge Device | |||||
VMware SD-WAN | Edge 520v, 620, 640, 680, 840 | ||||
Cisco Enterprise VNF | ENCS 5104, ENCS 5412 | ||||
Citrix SD-WAN | 1100 |
1 the expected additional latency for a branch in the same CloudGuard Connect region
Video:
Protect your Branch SD-WAN Cloud Connection from Cyber Attacks
Learn how to protect your SD-WAN with top-rated threat prevention, OpEx savings up to 40%, and flexibility to deploy in minutes with SD-WAN partners VMware and Silver Peak.
Documentation:
Download the Check Point Cloudguard Edge Datasheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.