Check Point Software and NVIDIA Partner to Secure the Datacenter with Infinity Next

Infinity Next Nano Agent Security integrated with NVIDIA SmartNICs with Bluefield-2 DPUs

By Russ Schafer, Head of Product Marketing, Security Platforms

As enterprises become more distributed with the hybrid cloud, artificial intelligence (AI), edge computing and remote workers, the attack surface for cyber criminals has expanded as well. To keep up with demand while staying secure, enterprises need to accelerate data and security throughput by distributing the processing closer to the edge. It all starts with the data center servers that are processing the rapidly increasing volume of application data.

Check Point has partnered with NVIDIA to establish a distributed model of security processing by integrating Infinity Next Nano Agent Security into NVIDIA Smart Network Interface Cards (NICs) with Bluefield-2 Data Processing Units (DPUs). This moves the security processing out of the server central processing unit (CPU) to a specialized processor called a Data Processing Unit on the Network Interface Card (NIC). That means that the security processing is now closer to the edge leaving the CPU to process the application data, speeding up overall server throughput.   Let’s break down the two solution components:  Check Point Infinity Next Security and the NVIDIA SmartNIC with Bluefield-2 DPU.

“Infinity NEXT is the only consolidated security platform that supports many types of assets across network, endpoint, mobile, cloud, workloads and IoT, providing the highest level of security,” said Oded Gonda, Vice President of Technology & Innovation at Check Point Software Technologies. “Deploying a cloud-centric, lightweight, nano-agent technology onto the NVIDIA DPU, Check Point Infinity NEXT provides in-depth security within assets and workloads to ensure that the latest security is delivered anywhere without requiring any upgrades.”

Infinity Next Platform and Nano Agents Accelerate Security in the Data Center and at the Edge

Infinity Next is an innovative cloud security platform that delivers the power of Check Point technology via nano agents that can be deployed on over 50 types of assets across network, endpoint, mobile, cloud, workloads and IoT. With central security management and a DevOps friendly deployment model, Check Point high performance cloud security services include access control, zero trust segmentation, advanced threat prevention, data and identity protection, compliance, web and API protection, and more. Whether it’s a VM, container, endpoint or IOT device, it can be secured by a Check Point Nano Agent ™.

Infinity Next Nano Agents integrated with NVIDIA Smart NICs (NICs) with Bluefield-2 DPUs.

By combining Check Point Infinity Next Nano Agents with NVIDIA Smart Network Interface Cards (NICs) and Bluefield-2 DPUs, enterprises get a comprehensive security solution to protect them against the most sophisticated 6th generation cyber threats.  The ability to incorporate a complete enterprise-grade security stack on a network card moves security closer to the edge providing the flexibility to support a range of security use cases.  Enterprise data centers can implement true zero trust with micro-segmentation to protect against east west traffic attacks. For more distributed enterprises, Check Point Nano Agents ™ can be deployed at the edge on IoT devices, Retail Point of Sale (POS) terminals and Bank ATMs.

Combining Infinity Nano Agents with SmartNICS with DPU’s sound great, but how does it all work?

  • Check Point Infinity Nano Agents are small pieces of automatically updateable software.
    • They are dynamically installed by analyzing the environment and
      downloading the right software and the required configured policy
  • Check Point Nano Agent is added to the NVIDIA BlueField-2 DPUs Enterprise Server Network Interface Card
    • Provides Micro-Segmentation to the Server without consuming precious Server resources. It is using the network card DPU resources to do the computation.
  • The Nano Agent obtains a security Policy and updates from a Fog (local policy and log server) deployed in the Cloud.
  • The Nano Agent sends security logs and telemetry to the Fog.
  • Policy management can be done via a Web User Interface or RESTful APIs by the customer DevOps teams
  • Software Updates for the Nano Agent are automatic and doesn’t require any manual process

Request a demo for more information on Infinity Next or Nano Agents for NVIDIA’s SmartNICs and NVIDIA BlueField-2 DPUs.