Business today is driven by free-flowing information. Corporate data travels through the cloud and mobile
devices and radiates through ideas and posts in social networks. BYOD, mobility and cloud computing have
revolutionized static IT environments, introducing the need for dynamic networks and infrastructures.
But if our IT environment has changed quickly, the threat landscape has changed even faster. The
sophistication and velocity of this evolution is growing exponentially by unleashing new attack types
frequently, combining known and unknown threats, taking advantage of “zero-day” vulnerabilities, and
utilizing hidden malware inside documents, websites, hosts and networks.
In a world with high-demanding IT infrastructures and networks, where perimeters are no longer well defined,
and where threats grow more intelligent every day, we need to define the right way to protect enterprises in the
ever changing threat landscape.
There is a wide proliferation of point security products; however these products tend to be reactive and
tactical in nature rather than architecturally oriented. Today’s corporations need a single architecture that combines high performance network security devices with real-time proactive protections.
A new paradigm is needed to protect organizations proactively.
Software-defined Protection is a new, pragmatic security architecture and methodology. It offers an infrastructure that is modular, agile and most importantly, SECURE.
Such architecture must protect organizations of all sizes at any location: headquarters networks, branch offices, roaming through smartphones or mobile devices, or when using cloud environments.
Protections should automatically adapt to the threat landscape without the need for security administrators to follow up manually on thousands of advisories and recommendations. These protections must integrate seamlessly into the larger IT environment, and the architecture must provide a defensive posture that collaboratively leverages both internal and external intelligent sources.
The Software Defined Protection (SDP) architecture partitions the security infrastructure into
three interconnected layers:
• An Enforcement Layer that is based on physical, virtual and host-based security enforcement points
and that segments the network as well as executes the protection logic in high-demand environments.
• A Control Layer that analyzes different sources of threat information and generates protections and
policies to be executed by the Enforcement Layer.
• A Management Layer that orchestrates the infrastructure and brings the highest degree of agility to the entire architecture.
devices and radiates through ideas and posts in social networks. BYOD, mobility and cloud computing have
revolutionized static IT environments, introducing the need for dynamic networks and infrastructures.
But if our IT environment has changed quickly, the threat landscape has changed even faster. The
sophistication and velocity of this evolution is growing exponentially by unleashing new attack types
frequently, combining known and unknown threats, taking advantage of “zero-day” vulnerabilities, and
utilizing hidden malware inside documents, websites, hosts and networks.
In a world with high-demanding IT infrastructures and networks, where perimeters are no longer well defined,
and where threats grow more intelligent every day, we need to define the right way to protect enterprises in the
ever changing threat landscape.
There is a wide proliferation of point security products; however these products tend to be reactive and
tactical in nature rather than architecturally oriented. Today’s corporations need a single architecture that combines high performance network security devices with real-time proactive protections.
A new paradigm is needed to protect organizations proactively.
Software-defined Protection is a new, pragmatic security architecture and methodology. It offers an infrastructure that is modular, agile and most importantly, SECURE.
Such architecture must protect organizations of all sizes at any location: headquarters networks, branch offices, roaming through smartphones or mobile devices, or when using cloud environments.
Protections should automatically adapt to the threat landscape without the need for security administrators to follow up manually on thousands of advisories and recommendations. These protections must integrate seamlessly into the larger IT environment, and the architecture must provide a defensive posture that collaboratively leverages both internal and external intelligent sources.
The Software Defined Protection (SDP) architecture partitions the security infrastructure into
three interconnected layers:
• An Enforcement Layer that is based on physical, virtual and host-based security enforcement points
and that segments the network as well as executes the protection logic in high-demand environments.
• A Control Layer that analyzes different sources of threat information and generates protections and
policies to be executed by the Enforcement Layer.
• A Management Layer that orchestrates the infrastructure and brings the highest degree of agility to the entire architecture.
