使用 Check Point Cloudguard Connect 保护虚拟中心的安全Secure virtual hubs using Check Point Cloudguard Connect

Check Point CloudGuard Connect 是 Azure 防火墙管理器中信任的安全合作伙伴。Check Point CloudGuard Connect is a Trusted Security Partner in Azure Firewall Manager. 它使用高级威胁防护来保护从全球分布的分支机构到 Internet (B2I) 的连接或从虚拟网络到 Internet (V2I) 的连接。It protects globally distributed branch office to Internet (B2I) or virtual network to Internet (V2I) connections with advanced threat prevention.

使用 Azure 防火墙管理器中的简单配置,可以通过 CloudGuard Connect 安全即服务 (SECaaS) 将分支中心连接和虚拟网络连接路由到 Internet。With a simple configuration in Azure Firewall Manager, you can route branch hub and virtual network connections to the Internet through the CloudGuard Connect security as a service (SECaaS). 在 IPsec VPN 隧道中,流量在从中心传输到 Check Point 云服务时受到保护。Traffic is protected in transit from your hub to the Check Point cloud service in IPsec VPN tunnels.

在 Check Point 门户中启用自动同步时,任何在 Azure 门户中标记为“受保护”的资源都会自动受到保护。When you enable auto-sync in the Check Point portal, any resource marked as secured in the Azure portal is automatically secured. 你无需两次管理资产。You don't have to manage your assets twice. 只需选择在 Azure 门户中保护它们一次即可。You simply choose to secure them once in the Azure portal.

Check Point 将多个安全服务统一在一起。Check Point unifies multiple security services under one umbrella. 集成的安全流量会被解密一次,并在单次传递中受到检查。Integrated security traffic is decrypted once and inspected in a single pass. 应用程序控制、URL 筛选和内容感知 (DLP) 强制实施安全的 Web 使用并保护你的数据。Application Control, URL Filtering, and Content Awareness (DLP) enforce safe web use and protect your data. IPS 和防病毒功能保护用户免受已知的网络攻击。IPS and Antivirus protect users from known network exploits. Anti-Bot 阻止与命令和控制服务器的连接,并在主机被感染时向你发出警报。Anti-Bot blocks connections to Command and Control servers and alerts you if a host is infected.

威胁模拟(沙盒)保护用户免受未知威胁和零日威胁。Threat Emulation (sandboxing) protects users from unknown and zero-day threats. Check Point SandBlast 零日防护是一种云托管的沙盒技术,可以快速隔离和检查文件。Check Point SandBlast Zero-Day Protection is a cloud-hosted sand-boxing technology where files are quickly quarantined and inspected. 它在虚拟沙盒中运行,在恶意行为进入网络之前发现恶意行为。It runs in a virtual sandbox to discover malicious behavior before it enters your network. 它在破坏发生之前阻止威胁,以节省员工响应威胁的宝贵时间。It prevents threats before the damage is done to save staff valuable time responding to threats.

后续步骤Next steps