Welcome to Check Point Jump Start training series. Check Point CloudGuard is a suite of products and solutions that can secure your data and virtual networks in the Cloud. In this training video series, we'll be looking at CloudGuard Posture Management. In Lesson 3, we talked about what are some of the Cloud security challenges that customers face when moving their assets into the Cloud. We mentioned that Check Point CloudGuard Posture Management is a solution helping customers address security and assess risks in their cloud infrastructures. CloudGuard Security Posture Management is a solution to help organizations protect their cloud assets and to stay compliant and up to date with regulations and industry standards. CloudGuard Security Posture Management helps customers make sure that their cloud environments are as secure as can be. CloudGuard Security Posture Management is a proactive security solution. We also talked about some of the key features that are built into CloudGuard Posture Management Solution. We mentioned how it supports multi-Cloud platforms with more Cloud vendor support on the way. It has over,2400 built-in security best practice rules, the most in the industry. We mentioned that your Cloud workload deployments can be assessed with a simple click of a button. We also support over 50 major compliance frameworks to help you make sure that your Cloud is always secure and compliant. It also offers identity protection and also tamper protection. We also offer auto-remediation with GSL scripting language and also the open-source CloudBots. Lesson 4, how does CloudGuard Posture Management work? Our fourth and final lesson in this lecture. In Lesson 4, we're going to discuss how CloudGuard Posture Management works under the hood. I'm going to show you how CloudGuard Posture Management integrates with your own Cloud solution. Now let's discuss how CloudGuard Posture Management works. The CloudGuard Posture Management is a SaaS solution, Security as a Service Solution from Check Point. When you purchase this product, you are basically getting a subscription account into Check Point's CloudGuard Posture Management Solution. Everything is hosted and running in the Cloud in Check Point's Cloud services that are SaaS services hosted in various Cloud providers around the world. All the data is consumed over Cloud APIs, meaning that other requests and other replies are being sent back and forth from your Cloud to Check Point's CloudGuard Posture Management solution over these Cloud API protocols. You need to connect to the Check Point SaaS servers using a web browser. After you log in with your credentials, you will be presented with the main page, what we call the CloudGuard Console page. We also call this the CloudGuard Native Console since it's the launching point for most of the CloudGuard products. The CloudGuard Console allows you to see what you are protecting. The main landing page is called the dashboard. The dashboard page can be 100 percent customizable and will give you a single pane of glass for everything across all your workloads, across all your Cloud. The first time you connect, all the metrics and stats will be blank, and so the first thing you need to do is connect the CloudGuard Console to your Cloud accounts. This is what we call onboarding. Onboarding is the process of connecting your CloudGuard Posture Management solution subscription to your very own Cloud services that are hosted by your Cloud service provider. You can onboard one Cloud account or multiple Cloud accounts, or you can onboard one Cloud service provider or multiple Cloud service providers. Onboarding essentially means that you're adding your Cloud vendor accounts into the Check Point CloudGuard Posture Management solution. The process of onboarding varies from service provider to service provider, but the process is pretty straightforward and secure. Once the onboarding has been completed, then all your Cloud provider assets will start to populate into your CloudGuard subscription. Then you'll start to be able to see them appear in your CloudGuard console. It usually takes a few moments until all your assets will become visible in the CloudGuard console. That really depends on how big your Cloud provider account is, and how many accounts you are onboarding and how many Cloud providers you onboard. As an example, onboarding an AWS account will contain over 150 API calls that populates the CloudGuard console with all the workloads and assets that are stored in your AWS account. But once the onboarding process has been completed, then you don't need to do it anymore. You only need to onboard your accounts one time. The next time you log in to the CloudGuard console, you will be able to see all your cloud assets that were gathered during the onboarding process. Now, it's important to state that your data is not visible within the CloudGuard console, only the metadata will be accessed, meaning that all your database data will not be visible or even accessible within the CloudGuard console. So the onboarding process does not collect your personal data that is hosted by your cloud provider, but only the metadata. This means that only your assets will be visible in the CloudGuard console. You will be able to see what workloads have been configured, how many workloads, in what subnets, in what regions, and in what availability zones. You will be able to see that the total amount of workloads that have been created in the Cloud, in which Clouds, on what accounts, and also how many load balancers, and on which virtual networks, and so on. Only this metadata will be visible in a CloudGuard console. None of your personal data or your database data will be visible in the CloudGuard console. Now, let's discuss a little bit in how it works. The CloudGuard posture management uses native cloud API calls. It's an agentless solution. There is really no software that you need to install or any agent that you need to manage. This can be quickly set up in under five minutes. You just need to connect to the CloudGuard Security Posture Management Service and then you need to authenticate to your cloud infrastructure, your single Cloud, your multi-clouds, your single accounts, your multiple accounts, and then the CloudGuard Console session will start making API calls to view all the assets from your onboarded Clouds, your onboarded accounts, your onboarded regions. Then the cloud service provider will reply what API replies which populates the CloudGuard console. This information will enrich all of your data, what we call high fidelity. You will be able to see all your asset information, which is a nicely contained and a highly organized enrichment of your data. There are two main modes of operation in which you can configure your CloudGuard when onboarding a cloud account. We offer two modes of operation, a monitor mode and a full-protection mode, which are read-only and read-write modes, respectively. The monitor mode is a read-only solution. You cannot make any changes, you can only view the details of your cloud assets. This read-only mode will monitor all your cloud accounts looking for changes and providing you with alerts. On the other hand, the full-protection mode is a read-write mode which allows you to view and also make changes. This mode also supports the tamper protection and regional logs that we talked about. In this mode, you can make API calls to delete, add, and change your cloud assets, their properties, or their configurations. Ninety-five percent of the functionality with CloudGuard only requires read access, and most customers begin with read-only mode and they can easily upgrade to read-write at a later time if they so choose. Then from here, you'll have full visibility into your cloud assets. That brings us to the end of Lesson 4. In this video, we discussed that CloudGuard Posture Management is a checkpoint SaaS solution. It's an agentless solution, meaning that no software or client, agent, needs to be installed. All you need is a PC, with a browser. Once you have purchased the CloudGuard Posture Management solution, all you need to do is log in to your account using the CloudGuard native console, which is a web browser. Then the first step you need to do is onboard your accounts from your cloud or multi-clouds if you have them. It then uses API protocols to call the clouds, metadata, and requests. Once you've onboarded all your cloud accounts, the CloudGuard native console will start populating with all your cloud assets. After that, any changes in your cloud will be incrementally refreshed in your cloud console within certain time intervals depending on what assets have been added, deleted, or edited. That completes our fourth lesson and that brings us to the end of this video. It's also the end of this training module. I have one more bonus module, which is the whole training video summarization. I will see you there.
